mirror of
https://github.com/servo/servo.git
synced 2025-08-05 13:40:08 +01:00
Run all CSP tests in CI by default. (#36436)
Extending the original set from #36402 since there are additional tests relevant to the work happening in #36409 and #36363. Testing: New tests in CI. Fixes: Part of https://github.com/servo/servo/issues/4577 Signed-off-by: Josh Matthews <josh@joshmatthews.net>
This commit is contained in:
parent
a0730d7154
commit
c16ca22970
509 changed files with 5492 additions and 12 deletions
13
tests/wpt/include.ini
vendored
13
tests/wpt/include.ini
vendored
|
@ -12,18 +12,7 @@ skip: true
|
|||
[samesite]
|
||||
skip: true
|
||||
[content-security-policy]
|
||||
[child-src]
|
||||
skip: false
|
||||
[connect-src]
|
||||
skip: false
|
||||
[default-src]
|
||||
skip: false
|
||||
[securitypolicyviolation]
|
||||
skip: false
|
||||
[unsafe-eval]
|
||||
skip: false
|
||||
[wasm-unsafe-eval]
|
||||
skip: false
|
||||
skip: false
|
||||
[cors]
|
||||
skip: false
|
||||
[css]
|
||||
|
|
7
tests/wpt/meta/content-security-policy/base-uri/base-uri-deny-url-encoded-host.sub.html.ini
vendored
Normal file
7
tests/wpt/meta/content-security-policy/base-uri/base-uri-deny-url-encoded-host.sub.html.ini
vendored
Normal file
|
@ -0,0 +1,7 @@
|
|||
[base-uri-deny-url-encoded-host.sub.html]
|
||||
expected: TIMEOUT
|
||||
[Check that baseURI fires a securitypolicyviolation event when it does not match the csp directive due to a url encoded host character.]
|
||||
expected: NOTRUN
|
||||
|
||||
[Check that the baseURI is not set when it does not match the csp directive]
|
||||
expected: FAIL
|
7
tests/wpt/meta/content-security-policy/base-uri/base-uri-deny.sub.html.ini
vendored
Normal file
7
tests/wpt/meta/content-security-policy/base-uri/base-uri-deny.sub.html.ini
vendored
Normal file
|
@ -0,0 +1,7 @@
|
|||
[base-uri-deny.sub.html]
|
||||
expected: TIMEOUT
|
||||
[Check that baseURI fires a securitypolicyviolation event when it does not match the csp directive]
|
||||
expected: NOTRUN
|
||||
|
||||
[Check that the baseURI is not set when it does not match the csp directive]
|
||||
expected: FAIL
|
7
tests/wpt/meta/content-security-policy/base-uri/base-uri_iframe_sandbox.sub.html.ini
vendored
Normal file
7
tests/wpt/meta/content-security-policy/base-uri/base-uri_iframe_sandbox.sub.html.ini
vendored
Normal file
|
@ -0,0 +1,7 @@
|
|||
[base-uri_iframe_sandbox.sub.html]
|
||||
expected: TIMEOUT
|
||||
[base-uri 'self' works with same-origin sandboxed iframes.]
|
||||
expected: TIMEOUT
|
||||
|
||||
[base-uri 'self' blocks foreign-origin sandboxed iframes.]
|
||||
expected: TIMEOUT
|
|
@ -0,0 +1,10 @@
|
|||
[report-uri-does-not-respect-base-uri.sub.html]
|
||||
expected: TIMEOUT
|
||||
[Test that image does not load]
|
||||
expected: NOTRUN
|
||||
|
||||
[Event is fired]
|
||||
expected: TIMEOUT
|
||||
|
||||
[Violation report status OK.]
|
||||
expected: FAIL
|
6
tests/wpt/meta/content-security-policy/blob/blob-urls-do-not-match-self.sub.html.ini
vendored
Normal file
6
tests/wpt/meta/content-security-policy/blob/blob-urls-do-not-match-self.sub.html.ini
vendored
Normal file
|
@ -0,0 +1,6 @@
|
|||
[blob-urls-do-not-match-self.sub.html]
|
||||
[Expecting logs: ["violated-directive=script-src-elem"\]]
|
||||
expected: FAIL
|
||||
|
||||
[blob-urls-do-not-match-self]
|
||||
expected: FAIL
|
9
tests/wpt/meta/content-security-policy/blob/self-doesnt-match-blob.sub.html.ini
vendored
Normal file
9
tests/wpt/meta/content-security-policy/blob/self-doesnt-match-blob.sub.html.ini
vendored
Normal file
|
@ -0,0 +1,9 @@
|
|||
[self-doesnt-match-blob.sub.html]
|
||||
[Expecting logs: ["violated-directive=worker-src","TEST COMPLETE"\]]
|
||||
expected: FAIL
|
||||
|
||||
[worker-connect-src-blocked]
|
||||
expected: FAIL
|
||||
|
||||
[worker-connect-src-blocked 1]
|
||||
expected: FAIL
|
3
tests/wpt/meta/content-security-policy/blob/star-doesnt-match-blob.sub.html.ini
vendored
Normal file
3
tests/wpt/meta/content-security-policy/blob/star-doesnt-match-blob.sub.html.ini
vendored
Normal file
|
@ -0,0 +1,3 @@
|
|||
[star-doesnt-match-blob.sub.html]
|
||||
[Expecting logs: ["violated-directive=worker-src","TEST COMPLETE"\]]
|
||||
expected: FAIL
|
25
tests/wpt/meta/content-security-policy/embedded-enforcement/allow_csp_from-header.html.ini
vendored
Normal file
25
tests/wpt/meta/content-security-policy/embedded-enforcement/allow_csp_from-header.html.ini
vendored
Normal file
|
@ -0,0 +1,25 @@
|
|||
[allow_csp_from-header.html]
|
||||
expected: TIMEOUT
|
||||
[Same origin iframes with an empty Allow-CSP-From header get blocked.]
|
||||
expected: FAIL
|
||||
|
||||
[Same origin iframes without Allow-CSP-From header gets blocked.]
|
||||
expected: FAIL
|
||||
|
||||
[Same origin iframes are blocked if Allow-CSP-From does not match origin.]
|
||||
expected: FAIL
|
||||
|
||||
[Cross origin iframe with an empty Allow-CSP-From header gets blocked.]
|
||||
expected: FAIL
|
||||
|
||||
[Cross origin iframe without Allow-CSP-From header gets blocked.]
|
||||
expected: FAIL
|
||||
|
||||
[Iframe with improper Allow-CSP-From header gets blocked.]
|
||||
expected: FAIL
|
||||
|
||||
[Star Allow-CSP-From header enforces EmbeddingCSP.]
