diff --git a/tests/wpt/include.ini b/tests/wpt/include.ini
index b806365a66c..516c2fc79ea 100644
--- a/tests/wpt/include.ini
+++ b/tests/wpt/include.ini
@@ -12,18 +12,7 @@ skip: true
   [samesite]
     skip: true
 [content-security-policy]
-  [child-src]
-    skip: false
-  [connect-src]
-    skip: false
-  [default-src]
-    skip: false
-  [securitypolicyviolation]
-    skip: false
-  [unsafe-eval]
-    skip: false
-  [wasm-unsafe-eval]
-    skip: false
+  skip: false
 [cors]
   skip: false
 [css]
diff --git a/tests/wpt/meta/content-security-policy/base-uri/base-uri-deny-url-encoded-host.sub.html.ini b/tests/wpt/meta/content-security-policy/base-uri/base-uri-deny-url-encoded-host.sub.html.ini
new file mode 100644
index 00000000000..89c53bc50ce
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/base-uri/base-uri-deny-url-encoded-host.sub.html.ini
@@ -0,0 +1,7 @@
+[base-uri-deny-url-encoded-host.sub.html]
+  expected: TIMEOUT
+  [Check that baseURI fires a securitypolicyviolation event when it does not match the csp directive due to a url encoded host character.]
+    expected: NOTRUN
+
+  [Check that the baseURI is not set when it does not match the csp directive]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/base-uri/base-uri-deny.sub.html.ini b/tests/wpt/meta/content-security-policy/base-uri/base-uri-deny.sub.html.ini
new file mode 100644
index 00000000000..0968c7cad44
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/base-uri/base-uri-deny.sub.html.ini
@@ -0,0 +1,7 @@
+[base-uri-deny.sub.html]
+  expected: TIMEOUT
+  [Check that baseURI fires a securitypolicyviolation event when it does not match the csp directive]
+    expected: NOTRUN
+
+  [Check that the baseURI is not set when it does not match the csp directive]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/base-uri/base-uri_iframe_sandbox.sub.html.ini b/tests/wpt/meta/content-security-policy/base-uri/base-uri_iframe_sandbox.sub.html.ini
new file mode 100644
index 00000000000..8a286ec5b93
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/base-uri/base-uri_iframe_sandbox.sub.html.ini
@@ -0,0 +1,7 @@
+[base-uri_iframe_sandbox.sub.html]
+  expected: TIMEOUT
+  [base-uri 'self' works with same-origin sandboxed iframes.]
+    expected: TIMEOUT
+
+  [base-uri 'self' blocks foreign-origin sandboxed iframes.]
+    expected: TIMEOUT
diff --git a/tests/wpt/meta/content-security-policy/base-uri/report-uri-does-not-respect-base-uri.sub.html.ini b/tests/wpt/meta/content-security-policy/base-uri/report-uri-does-not-respect-base-uri.sub.html.ini
new file mode 100644
index 00000000000..e2f1b5fea4b
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/base-uri/report-uri-does-not-respect-base-uri.sub.html.ini
@@ -0,0 +1,10 @@
+[report-uri-does-not-respect-base-uri.sub.html]
+  expected: TIMEOUT
+  [Test that image does not load]
+    expected: NOTRUN
+
+  [Event is fired]
+    expected: TIMEOUT
+
+  [Violation report status OK.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/blob/blob-urls-do-not-match-self.sub.html.ini b/tests/wpt/meta/content-security-policy/blob/blob-urls-do-not-match-self.sub.html.ini
new file mode 100644
index 00000000000..7c4537daa5a
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/blob/blob-urls-do-not-match-self.sub.html.ini
@@ -0,0 +1,6 @@
+[blob-urls-do-not-match-self.sub.html]
+  [Expecting logs: ["violated-directive=script-src-elem"\]]
+    expected: FAIL
+
+  [blob-urls-do-not-match-self]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/blob/self-doesnt-match-blob.sub.html.ini b/tests/wpt/meta/content-security-policy/blob/self-doesnt-match-blob.sub.html.ini
new file mode 100644
index 00000000000..07526d1f79e
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/blob/self-doesnt-match-blob.sub.html.ini
@@ -0,0 +1,9 @@
+[self-doesnt-match-blob.sub.html]
+  [Expecting logs: ["violated-directive=worker-src","TEST COMPLETE"\]]
+    expected: FAIL
+
+  [worker-connect-src-blocked]
+    expected: FAIL
+
+  [worker-connect-src-blocked 1]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/blob/star-doesnt-match-blob.sub.html.ini b/tests/wpt/meta/content-security-policy/blob/star-doesnt-match-blob.sub.html.ini
new file mode 100644
index 00000000000..179a42c0c69
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/blob/star-doesnt-match-blob.sub.html.ini
@@ -0,0 +1,3 @@
+[star-doesnt-match-blob.sub.html]
+  [Expecting logs: ["violated-directive=worker-src","TEST COMPLETE"\]]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/embedded-enforcement/allow_csp_from-header.html.ini b/tests/wpt/meta/content-security-policy/embedded-enforcement/allow_csp_from-header.html.ini
new file mode 100644
index 00000000000..3cf8d56a5d6
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/embedded-enforcement/allow_csp_from-header.html.ini
@@ -0,0 +1,25 @@
+[allow_csp_from-header.html]
+  expected: TIMEOUT
+  [Same origin iframes with an empty Allow-CSP-From header get blocked.]
