Mirrors/servo
1
0
Fork 0
mirror of https://github.com/servo/servo.git synced 2025-09-01 02:28:21 +01:00
Code Issues Projects Releases Packages Wiki Activity

Check all ancestor navigable trustworthiness for mixed content (#36157)

Browse source 
Propagate through documents a flag that represents if any of the
ancestor navigables has a potentially trustworthy origin.

The "potentially trustworthy origin" concept appears to have gotten
confused in a couple of places and we were instead testing if a URL had
"potentially trustworthy" properties.

The main test for the ancestor navigables is
[mixed-content/nested-iframes](https://github.com/web-platform-tests/wpt/blob/master/mixed-content/nested-iframes.window.js)

---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by
`[X]` when the step is complete, and replace `___` with appropriate
data: -->
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report any errors
- [X] These changes fix #36108 

<!-- Either: -->
- [X] There are tests for these changes

---------

Signed-off-by: Sebastian C <sebsebmc@gmail.com>
This commit is contained in:
Sebastian C 2025-04-05 00:38:24 -05:00 committed by GitHub
parent 478e876f6d
commit 76edcff202
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
84 changed files with 384 additions and 525 deletions
Download patch file Download diff file Expand all files Collapse all files

6
tests/wpt/meta/upgrade-insecure-requests/gen/iframe-blank-inherit.meta/unset/img-tag.https.html.ini vendored Normal file
View file

@ -0,0 +1,6 @@
[img-tag.https.html]
[Upgrade-Insecure-Requests: Expects blocked for img-tag to cross-http-downgrade origin and no-redirect redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects blocked for img-tag to same-http-downgrade origin and no-redirect redirection from https context.]
expected: FAIL