|
||||
expected: TIMEOUT
|
||||
|
||||
[Allow-CSP-From header enforces EmbeddingCSP.]
|
||||
expected: TIMEOUT
|
|
@ -0,0 +1,6 @@
|
|||
[blocked-iframe-are-cross-origin.html]
|
||||
[Document blocked by embedded enforcement and its parent are cross-origin]
|
||||
expected: FAIL
|
||||
|
||||
[Two same-origin iframes must appear as cross-origin when one is blocked]
|
||||
expected: FAIL
|
|
@ -0,0 +1,6 @@
|
|||
[change-csp-attribute-and-history-navigation.html]
|
||||
[Iframe csp attribute changed before history navigation of local scheme.]
|
||||
expected: FAIL
|
||||
|
||||
[Iframe csp attribute changed before history navigation of network scheme.]
|
||||
expected: FAIL
|
6
tests/wpt/meta/content-security-policy/embedded-enforcement/idlharness.window.js.ini
vendored
Normal file
6
tests/wpt/meta/content-security-policy/embedded-enforcement/idlharness.window.js.ini
vendored
Normal file
|
@ -0,0 +1,6 @@
|
|||
[idlharness.window.html]
|
||||
[HTMLIFrameElement interface: attribute csp]
|
||||
expected: FAIL
|
||||
|
||||
[HTMLIFrameElement interface: document.createElement("iframe") must inherit property "csp" with the proper type]
|
||||
expected: FAIL
|
12
tests/wpt/meta/content-security-policy/embedded-enforcement/iframe-csp-attribute.html.ini
vendored
Normal file
12
tests/wpt/meta/content-security-policy/embedded-enforcement/iframe-csp-attribute.html.ini
vendored
Normal file
|
@ -0,0 +1,12 @@
|
|||
[iframe-csp-attribute.html]
|
||||
[<iframe> has a 'csp' attibute which is an empty string if undefined.]
|
||||
expected: FAIL
|
||||
|
||||
[<iframe>'s csp attribute is always a string.]
|
||||
expected: FAIL
|
||||
|
||||
[<iframe>'s 'csp content attribute reflects the IDL attribute.]
|
||||
expected: FAIL
|
||||
|
||||
[<iframe>'s IDL attribute reflects the DOM attribute.]
|
||||
expected: FAIL
|
27
tests/wpt/meta/content-security-policy/embedded-enforcement/required-csp-header-cascade.html.ini
vendored
Normal file
27
tests/wpt/meta/content-security-policy/embedded-enforcement/required-csp-header-cascade.html.ini
vendored
Normal file
|
@ -0,0 +1,27 @@
|
|||
[required-csp-header-cascade.html]
|
||||
[Test same origin: Test same policy for both iframes]
|
||||
expected: FAIL
|
||||
|
||||
[Test same origin: Test more restrictive policy on second iframe]
|
||||
expected: FAIL
|
||||
|
||||
[Test same origin: Test less restrictive policy on second iframe]
|
||||
expected: FAIL
|
||||
|
||||
[Test same origin: Test no policy on second iframe]
|
||||
expected: FAIL
|
||||
|
||||
[Test same origin: Test no policy on first iframe]
|
||||
expected: FAIL
|
||||
|
||||
[Test same origin: Test invalid policy on first iframe (bad directive name)]
|
||||
expected: FAIL
|
||||
|
||||
[Test same origin: Test invalid policy on first iframe (report directive)]
|
||||
expected: FAIL
|
||||
|
||||
[Test same origin: Test invalid policy on second iframe (bad directive name)]
|
||||
expected: FAIL
|
||||
|
||||
[Test same origin: Test invalid policy on second iframe (report directive)]
|
||||
expected: FAIL
|
141
tests/wpt/meta/content-security-policy/embedded-enforcement/required_csp-header.html.ini
vendored
Normal file
141
tests/wpt/meta/content-security-policy/embedded-enforcement/required_csp-header.html.ini
vendored
Normal file
|
@ -0,0 +1,141 @@
|
|||
[required_csp-header.html]
|
||||
[Test Required-CSP value on `csp` change: Sec-Required-CSP is not sent if `csp` attribute is not set on <iframe>.]
|
||||
expected: FAIL
|
||||
|
||||
[Test same origin: Send Sec-Required-CSP when `csp` attribute of <iframe> is not empty.]
|
||||
expected: FAIL
|
||||
|
||||
[Test same origin redirect: Send Sec-Required-CSP when `csp` attribute of <iframe> is not empty.]
|
||||
expected: FAIL
|
||||
|
||||
[Test cross origin redirect: Send Sec-Required-CSP when `csp` attribute of <iframe> is not empty.]
|
||||
expected: FAIL
|
||||
|
||||
[Test cross origin redirect of cross origin iframe: Send Sec-Required-CSP when `csp` attribute of <iframe> is not empty.]
|
||||
expected: FAIL
|
||||
|
||||
[Test Required-CSP value on `csp` change: Send Sec-Required-CSP when `csp` attribute of <iframe> is not empty.]
|
||||
expected: FAIL
|
||||
|
||||
[Test same origin: Send Sec-Required-CSP Header on change of `src` attribute on iframe.]
|
||||
expected: FAIL
|
||||
|
||||
[Test same origin redirect: Send Sec-Required-CSP Header on change of `src` attribute on iframe.]
|
||||
expected: FAIL
|
||||
|
||||
[Test cross origin redirect: Send Sec-Required-CSP Header on change of `src` attribute on iframe.]
|
||||
expected: FAIL
|
||||
|
||||
[Test cross origin redirect of cross origin iframe: Send Sec-Required-CSP Header on change of `src` attribute on iframe.]
|
||||
expected: FAIL
|
||||
|
||||
[Test Required-CSP value on `csp` change: Send Sec-Required-CSP Header on change of `src` attribute on iframe.]