+    expected: FAIL
+
+  [Same origin iframes without Allow-CSP-From header gets blocked.]
+    expected: FAIL
+
+  [Same origin iframes are blocked if Allow-CSP-From does not match origin.]
+    expected: FAIL
+
+  [Cross origin iframe with an empty Allow-CSP-From header gets blocked.]
+    expected: FAIL
+
+  [Cross origin iframe without Allow-CSP-From header gets blocked.]
+    expected: FAIL
+
+  [Iframe with improper Allow-CSP-From header gets blocked.]
+    expected: FAIL
+
+  [Star Allow-CSP-From header enforces EmbeddingCSP.]
+    expected: TIMEOUT
+
+  [Allow-CSP-From header enforces EmbeddingCSP.]
+    expected: TIMEOUT
diff --git a/tests/wpt/meta/content-security-policy/embedded-enforcement/blocked-iframe-are-cross-origin.html.ini b/tests/wpt/meta/content-security-policy/embedded-enforcement/blocked-iframe-are-cross-origin.html.ini
new file mode 100644
index 00000000000..31c147a6ece
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/embedded-enforcement/blocked-iframe-are-cross-origin.html.ini
@@ -0,0 +1,6 @@
+[blocked-iframe-are-cross-origin.html]
+  [Document blocked by embedded enforcement and its parent are cross-origin]
+    expected: FAIL
+
+  [Two same-origin iframes must appear as cross-origin when one is blocked]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/embedded-enforcement/change-csp-attribute-and-history-navigation.html.ini b/tests/wpt/meta/content-security-policy/embedded-enforcement/change-csp-attribute-and-history-navigation.html.ini
new file mode 100644
index 00000000000..c8205878128
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/embedded-enforcement/change-csp-attribute-and-history-navigation.html.ini
@@ -0,0 +1,6 @@
+[change-csp-attribute-and-history-navigation.html]
+  [Iframe csp attribute changed before history navigation of local scheme.]
+    expected: FAIL
+
+  [Iframe csp attribute changed before history navigation of network scheme.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/embedded-enforcement/idlharness.window.js.ini b/tests/wpt/meta/content-security-policy/embedded-enforcement/idlharness.window.js.ini
new file mode 100644
index 00000000000..551c76a0058
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/embedded-enforcement/idlharness.window.js.ini
@@ -0,0 +1,6 @@
+[idlharness.window.html]
+  [HTMLIFrameElement interface: attribute csp]
+    expected: FAIL
+
+  [HTMLIFrameElement interface: document.createElement("iframe") must inherit property "csp" with the proper type]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/embedded-enforcement/iframe-csp-attribute.html.ini b/tests/wpt/meta/content-security-policy/embedded-enforcement/iframe-csp-attribute.html.ini
new file mode 100644
index 00000000000..000df37abc1
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/embedded-enforcement/iframe-csp-attribute.html.ini
@@ -0,0 +1,12 @@
+[iframe-csp-attribute.html]
+  [<iframe> has a 'csp' attibute which is an empty string if undefined.]
+    expected: FAIL
+
+  [<iframe>'s csp attribute is always a string.]
+    expected: FAIL
+
+  [<iframe>'s 'csp content attribute reflects the IDL attribute.]
+    expected: FAIL
+
+  [<iframe>'s IDL attribute reflects the DOM attribute.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/embedded-enforcement/required-csp-header-cascade.html.ini b/tests/wpt/meta/content-security-policy/embedded-enforcement/required-csp-header-cascade.html.ini
new file mode 100644
index 00000000000..19ac0a5a7e6
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/embedded-enforcement/required-csp-header-cascade.html.ini
@@ -0,0 +1,27 @@
+[required-csp-header-cascade.html]
+  [Test same origin: Test same policy for both iframes]
+    expected: FAIL
+
+  [Test same origin: Test more restrictive policy on second iframe]
+    expected: FAIL
+
+  [Test same origin: Test less restrictive policy on second iframe]
+    expected: FAIL
+
+  [Test same origin: Test no policy on second iframe]
+    expected: FAIL
+
+  [Test same origin: Test no policy on first iframe]
+    expected: FAIL
+
+  [Test same origin: Test invalid policy on first iframe (bad directive name)]
+    expected: FAIL
+
+  [Test same origin: Test invalid policy on first iframe (report directive)]
+    expected: FAIL
+
+  [Test same origin: Test invalid policy on second iframe (bad directive name)]
+    expected: FAIL
+
+  [Test same origin: Test invalid policy on second iframe (report directive)]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/embedded-enforcement/required_csp-header.html.ini b/tests/wpt/meta/content-security-policy/embedded-enforcement/required_csp-header.html.ini
new file mode 100644
index 00000000000..784d7df63b8
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/embedded-enforcement/required_csp-header.html.ini
@@ -0,0 +1,141 @@
+[required_csp-header.html]
+  [Test Required-CSP value on `csp` change: Sec-Required-CSP is not sent if `csp` attribute is not set on <iframe>.]
+    expected: FAIL
+
+  [Test same origin: Send Sec-Required-CSP when `csp` attribute of <iframe> is not empty.]
+    expected: FAIL
+
+  [Test same origin redirect: Send Sec-Required-CSP when `csp` attribute of <iframe> is not empty.]
+    expected: FAIL
+
+  [Test cross origin redirect: Send Sec-Required-CSP when `csp` attribute of <iframe> is not empty.]
+    expected: FAIL
+
+  [Test cross origin redirect of cross origin iframe: Send Sec-Required-CSP when `csp` attribute of <iframe> is not empty.]
+    expected: FAIL
+
+  [Test Required-CSP value on `csp` change: Send Sec-Required-CSP when `csp` attribute of <iframe> is not empty.]
+    expected: FAIL
+
+  [Test same origin: Send Sec-Required-CSP Header on change of `src` attribute on iframe.]
+    expected: FAIL
+
+  [Test same origin redirect: Send Sec-Required-CSP Header on change of `src` attribute on iframe.]
+    expected: FAIL
+
+  [Test cross origin redirect: Send Sec-Required-CSP Header on change of `src` attribute on iframe.]
+    expected: FAIL
+
+  [Test cross origin redirect of cross origin iframe: Send Sec-Required-CSP Header on change of `src` attribute on iframe.]
+    expected: FAIL
+
+  [Test Required-CSP value on `csp` change: Send Sec-Required-CSP Header on change of `src` attribute on iframe.]