|
||||
expected: FAIL
|
||||
|
||||
[Test same origin: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - gibberish csp]
|
||||
expected: FAIL
|
||||
|
||||
[Test same origin redirect: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - gibberish csp]
|
||||
expected: FAIL
|
||||
|
||||
[Test cross origin redirect: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - gibberish csp]
|
||||
expected: FAIL
|
||||
|
||||
[Test cross origin redirect of cross origin iframe: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - gibberish csp]
|
||||
expected: FAIL
|
||||
|
||||
[Test Required-CSP value on `csp` change: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - gibberish csp]
|
||||
expected: FAIL
|
||||
|
||||
[Test same origin: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - unknown policy name]
|
||||
expected: FAIL
|
||||
|
||||
[Test same origin redirect: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - unknown policy name]
|
||||
expected: FAIL
|
||||
|
||||
[Test cross origin redirect: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - unknown policy name]
|
||||
expected: FAIL
|
||||
|
||||
[Test cross origin redirect of cross origin iframe: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - unknown policy name]
|
||||
expected: FAIL
|
||||
|
||||
[Test Required-CSP value on `csp` change: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - unknown policy name]
|
||||
expected: FAIL
|
||||
|
||||
[Test same origin: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - unknown policy name in multiple directives]
|
||||
expected: FAIL
|
||||
|
||||
[Test same origin redirect: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - unknown policy name in multiple directives]
|
||||
expected: FAIL
|
||||
|
||||
[Test cross origin redirect: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - unknown policy name in multiple directives]
|
||||
expected: FAIL
|
||||
|
||||
[Test cross origin redirect of cross origin iframe: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - unknown policy name in multiple directives]
|
||||
expected: FAIL
|
||||
|
||||
[Test Required-CSP value on `csp` change: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - unknown policy name in multiple directives]
|
||||
expected: FAIL
|
||||
|
||||
[Test same origin: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - misspeled 'none']
|
||||
expected: FAIL
|
||||
|
||||
[Test same origin redirect: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - misspeled 'none']
|
||||
expected: FAIL
|
||||
|
||||
[Test cross origin redirect: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - misspeled 'none']
|
||||
expected: FAIL
|
||||
|
||||
[Test cross origin redirect of cross origin iframe: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - misspeled 'none']
|
||||
expected: FAIL
|
||||
|
||||
[Test Required-CSP value on `csp` change: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - misspeled 'none']
|
||||
expected: FAIL
|
||||
|
||||
[Test same origin: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - query values in path]
|
||||
expected: FAIL
|
||||
|
||||
[Test same origin redirect: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - query values in path]
|
||||
expected: FAIL
|
||||
|
||||
[Test cross origin redirect: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - query values in path]
|
||||
expected: FAIL
|
||||
|
||||
[Test cross origin redirect of cross origin iframe: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - query values in path]
|
||||
expected: FAIL
|
||||
|
||||
[Test Required-CSP value on `csp` change: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - query values in path]
|
||||
expected: FAIL
|
||||
|
||||
[Test same origin: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - missing semicolon]
|
||||
expected: FAIL
|
||||
|
||||
[Test same origin redirect: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - missing semicolon]
|
||||
expected: FAIL
|
||||
|
||||
[Test cross origin redirect: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - missing semicolon]
|
||||
expected: FAIL
|
||||
|
||||
[Test cross origin redirect of cross origin iframe: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - missing semicolon]
|
||||
expected: FAIL
|
||||
|
||||
[Test Required-CSP value on `csp` change: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - missing semicolon]
|
||||
expected: FAIL
|
||||
|
||||
[Test Required-CSP value on `csp` change: Wrong and dangerous value of `csp` should not trigger sending Sec-Required-CSP Header - comma separated]
|
||||
expected: FAIL
|
||||
|
||||
[Test Required-CSP value on `csp` change: Wrong and dangerous value of `csp` should not trigger sending Sec-Required-CSP Header - invalid characters in directive names]
|
||||
expected: FAIL
|
||||
|
||||
[Test Required-CSP value on `csp` change: Wrong and dangerous value of `csp` should not trigger sending Sec-Required-CSP Header - invalid character in directive name]
|
||||
expected: FAIL
|
||||
|
||||
[Test Required-CSP value on `csp` change: Wrong and dangerous value of `csp` should not trigger sending Sec-Required-CSP Header - report-uri present]
|
||||
expected: FAIL
|
||||
|
||||
[Test Required-CSP value on `csp` change: Wrong and dangerous value of `csp` should not trigger sending Sec-Required-CSP Header - report-to present]
|
||||
expected: FAIL
|
||||
|
||||
[Test Required-CSP value on `csp` change: Sec-Required-CSP is not sent if `csp` attribute is longer than 4096 bytes]
|
||||
expected: FAIL
|
|
@ -0,0 +1,21 @@
|
|||
[subsumption_algorithm-general.html]
|
||||
[Iframe with empty returned CSP should be blocked.]
|
||||
expected: FAIL
|
||||
|
||||
[Iframe with less restricting CSP should be blocked.]
|
||||
expected: FAIL
|
||||
|
||||
[Iframe with a different CSP should be blocked.]
|
||||
expected: FAIL
|
||||
|
||||
[Host wildcard *.a.com does not match a.com]
|
||||
expected: FAIL
|
||||
|
||||
[Iframe should block if intersection allows sources which are not in required_csp.]
|
||||
expected: FAIL
|
||||
|
||||
[Iframe should block if intersection allows sources which are not in required_csp (other ordering).]
|
||||
expected: FAIL
|
||||
|
||||
[Removed plugin-types directive should be ignored 3.]
|
||||
expected: FAIL
|
|
@ -0,0 +1,18 @@
|
|||
[subsumption_algorithm-hashes.html]
|
||||
[Returned should not include hashes not present in required csp.]
|
||||
expected: FAIL
|
||||
|
||||
[Hashes do not have to be present in returned csp but must not allow all inline behavior.]
|
||||
expected: FAIL
|
||||
|
||||
[Other expressions have to be subsumed.]
|
||||
expected: FAIL
|
||||
|
||||
[Required csp must allow 'sha256-abc123'.]
|
||||
expected: FAIL
|
||||
|
||||
[Effective policy is properly found where 'sha256-abc123' is not subsumed.]
|
||||
expected: FAIL
|
||||
|
||||
['sha256-abc123' is not subsumed by 'sha256-abc456'.]
|
||||
expected: FAIL
|
|
@ -0,0 +1,12 @@
|
|||
[subsumption_algorithm-host_sources-hosts.html]
|
||||
[Host must match.]
|
||||
expected: FAIL
|
||||
|
||||
[Hosts without wildcards must match.]
|
||||
expected: FAIL
|
||||
|
||||
[More specific subdomain should not match.]
|
||||
expected: FAIL
|
||||
|
||||
[Specified host should not match a wildcard host.]
|
||||
expected: FAIL
|
|
@ -0,0 +1,9 @@
|
|||
[subsumption_algorithm-host_sources-paths.html]
|
||||
[Returned CSP must specify a path.]
|
||||
expected: FAIL
|
||||
|
||||
[Empty path is not subsumed by specified paths.]
|
||||
expected: FAIL
|
||||
|
||||
[That should not be true when required csp specifies a specific page.]
|
||||
expected: FAIL
|
|
@ -0,0 +1,12 @@
|
|||
[subsumption_algorithm-host_sources-ports.html]
|
||||
[Specified ports must match.]