+    expected: FAIL
+
+  [Test same origin: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - gibberish csp]
+    expected: FAIL
+
+  [Test same origin redirect: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - gibberish csp]
+    expected: FAIL
+
+  [Test cross origin redirect: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - gibberish csp]
+    expected: FAIL
+
+  [Test cross origin redirect of cross origin iframe: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - gibberish csp]
+    expected: FAIL
+
+  [Test Required-CSP value on `csp` change: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - gibberish csp]
+    expected: FAIL
+
+  [Test same origin: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - unknown policy name]
+    expected: FAIL
+
+  [Test same origin redirect: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - unknown policy name]
+    expected: FAIL
+
+  [Test cross origin redirect: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - unknown policy name]
+    expected: FAIL
+
+  [Test cross origin redirect of cross origin iframe: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - unknown policy name]
+    expected: FAIL
+
+  [Test Required-CSP value on `csp` change: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - unknown policy name]
+    expected: FAIL
+
+  [Test same origin: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - unknown policy name in multiple directives]
+    expected: FAIL
+
+  [Test same origin redirect: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - unknown policy name in multiple directives]
+    expected: FAIL
+
+  [Test cross origin redirect: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - unknown policy name in multiple directives]
+    expected: FAIL
+
+  [Test cross origin redirect of cross origin iframe: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - unknown policy name in multiple directives]
+    expected: FAIL
+
+  [Test Required-CSP value on `csp` change: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - unknown policy name in multiple directives]
+    expected: FAIL
+
+  [Test same origin: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - misspeled 'none']
+    expected: FAIL
+
+  [Test same origin redirect: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - misspeled 'none']
+    expected: FAIL
+
+  [Test cross origin redirect: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - misspeled 'none']
+    expected: FAIL
+
+  [Test cross origin redirect of cross origin iframe: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - misspeled 'none']
+    expected: FAIL
+
+  [Test Required-CSP value on `csp` change: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - misspeled 'none']
+    expected: FAIL
+
+  [Test same origin: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - query values in path]
+    expected: FAIL
+
+  [Test same origin redirect: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - query values in path]
+    expected: FAIL
+
+  [Test cross origin redirect: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - query values in path]
+    expected: FAIL
+
+  [Test cross origin redirect of cross origin iframe: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - query values in path]
+    expected: FAIL
+
+  [Test Required-CSP value on `csp` change: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - query values in path]
+    expected: FAIL
+
+  [Test same origin: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - missing semicolon]
+    expected: FAIL
+
+  [Test same origin redirect: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - missing semicolon]
+    expected: FAIL
+
+  [Test cross origin redirect: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - missing semicolon]
+    expected: FAIL
+
+  [Test cross origin redirect of cross origin iframe: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - missing semicolon]
+    expected: FAIL
+
+  [Test Required-CSP value on `csp` change: Wrong but allowed value of `csp` should still trigger sending Sec-Required-CSP Header - missing semicolon]
+    expected: FAIL
+
+  [Test Required-CSP value on `csp` change: Wrong and dangerous value of `csp` should not trigger sending Sec-Required-CSP Header - comma separated]
+    expected: FAIL
+
+  [Test Required-CSP value on `csp` change: Wrong and dangerous value of `csp` should not trigger sending Sec-Required-CSP Header - invalid characters in directive names]
+    expected: FAIL
+
+  [Test Required-CSP value on `csp` change: Wrong and dangerous value of `csp` should not trigger sending Sec-Required-CSP Header - invalid character in directive name]
+    expected: FAIL
+
+  [Test Required-CSP value on `csp` change: Wrong and dangerous value of `csp` should not trigger sending Sec-Required-CSP Header - report-uri present]
+    expected: FAIL
+
+  [Test Required-CSP value on `csp` change: Wrong and dangerous value of `csp` should not trigger sending Sec-Required-CSP Header - report-to present]
+    expected: FAIL
+
+  [Test Required-CSP value on `csp` change: Sec-Required-CSP is not sent if `csp` attribute is longer than 4096 bytes]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-general.html.ini b/tests/wpt/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-general.html.ini
new file mode 100644
index 00000000000..17be9612c26
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-general.html.ini
@@ -0,0 +1,21 @@
+[subsumption_algorithm-general.html]
+  [Iframe with empty returned CSP should be blocked.]
+    expected: FAIL
+
+  [Iframe with less restricting CSP should be blocked.]
+    expected: FAIL
+
+  [Iframe with a different CSP should be blocked.]
+    expected: FAIL
+
+  [Host wildcard *.a.com does not match a.com]
+    expected: FAIL
+
+  [Iframe should block if intersection allows sources which are not in required_csp.]
+    expected: FAIL
+
+  [Iframe should block if intersection allows sources which are not in required_csp (other ordering).]