|
||||
expected: FAIL
|
||||
|
||||
[Returned CSP should be subsumed if the port is specified but is not default for a more secure scheme.]
|
||||
expected: FAIL
|
||||
|
||||
[Wildcard port should not be subsumed by a default port.]
|
||||
expected: FAIL
|
||||
|
||||
[Wildcard port should not be subsumed by a spcified port.]
|
||||
expected: FAIL
|
|
@ -0,0 +1,12 @@
|
|||
[subsumption_algorithm-host_sources-protocols.html]
|
||||
[`https` is more restrictive than `http`.]
|
||||
expected: FAIL
|
||||
|
||||
[`http:` does not subsume other protocols.]
|
||||
expected: FAIL
|
||||
|
||||
[If scheme source is present in returned csp, it must be specified in required csp too.]
|
||||
expected: FAIL
|
||||
|
||||
[All scheme sources must be subsumed.]
|
||||
expected: FAIL
|
|
@ -0,0 +1,9 @@
|
|||
[subsumption_algorithm-nonces.html]
|
||||
[A nonce has to be returned if required by the embedder.]
|
||||
expected: FAIL
|
||||
|
||||
[Nonce intersection is still done on exact match - matching nonces.]
|
||||
expected: FAIL
|
||||
|
||||
[Other expressions still have to be subsumed - negative test]
|
||||
expected: FAIL
|
21
tests/wpt/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-none.html.ini
vendored
Normal file
21
tests/wpt/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-none.html.ini
vendored
Normal file
|
@ -0,0 +1,21 @@
|
|||
[subsumption_algorithm-none.html]
|
||||
[Required policy that allows `none` does not subsume empty list of policies.]
|
||||
expected: FAIL
|
||||
|
||||
[Required csp with effective `none` does not subsume a host source expression.]
|
||||
expected: FAIL
|
||||
|
||||
[Required csp with `none` does not subsume a host source expression.]
|
||||
expected: FAIL
|
||||
|
||||
[Required csp with effective `none` does not subsume `none` of another directive.]
|
||||
expected: FAIL
|
||||
|
||||
[Required csp with `none` does not subsume `none` of another directive.]
|
||||
expected: FAIL
|
||||
|
||||
[Required csp with `none` does not subsume `none` of different directives.]
|
||||
expected: FAIL
|
||||
|
||||
[Both required and returned csp are `none` for only one directive.]
|
||||
expected: FAIL
|
|
@ -0,0 +1,6 @@
|
|||
[subsumption_algorithm-self.html]
|
||||
[Returned CSP must not allow 'self' if required CSP does not.]
|
||||
expected: FAIL
|
||||
|
||||
[Returned 'self' should not be subsumed by a more secure version of origin's url.]
|
||||
expected: FAIL
|
|
@ -0,0 +1,45 @@
|
|||
[subsumption_algorithm-source_list-wildcards.html]
|
||||
[Wildcard does not subsume empty list.]
|
||||
expected: FAIL
|
||||
|
||||
[Empty source list does not subsume a wildcard source list.]
|
||||
expected: FAIL
|
||||
|
||||
['none' does not subsume a wildcard source list.]
|
||||
expected: FAIL
|
||||
|
||||
[Wildcard source list does not subsume `data:` scheme source expression.]
|
||||
expected: FAIL
|
||||
|
||||
[Wildcard source list does not subsume `blob:` scheme source expression.]
|
||||
expected: FAIL
|
||||
|
||||
[Source expressions do not subsume effective nonce expressions.]
|
||||
expected: FAIL
|
||||
|
||||
[Wildcard source list is not subsumed by a host expression.]
|
||||
expected: FAIL
|
||||
|
||||
[Wildcard list with keywords is not subsumed by a wildcard list.]
|
||||
expected: FAIL
|
||||
|
||||
[Wildcard list with 'unsafe-hashes' is not subsumed by a wildcard list.]
|
||||
expected: FAIL
|
||||
|
||||
[Wildcard list with 'unsafe-inline' is not subsumed by a wildcard list.]
|
||||
expected: FAIL
|
||||
|
||||
[Wildcard list with 'unsafe-eval' is not subsumed by a wildcard list.]
|
||||
expected: FAIL
|
||||
|
||||
[Wildcard list with 'unsafe-eval' is not subsumed by list with a single expression.]
|
||||
expected: FAIL
|
||||
|
||||
[The same as above but for 'unsafe-inline'.]
|
||||
expected: FAIL
|
||||
|
||||
[`data:` is not subsumed by a wildcard list.]
|
||||
expected: FAIL
|
||||
|
||||
[`blob:` is not subsumed by a wildcard list.]
|
||||
expected: FAIL
|
|
@ -0,0 +1,9 @@
|
|||
[subsumption_algorithm-strict_dynamic.html]
|
||||
['strict-dynamic' is effective only for `script-src`.]
|
||||
expected: FAIL
|
||||
|
||||
['strict-dynamic' is properly handled for finding effective policy.]
|
||||
expected: FAIL
|
||||
|
||||
['strict-dynamic' has to be allowed by required csp if it is present in returned csp.]
|
||||
expected: FAIL
|
|
@ -0,0 +1,12 @@
|
|||
[subsumption_algorithm-unsafe_eval.html]
|
||||
[No other keyword has the same effect as 'unsafe-eval'.]
|
||||
expected: FAIL
|
||||
|
||||
[Other expressions have to be subsumed.]
|
||||
expected: FAIL
|
||||
|
||||
[Required csp must allow 'unsafe-eval'.]
|
||||
expected: FAIL
|
||||
|
||||
[Effective policy is properly found where 'unsafe-eval' is not subsumed.]
|
||||
expected: FAIL
|
|
@ -0,0 +1,12 @@
|
|||
[subsumption_algorithm-unsafe_hashes.html]
|
||||
[No other keyword has the same effect as 'unsafe-hashes'.]
|
||||
expected: FAIL
|
||||
|
||||
[Other expressions have to be subsumed.]
|
||||
expected: FAIL
|
||||
|
||||
[Required csp must allow 'unsafe-hashes'.]
|
||||
expected: FAIL
|
||||
|
||||
[Effective policy is properly found where 'unsafe-hashes' is not subsumed.]
|
||||
expected: FAIL
|
|
@ -0,0 +1,18 @@
|
|||
[subsumption_algorithm-unsafe_inline.html?9-last]
|
||||
[Required csp allows `strict-dynamic`, but retuned csp does.]
|
||||
expected: FAIL
|
||||
|
||||
[Required csp does not allow `unsafe-inline`, but retuned csp does.]
|
||||
expected: FAIL
|
||||
|
||||
[Returned csp allows a nonce.]