+    expected: FAIL
+
+  [Removed plugin-types directive should be ignored 3.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-hashes.html.ini b/tests/wpt/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-hashes.html.ini
new file mode 100644
index 00000000000..52a06599411
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-hashes.html.ini
@@ -0,0 +1,18 @@
+[subsumption_algorithm-hashes.html]
+  [Returned should not include hashes not present in required csp.]
+    expected: FAIL
+
+  [Hashes do not have to be present in returned csp but must not allow all inline behavior.]
+    expected: FAIL
+
+  [Other expressions have to be subsumed.]
+    expected: FAIL
+
+  [Required csp must allow 'sha256-abc123'.]
+    expected: FAIL
+
+  [Effective policy is properly found where 'sha256-abc123' is not subsumed.]
+    expected: FAIL
+
+  ['sha256-abc123' is not subsumed by 'sha256-abc456'.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-host_sources-hosts.html.ini b/tests/wpt/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-host_sources-hosts.html.ini
new file mode 100644
index 00000000000..d45034b98bb
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-host_sources-hosts.html.ini
@@ -0,0 +1,12 @@
+[subsumption_algorithm-host_sources-hosts.html]
+  [Host must match.]
+    expected: FAIL
+
+  [Hosts without wildcards must match.]
+    expected: FAIL
+
+  [More specific subdomain should not match.]
+    expected: FAIL
+
+  [Specified host should not match a wildcard host.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-host_sources-paths.html.ini b/tests/wpt/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-host_sources-paths.html.ini
new file mode 100644
index 00000000000..a209654a16a
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-host_sources-paths.html.ini
@@ -0,0 +1,9 @@
+[subsumption_algorithm-host_sources-paths.html]
+  [Returned CSP must specify a path.]
+    expected: FAIL
+
+  [Empty path is not subsumed by specified paths.]
+    expected: FAIL
+
+  [That should not be true when required csp specifies a specific page.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-host_sources-ports.html.ini b/tests/wpt/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-host_sources-ports.html.ini
new file mode 100644
index 00000000000..71eee1cc3a6
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-host_sources-ports.html.ini
@@ -0,0 +1,12 @@
+[subsumption_algorithm-host_sources-ports.html]
+  [Specified ports must match.]
+    expected: FAIL
+
+  [Returned CSP should be subsumed if the port is specified but is not default for a more secure scheme.]
+    expected: FAIL
+
+  [Wildcard port should not be subsumed by a default port.]
+    expected: FAIL
+
+  [Wildcard port should not be subsumed by a spcified port.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-host_sources-protocols.html.ini b/tests/wpt/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-host_sources-protocols.html.ini
new file mode 100644
index 00000000000..7667e7f2f15
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-host_sources-protocols.html.ini
@@ -0,0 +1,12 @@
+[subsumption_algorithm-host_sources-protocols.html]
+  [`https` is more restrictive than `http`.]
+    expected: FAIL
+
+  [`http:` does not subsume other protocols.]
+    expected: FAIL
+
+  [If scheme source is present in returned csp, it must be specified in required csp too.]
+    expected: FAIL
+
+  [All scheme sources must be subsumed.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-nonces.html.ini b/tests/wpt/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-nonces.html.ini
new file mode 100644
index 00000000000..beac34a684b
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-nonces.html.ini
@@ -0,0 +1,9 @@
+[subsumption_algorithm-nonces.html]
+  [A nonce has to be returned if required by the embedder.]
+    expected: FAIL
+
+  [Nonce intersection is still done on exact match - matching nonces.]
+    expected: FAIL
+
+  [Other expressions still have to be subsumed - negative test]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-none.html.ini b/tests/wpt/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-none.html.ini
new file mode 100644
index 00000000000..32ef4ddd0df
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-none.html.ini
@@ -0,0 +1,21 @@
+[subsumption_algorithm-none.html]
+  [Required policy that allows `none` does not subsume empty list of policies.]
+    expected: FAIL
+
+  [Required csp with effective `none` does not subsume a host source expression.]
+    expected: FAIL
+
+  [Required csp with `none` does not subsume a host source expression.]
+    expected: FAIL
+
+  [Required csp with effective `none` does not subsume `none` of another directive.]
+    expected: FAIL
+
+  [Required csp with `none` does not subsume `none` of another directive.]