|
||||
expected: FAIL
|
||||
|
||||
[Returned csp allows a hash.]
|
||||
expected: FAIL
|
||||
|
||||
[Effective returned csp allows 'unsafe-inline']
|
||||
expected: FAIL
|
||||
|
||||
|
||||
[subsumption_algorithm-unsafe_inline.html?1-8]
|
4
tests/wpt/meta/content-security-policy/font-src/font-match-allowed.sub.html.ini
vendored
Normal file
4
tests/wpt/meta/content-security-policy/font-src/font-match-allowed.sub.html.ini
vendored
Normal file
|
@ -0,0 +1,4 @@
|
|||
[font-match-allowed.sub.html]
|
||||
expected: TIMEOUT
|
||||
[Test font loads if it matches font-src.]
|
||||
expected: TIMEOUT
|
4
tests/wpt/meta/content-security-policy/font-src/font-mismatch-blocked.sub.html.ini
vendored
Normal file
4
tests/wpt/meta/content-security-policy/font-src/font-mismatch-blocked.sub.html.ini
vendored
Normal file
|
@ -0,0 +1,4 @@
|
|||
[font-mismatch-blocked.sub.html]
|
||||
expected: TIMEOUT
|
||||
[Test font does not load if it does not match font-src.]
|
||||
expected: TIMEOUT
|
4
tests/wpt/meta/content-security-policy/font-src/font-none-blocked.sub.html.ini
vendored
Normal file
4
tests/wpt/meta/content-security-policy/font-src/font-none-blocked.sub.html.ini
vendored
Normal file
|
@ -0,0 +1,4 @@
|
|||
[font-none-blocked.sub.html]
|
||||
expected: TIMEOUT
|
||||
[Test font does not load if it does not match font-src.]
|
||||
expected: TIMEOUT
|
4
tests/wpt/meta/content-security-policy/font-src/font-self-allowed.html.ini
vendored
Normal file
4
tests/wpt/meta/content-security-policy/font-src/font-self-allowed.html.ini
vendored
Normal file
|
@ -0,0 +1,4 @@
|
|||
[font-self-allowed.html]
|
||||
expected: TIMEOUT
|
||||
[Test font loads if it matches font-src.]
|
||||
expected: TIMEOUT
|
4
tests/wpt/meta/content-security-policy/font-src/font-stylesheet-font-blocked.sub.html.ini
vendored
Normal file
4
tests/wpt/meta/content-security-policy/font-src/font-stylesheet-font-blocked.sub.html.ini
vendored
Normal file
|
@ -0,0 +1,4 @@
|
|||
[font-stylesheet-font-blocked.sub.html]
|
||||
expected: TIMEOUT
|
||||
[Test font does not load if it does not match font-src.]
|
||||
expected: TIMEOUT
|
6
tests/wpt/meta/content-security-policy/form-action/form-action-src-blocked.sub.html.ini
vendored
Normal file
6
tests/wpt/meta/content-security-policy/form-action/form-action-src-blocked.sub.html.ini
vendored
Normal file
|
@ -0,0 +1,6 @@
|
|||
[form-action-src-blocked.sub.html]
|
||||
[Expecting logs: ["violated-directive=form-action","TEST COMPLETE"\]]
|
||||
expected: FAIL
|
||||
|
||||
[form-action-src-blocked]
|
||||
expected: FAIL
|
3
tests/wpt/meta/content-security-policy/form-action/form-action-src-get-blocked.sub.html.ini
vendored
Normal file
3
tests/wpt/meta/content-security-policy/form-action/form-action-src-get-blocked.sub.html.ini
vendored
Normal file
|
@ -0,0 +1,3 @@
|
|||
[form-action-src-get-blocked.sub.html]
|
||||
[Expecting logs: ["violated-directive=form-action","TEST COMPLETE"\]]
|
||||
expected: FAIL
|
|
@ -0,0 +1,3 @@
|
|||
[form-action-src-javascript-blocked.sub.html]
|
||||
[Expecting logs: ["violated-directive=form-action","TEST COMPLETE"\]]
|
||||
expected: FAIL
|
|
@ -0,0 +1,6 @@
|
|||
[form-action-src-redirect-blocked.sub.html]
|
||||
[Expecting logs: ["violated-directive=form-action","blocked-uri=http://web-platform.test:8000/common/redirect.py?location=http://www1.web-platform.test:8000/content-security-policy/support/postmessage-fail.html","TEST COMPLETE"\]]
|
||||
expected: FAIL
|
||||
|
||||
[form-action-src-redirect-blocked]
|
||||
expected: FAIL
|
|
@ -0,0 +1,4 @@
|
|||
[frame-ancestors-from-serviceworker.https.html]
|
||||
expected: ERROR
|
||||
[A 'frame-ancestors' CSP directive set from a serviceworker response with a value 'none' should block rendering.]
|
||||
expected: NOTRUN
|
|
@ -0,0 +1,3 @@
|
|||
[frame-ancestors-nested-cross-in-cross-none-block.html]
|
||||
[A 'frame-ancestors' CSP directive with a value 'none' should block rendering in nested frames.]
|
||||
expected: FAIL
|
|
@ -0,0 +1,3 @@
|
|||
[frame-ancestors-nested-cross-in-cross-self-block.html]
|
||||
[A 'frame-ancestors' CSP directive with a value 'self' should block render in same-origin nested frames.]
|
||||
expected: FAIL
|
|
@ -0,0 +1,3 @@
|
|||
[frame-ancestors-nested-cross-in-cross-url-block.html]
|
||||
[A 'frame-ancestors' CSP directive with a URL value should block or allow rendering in nested frames as appropriate.]
|
||||
expected: FAIL
|
|
@ -0,0 +1,3 @@
|
|||
[frame-ancestors-nested-same-in-cross-none-block.html]
|
||||
[A 'frame-ancestors' CSP directive with a value 'none' should block rendering in nested frames.]
|
||||
expected: FAIL
|
|
@ -0,0 +1,3 @@
|
|||
[frame-ancestors-nested-same-in-cross-self-block.html]
|
||||
[A 'frame-ancestors' CSP directive with a value 'self' should block render in same-origin nested frames.]
|
||||
expected: FAIL
|
|
@ -0,0 +1,3 @@
|
|||
[frame-ancestors-nested-same-in-cross-url-block.html]
|
||||
[A 'frame-ancestors' CSP directive with a URL value should block or allow rendering in nested frames as appropriate.]
|
||||
expected: FAIL
|
|
@ -0,0 +1,3 @@
|
|||
[frame-ancestors-nested-same-in-same-none-block.html]
|
||||
[A 'frame-ancestors' CSP directive with a value 'none' should block rendering in nested frames.]