+    expected: FAIL
+
+  [Required csp with `none` does not subsume `none` of different directives.]
+    expected: FAIL
+
+  [Both required and returned csp are `none` for only one directive.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-self.html.ini b/tests/wpt/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-self.html.ini
new file mode 100644
index 00000000000..6fc6208a3db
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-self.html.ini
@@ -0,0 +1,6 @@
+[subsumption_algorithm-self.html]
+  [Returned CSP must not allow 'self' if required CSP does not.]
+    expected: FAIL
+
+  [Returned 'self' should not be subsumed by a more secure version of origin's url.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-source_list-wildcards.html.ini b/tests/wpt/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-source_list-wildcards.html.ini
new file mode 100644
index 00000000000..bb05e009d9e
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-source_list-wildcards.html.ini
@@ -0,0 +1,45 @@
+[subsumption_algorithm-source_list-wildcards.html]
+  [Wildcard does not subsume empty list.]
+    expected: FAIL
+
+  [Empty source list does not subsume a wildcard source list.]
+    expected: FAIL
+
+  ['none' does not subsume a wildcard source list.]
+    expected: FAIL
+
+  [Wildcard source list does not subsume `data:` scheme source expression.]
+    expected: FAIL
+
+  [Wildcard source list does not subsume `blob:` scheme source expression.]
+    expected: FAIL
+
+  [Source expressions do not subsume effective nonce expressions.]
+    expected: FAIL
+
+  [Wildcard source list is not subsumed by a host expression.]
+    expected: FAIL
+
+  [Wildcard list with keywords is not subsumed by a wildcard list.]
+    expected: FAIL
+
+  [Wildcard list with 'unsafe-hashes' is not subsumed by a wildcard list.]
+    expected: FAIL
+
+  [Wildcard list with 'unsafe-inline' is not subsumed by a wildcard list.]
+    expected: FAIL
+
+  [Wildcard list with 'unsafe-eval' is not subsumed by a wildcard list.]
+    expected: FAIL
+
+  [Wildcard list with 'unsafe-eval' is not subsumed by list with a single expression.]
+    expected: FAIL
+
+  [The same as above but for 'unsafe-inline'.]
+    expected: FAIL
+
+  [`data:` is not subsumed by a wildcard list.]
+    expected: FAIL
+
+  [`blob:` is not subsumed by a wildcard list.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-strict_dynamic.html.ini b/tests/wpt/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-strict_dynamic.html.ini
new file mode 100644
index 00000000000..1ac21eb5c3f
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-strict_dynamic.html.ini
@@ -0,0 +1,9 @@
+[subsumption_algorithm-strict_dynamic.html]
+  ['strict-dynamic' is effective only for `script-src`.]
+    expected: FAIL
+
+  ['strict-dynamic' is properly handled for finding effective policy.]
+    expected: FAIL
+
+  ['strict-dynamic' has to be allowed by required csp if it is present in returned csp.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-unsafe_eval.html.ini b/tests/wpt/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-unsafe_eval.html.ini
new file mode 100644
index 00000000000..e5f8147c981
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-unsafe_eval.html.ini
@@ -0,0 +1,12 @@
+[subsumption_algorithm-unsafe_eval.html]
+  [No other keyword has the same effect as 'unsafe-eval'.]
+    expected: FAIL
+
+  [Other expressions have to be subsumed.]
+    expected: FAIL
+
+  [Required csp must allow 'unsafe-eval'.]
+    expected: FAIL
+
+  [Effective policy is properly found where 'unsafe-eval' is not subsumed.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-unsafe_hashes.html.ini b/tests/wpt/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-unsafe_hashes.html.ini
new file mode 100644
index 00000000000..be8fe1e17a1
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-unsafe_hashes.html.ini
@@ -0,0 +1,12 @@
+[subsumption_algorithm-unsafe_hashes.html]
+  [No other keyword has the same effect as 'unsafe-hashes'.]
+    expected: FAIL
+
+  [Other expressions have to be subsumed.]
+    expected: FAIL
+
+  [Required csp must allow 'unsafe-hashes'.]