|
||||
expected: FAIL
|
|
@ -0,0 +1,3 @@
|
|||
[frame-ancestors-nested-same-in-same-url-block.html]
|
||||
[A 'frame-ancestors' CSP directive with a URL value should block or allow rendering in nested frames as appropriate.]
|
||||
expected: FAIL
|
3
tests/wpt/meta/content-security-policy/frame-ancestors/frame-ancestors-none-block.html.ini
vendored
Normal file
3
tests/wpt/meta/content-security-policy/frame-ancestors/frame-ancestors-none-block.html.ini
vendored
Normal file
|
@ -0,0 +1,3 @@
|
|||
[frame-ancestors-none-block.html]
|
||||
[A 'frame-ancestors' CSP directive with a value 'none' should block rendering.]
|
||||
expected: FAIL
|
|
@ -0,0 +1,3 @@
|
|||
[frame-ancestors-overrides-xfo.html]
|
||||
[A 'frame-ancestors' CSP directive overrides an 'x-frame-options' header which would allow the page.]
|
||||
expected: FAIL
|
|
@ -0,0 +1,3 @@
|
|||
[frame-ancestors-path-ignored.window.html]
|
||||
[A 'frame-ancestors' CSP directive with a URL that includes a path should be ignored.]
|
||||
expected: FAIL
|
3
tests/wpt/meta/content-security-policy/frame-ancestors/report-blocked-frame.sub.html.ini
vendored
Normal file
3
tests/wpt/meta/content-security-policy/frame-ancestors/report-blocked-frame.sub.html.ini
vendored
Normal file
|
@ -0,0 +1,3 @@
|
|||
[report-blocked-frame.sub.html]
|
||||
[Violation report status OK.]
|
||||
expected: FAIL
|
3
tests/wpt/meta/content-security-policy/frame-ancestors/report-only-frame.sub.html.ini
vendored
Normal file
3
tests/wpt/meta/content-security-policy/frame-ancestors/report-only-frame.sub.html.ini
vendored
Normal file
|
@ -0,0 +1,3 @@
|
|||
[report-only-frame.sub.html]
|
||||
[Violation report status OK.]
|
||||
expected: FAIL
|
4
tests/wpt/meta/content-security-policy/frame-src/frame-src-blocked.sub.html.ini
vendored
Normal file
4
tests/wpt/meta/content-security-policy/frame-src/frame-src-blocked.sub.html.ini
vendored
Normal file
|
@ -0,0 +1,4 @@
|
|||
[frame-src-blocked.sub.html]
|
||||
expected: ERROR
|
||||
[Expecting logs: ["PASS IFrame #1 generated a load event.","violated-directive=frame-src"\]]
|
||||
expected: FAIL
|
|
@ -0,0 +1,3 @@
|
|||
[frame-src-cross-origin-same-document-navigation.window.html]
|
||||
[frame-src-cross-origin-same-document-navigation]
|
||||
expected: FAIL
|
4
tests/wpt/meta/content-security-policy/frame-src/frame-src-redirect.html.ini
vendored
Normal file
4
tests/wpt/meta/content-security-policy/frame-src/frame-src-redirect.html.ini
vendored
Normal file
|
@ -0,0 +1,4 @@
|
|||
[frame-src-redirect.html]
|
||||
expected: TIMEOUT
|
||||
[Redirected iframe src should evaluate both enforced and report-only policies on both original request and when following redirect]
|
||||
expected: TIMEOUT
|
4
tests/wpt/meta/content-security-policy/frame-src/frame-src-same-document-meta.sub.html.ini
vendored
Normal file
4
tests/wpt/meta/content-security-policy/frame-src/frame-src-same-document-meta.sub.html.ini
vendored
Normal file
|
@ -0,0 +1,4 @@
|
|||
[frame-src-same-document-meta.sub.html]
|
||||
expected: TIMEOUT
|
||||
[Same-document navigations in an iframe blocked by CSP frame-src dynamically using the <meta> tag]
|
||||
expected: TIMEOUT
|
4
tests/wpt/meta/content-security-policy/frame-src/frame-src-same-document.sub.html.ini
vendored
Normal file
4
tests/wpt/meta/content-security-policy/frame-src/frame-src-same-document.sub.html.ini
vendored
Normal file
|
@ -0,0 +1,4 @@
|
|||
[frame-src-same-document.sub.html]
|
||||
expected: TIMEOUT
|
||||
[Same-document navigation in an iframe blocked by CSP frame-src]
|
||||
expected: TIMEOUT
|
4
tests/wpt/meta/content-security-policy/frame-src/frame-src-self-unique-origin.html.ini
vendored
Normal file
4
tests/wpt/meta/content-security-policy/frame-src/frame-src-self-unique-origin.html.ini
vendored
Normal file
|
@ -0,0 +1,4 @@
|
|||
[frame-src-self-unique-origin.html]
|
||||
expected: TIMEOUT
|
||||
[Iframe's url must not match with 'self'. It must be blocked.]
|
||||
expected: TIMEOUT
|
15
tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/script-tag.http.html.ini
vendored
Normal file
15
tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/script-tag.http.html.ini
vendored
Normal file
|
@ -0,0 +1,15 @@
|
|||
[script-tag.http.html]
|
||||
[Content Security Policy: Expects blocked for script-tag to cross-http origin and keep-origin redirection from http context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for script-tag to cross-http origin and no-redirect redirection from http context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for script-tag to cross-http origin and swap-origin redirection from http context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for script-tag to same-http origin and swap-origin redirection from http context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for script-tag to same-http origin and swap-origin redirection from http context.: securitypolicyviolation]
|
||||
expected: FAIL
|
15
tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/script-tag.https.html.ini
vendored
Normal file
15
tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/script-tag.https.html.ini
vendored
Normal file
|
@ -0,0 +1,15 @@
|
|||
[script-tag.https.html]
|
||||
[Content Security Policy: Expects blocked for script-tag to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for script-tag to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for script-tag to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for script-tag to same-https origin and swap-origin redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for script-tag to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
|
@ -0,0 +1,6 @@
|
|||
[sharedworker-classic.http.html]
|
||||
[Content Security Policy: Expects allowed for sharedworker-classic to same-http origin and keep-origin redirection from http context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for sharedworker-classic to same-http origin and no-redirect redirection from http context.]
|
||||
expected: FAIL
|
|
@ -0,0 +1,6 @@
|
|||
[sharedworker-classic.https.html]
|
||||
[Content Security Policy: Expects allowed for sharedworker-classic to same-https origin and keep-origin redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for sharedworker-classic to same-https origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
|
@ -0,0 +1,18 @@
|
|||
[sharedworker-import-data.http.html]
|
||||
[Content Security Policy: Expects blocked for sharedworker-import-data to cross-http origin and keep-origin redirection from http context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import-data to cross-http origin and no-redirect redirection from http context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import-data to cross-http origin and swap-origin redirection from http context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import-data to same-http origin and keep-origin redirection from http context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import-data to same-http origin and no-redirect redirection from http context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import-data to same-http origin and swap-origin redirection from http context.: securitypolicyviolation]
|
||||
expected: FAIL
|
|
@ -0,0 +1,18 @@
|
|||
[sharedworker-import-data.https.html]
|
||||
[Content Security Policy: Expects blocked for sharedworker-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
|
@ -0,0 +1,18 @@
|
|||
[sharedworker-import.http.html]
|
||||
[Content Security Policy: Expects allowed for sharedworker-import to same-http origin and keep-origin redirection from http context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for sharedworker-import to same-http origin and no-redirect redirection from http context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and keep-origin redirection from http context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and no-redirect redirection from http context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and swap-origin redirection from http context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import to same-http origin and swap-origin redirection from http context.: securitypolicyviolation]
|
||||
expected: FAIL
|
|
@ -0,0 +1,18 @@
|
|||
[sharedworker-import.https.html]
|
||||
[Content Security Policy: Expects allowed for sharedworker-import to same-https origin and keep-origin redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for sharedworker-import to same-https origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
|
@ -0,0 +1,6 @@
|
|||
[sharedworker-module.http.html]
|
||||
[Content Security Policy: Expects allowed for sharedworker-module to same-http origin and keep-origin redirection from http context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for sharedworker-module to same-http origin and no-redirect redirection from http context.]
|
||||
expected: FAIL
|
|
@ -0,0 +1,6 @@
|
|||
[sharedworker-module.https.html]
|
||||
[Content Security Policy: Expects allowed for sharedworker-module to same-https origin and keep-origin redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for sharedworker-module to same-https origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
|
@ -0,0 +1,18 @@
|
|||
[worker-import-data.http.html]
|
||||
[Content Security Policy: Expects blocked for worker-import-data to cross-http origin and keep-origin redirection from http context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worker-import-data to cross-http origin and no-redirect redirection from http context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worker-import-data to cross-http origin and swap-origin redirection from http context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worker-import-data to same-http origin and keep-origin redirection from http context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worker-import-data to same-http origin and no-redirect redirection from http context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worker-import-data to same-http origin and swap-origin redirection from http context.: securitypolicyviolation]
|
||||
expected: FAIL
|
|
@ -0,0 +1,18 @@
|
|||
[worker-import-data.https.html]
|
||||
[Content Security Policy: Expects blocked for worker-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worker-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worker-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worker-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worker-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worker-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
|
@ -0,0 +1,18 @@
|
|||
[worker-import.http.html]
|
||||
[Content Security Policy: Expects allowed for worker-import to same-http origin and keep-origin redirection from http context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for worker-import to same-http origin and no-redirect redirection from http context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worker-import to cross-http origin and keep-origin redirection from http context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worker-import to cross-http origin and no-redirect redirection from http context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worker-import to cross-http origin and swap-origin redirection from http context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worker-import to same-http origin and swap-origin redirection from http context.: securitypolicyviolation]
|
||||
expected: FAIL
|
|
@ -0,0 +1,18 @@
|
|||
[worker-import.https.html]
|
||||
[Content Security Policy: Expects allowed for worker-import to same-https origin and keep-origin redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for worker-import to same-https origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worker-import to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worker-import to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worker-import to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worker-import to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
|
@ -0,0 +1,18 @@
|
|||
[worklet-animation-import-data.https.html]
|
||||
[Content Security Policy: Expects blocked for worklet-animation-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-animation-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-animation-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-animation-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-animation-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-animation-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
|
@ -0,0 +1,18 @@
|
|||
[worklet-animation.https.html]
|
||||
[Content Security Policy: Expects allowed for worklet-animation to same-https origin and keep-origin redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for worklet-animation to same-https origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-animation to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-animation to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-animation to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-animation to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
|
@ -0,0 +1,18 @@
|
|||
[worklet-audio-import-data.https.html]
|
||||
[Content Security Policy: Expects blocked for worklet-audio-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-audio-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-audio-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-audio-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-audio-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-audio-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
|
@ -0,0 +1,18 @@
|
|||
[worklet-audio.https.html]
|
||||
[Content Security Policy: Expects allowed for worklet-audio to same-https origin and keep-origin redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for worklet-audio to same-https origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-audio to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-audio to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-audio to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-audio to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
|
@ -0,0 +1,18 @@
|
|||
[worklet-layout-import-data.https.html]
|
||||
[Content Security Policy: Expects blocked for worklet-layout-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-layout-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-layout-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-layout-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-layout-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-layout-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
|
@ -0,0 +1,18 @@
|
|||
[worklet-layout.https.html]
|
||||
[Content Security Policy: Expects allowed for worklet-layout to same-https origin and keep-origin redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for worklet-layout to same-https origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-layout to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-layout to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-layout to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-layout to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
|
@ -0,0 +1,18 @@
|
|||
[worklet-paint-import-data.https.html]
|
||||
[Content Security Policy: Expects blocked for worklet-paint-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-paint-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-paint-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-paint-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-paint-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-paint-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
|
@ -0,0 +1,18 @@
|
|||
[worklet-paint.https.html]
|
||||
[Content Security Policy: Expects allowed for worklet-paint to same-https origin and keep-origin redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for worklet-paint to same-https origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-paint to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-paint to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-paint to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-paint to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
|
@ -0,0 +1,6 @@
|
|||
[sharedworker-classic.http.html]
|
||||
[Content Security Policy: Expects allowed for sharedworker-classic to same-http origin and keep-origin redirection from http context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for sharedworker-classic to same-http origin and no-redirect redirection from http context.]
|
||||
expected: FAIL
|
|
@ -0,0 +1,6 @@
|
|||
[sharedworker-classic.https.html]
|
||||
[Content Security Policy: Expects allowed for sharedworker-classic to same-https origin and keep-origin redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for sharedworker-classic to same-https origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
|
@ -0,0 +1,18 @@
|
|||
[sharedworker-import-data.http.html]
|
||||
[Content Security Policy: Expects blocked for sharedworker-import-data to cross-http origin and keep-origin redirection from http context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import-data to cross-http origin and no-redirect redirection from http context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import-data to cross-http origin and swap-origin redirection from http context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import-data to same-http origin and keep-origin redirection from http context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import-data to same-http origin and no-redirect redirection from http context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import-data to same-http origin and swap-origin redirection from http context.: securitypolicyviolation]
|
||||
expected: FAIL
|
|
@ -0,0 +1,18 @@
|
|||
[sharedworker-import-data.https.html]
|
||||
[Content Security Policy: Expects blocked for sharedworker-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
|
@ -0,0 +1,18 @@
|
|||
[sharedworker-import.http.html]
|
||||
[Content Security Policy: Expects allowed for sharedworker-import to cross-http origin and keep-origin redirection from http context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for sharedworker-import to cross-http origin and no-redirect redirection from http context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for sharedworker-import to cross-http origin and swap-origin redirection from http context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for sharedworker-import to same-http origin and keep-origin redirection from http context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for sharedworker-import to same-http origin and no-redirect redirection from http context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for sharedworker-import to same-http origin and swap-origin redirection from http context.]
|
||||
expected: FAIL
|
|
@ -0,0 +1,18 @@
|
|||
[sharedworker-import.https.html]
|
||||
[Content Security Policy: Expects allowed for sharedworker-import to cross-https origin and keep-origin redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for sharedworker-import to cross-https origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for sharedworker-import to cross-https origin and swap-origin redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for sharedworker-import to same-https origin and keep-origin redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for sharedworker-import to same-https origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for sharedworker-import to same-https origin and swap-origin redirection from https context.]
|
||||
expected: FAIL
|
|
@ -0,0 +1,6 @@
|
|||
[sharedworker-module.http.html]
|
||||
[Content Security Policy: Expects allowed for sharedworker-module to same-http origin and keep-origin redirection from http context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for sharedworker-module to same-http origin and no-redirect redirection from http context.]
|
||||
expected: FAIL
|
|
@ -0,0 +1,6 @@
|
|||
[sharedworker-module.https.html]
|
||||
[Content Security Policy: Expects allowed for sharedworker-module to same-https origin and keep-origin redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for sharedworker-module to same-https origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
|
@ -0,0 +1,18 @@
|
|||
[worker-import-data.http.html]
|
||||
[Content Security Policy: Expects blocked for worker-import-data to cross-http origin and keep-origin redirection from http context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worker-import-data to cross-http origin and no-redirect redirection from http context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worker-import-data to cross-http origin and swap-origin redirection from http context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worker-import-data to same-http origin and keep-origin redirection from http context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worker-import-data to same-http origin and no-redirect redirection from http context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worker-import-data to same-http origin and swap-origin redirection from http context.: securitypolicyviolation]
|
||||
expected: FAIL
|
|
@ -0,0 +1,18 @@
|
|||
[worker-import-data.https.html]
|
||||
[Content Security Policy: Expects blocked for worker-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worker-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worker-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worker-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worker-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worker-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
|
@ -0,0 +1,18 @@
|
|||
[worker-import.http.html]
|
||||
[Content Security Policy: Expects allowed for worker-import to cross-http origin and keep-origin redirection from http context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for worker-import to cross-http origin and no-redirect redirection from http context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for worker-import to cross-http origin and swap-origin redirection from http context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for worker-import to same-http origin and keep-origin redirection from http context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for worker-import to same-http origin and no-redirect redirection from http context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for worker-import to same-http origin and swap-origin redirection from http context.]
|
||||
expected: FAIL
|
|
@ -0,0 +1,18 @@
|
|||
[worker-import.https.html]
|
||||
[Content Security Policy: Expects allowed for worker-import to cross-https origin and keep-origin redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for worker-import to cross-https origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for worker-import to cross-https origin and swap-origin redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for worker-import to same-https origin and keep-origin redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for worker-import to same-https origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for worker-import to same-https origin and swap-origin redirection from https context.]
|
||||
expected: FAIL
|
|
@ -0,0 +1,18 @@
|
|||
[worklet-animation-import-data.https.html]
|
||||
[Content Security Policy: Expects blocked for worklet-animation-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-animation-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-animation-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-animation-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-animation-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-animation-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
|
@ -0,0 +1,18 @@
|
|||
[worklet-animation.https.html]
|
||||
[Content Security Policy: Expects allowed for worklet-animation to cross-https origin and keep-origin redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for worklet-animation to cross-https origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for worklet-animation to cross-https origin and swap-origin redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for worklet-animation to same-https origin and keep-origin redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for worklet-animation to same-https origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for worklet-animation to same-https origin and swap-origin redirection from https context.]
|
||||
expected: FAIL
|
|
@ -0,0 +1,18 @@
|
|||
[worklet-audio-import-data.https.html]
|
||||
[Content Security Policy: Expects blocked for worklet-audio-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-audio-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-audio-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-audio-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-audio-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-audio-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
|
@ -0,0 +1,18 @@
|
|||
[worklet-audio.https.html]
|
||||
[Content Security Policy: Expects allowed for worklet-audio to cross-https origin and keep-origin redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for worklet-audio to cross-https origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for worklet-audio to cross-https origin and swap-origin redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for worklet-audio to same-https origin and keep-origin redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for worklet-audio to same-https origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for worklet-audio to same-https origin and swap-origin redirection from https context.]
|
||||
expected: FAIL
|
|
@ -0,0 +1,18 @@
|
|||
[worklet-layout-import-data.https.html]
|
||||
[Content Security Policy: Expects blocked for worklet-layout-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-layout-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-layout-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-layout-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-layout-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-layout-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
|
@ -0,0 +1,18 @@
|
|||
[worklet-layout.https.html]
|
||||
[Content Security Policy: Expects allowed for worklet-layout to cross-https origin and keep-origin redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for worklet-layout to cross-https origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for worklet-layout to cross-https origin and swap-origin redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for worklet-layout to same-https origin and keep-origin redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for worklet-layout to same-https origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for worklet-layout to same-https origin and swap-origin redirection from https context.]
|
||||
expected: FAIL
|
|
@ -0,0 +1,18 @@
|
|||
[worklet-paint-import-data.https.html]
|
||||
[Content Security Policy: Expects blocked for worklet-paint-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-paint-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-paint-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-paint-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-paint-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for worklet-paint-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
|
@ -0,0 +1,18 @@
|
|||
[worklet-paint.https.html]
|
||||
[Content Security Policy: Expects allowed for worklet-paint to cross-https origin and keep-origin redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for worklet-paint to cross-https origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for worklet-paint to cross-https origin and swap-origin redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for worklet-paint to same-https origin and keep-origin redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for worklet-paint to same-https origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects allowed for worklet-paint to same-https origin and swap-origin redirection from https context.]
|
||||
expected: FAIL
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Add table
Add a link
Reference in a new issue