+    expected: FAIL
+
+  [Effective policy is properly found where 'unsafe-hashes' is not subsumed.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-unsafe_inline.html.ini b/tests/wpt/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-unsafe_inline.html.ini
new file mode 100644
index 00000000000..7921da71005
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-unsafe_inline.html.ini
@@ -0,0 +1,18 @@
+[subsumption_algorithm-unsafe_inline.html?9-last]
+  [Required csp allows `strict-dynamic`, but retuned csp does.]
+    expected: FAIL
+
+  [Required csp does not allow `unsafe-inline`, but retuned csp does.]
+    expected: FAIL
+
+  [Returned csp allows a nonce.]
+    expected: FAIL
+
+  [Returned csp allows a hash.]
+    expected: FAIL
+
+  [Effective returned csp allows 'unsafe-inline']
+    expected: FAIL
+
+
+[subsumption_algorithm-unsafe_inline.html?1-8]
diff --git a/tests/wpt/meta/content-security-policy/font-src/font-match-allowed.sub.html.ini b/tests/wpt/meta/content-security-policy/font-src/font-match-allowed.sub.html.ini
new file mode 100644
index 00000000000..6c90dc5033b
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/font-src/font-match-allowed.sub.html.ini
@@ -0,0 +1,4 @@
+[font-match-allowed.sub.html]
+  expected: TIMEOUT
+  [Test font loads if it matches font-src.]
+    expected: TIMEOUT
diff --git a/tests/wpt/meta/content-security-policy/font-src/font-mismatch-blocked.sub.html.ini b/tests/wpt/meta/content-security-policy/font-src/font-mismatch-blocked.sub.html.ini
new file mode 100644
index 00000000000..39efa2c9cb2
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/font-src/font-mismatch-blocked.sub.html.ini
@@ -0,0 +1,4 @@
+[font-mismatch-blocked.sub.html]
+  expected: TIMEOUT
+  [Test font does not load if it does not match font-src.]
+    expected: TIMEOUT
diff --git a/tests/wpt/meta/content-security-policy/font-src/font-none-blocked.sub.html.ini b/tests/wpt/meta/content-security-policy/font-src/font-none-blocked.sub.html.ini
new file mode 100644
index 00000000000..911f745bb2c
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/font-src/font-none-blocked.sub.html.ini
@@ -0,0 +1,4 @@
+[font-none-blocked.sub.html]
+  expected: TIMEOUT
+  [Test font does not load if it does not match font-src.]
+    expected: TIMEOUT
diff --git a/tests/wpt/meta/content-security-policy/font-src/font-self-allowed.html.ini b/tests/wpt/meta/content-security-policy/font-src/font-self-allowed.html.ini
new file mode 100644
index 00000000000..3f0903770c4
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/font-src/font-self-allowed.html.ini
@@ -0,0 +1,4 @@
+[font-self-allowed.html]
+  expected: TIMEOUT
+  [Test font loads if it matches font-src.]
+    expected: TIMEOUT
diff --git a/tests/wpt/meta/content-security-policy/font-src/font-stylesheet-font-blocked.sub.html.ini b/tests/wpt/meta/content-security-policy/font-src/font-stylesheet-font-blocked.sub.html.ini
new file mode 100644
index 00000000000..a58c79c1fe9
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/font-src/font-stylesheet-font-blocked.sub.html.ini
@@ -0,0 +1,4 @@
+[font-stylesheet-font-blocked.sub.html]
+  expected: TIMEOUT
+  [Test font does not load if it does not match font-src.]
+    expected: TIMEOUT
diff --git a/tests/wpt/meta/content-security-policy/form-action/form-action-src-blocked.sub.html.ini b/tests/wpt/meta/content-security-policy/form-action/form-action-src-blocked.sub.html.ini
new file mode 100644
index 00000000000..3e19126dc82
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/form-action/form-action-src-blocked.sub.html.ini
@@ -0,0 +1,6 @@
+[form-action-src-blocked.sub.html]
+  [Expecting logs: ["violated-directive=form-action","TEST COMPLETE"\]]
+    expected: FAIL
+
+  [form-action-src-blocked]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/form-action/form-action-src-get-blocked.sub.html.ini b/tests/wpt/meta/content-security-policy/form-action/form-action-src-get-blocked.sub.html.ini
new file mode 100644
index 00000000000..6bfb5c7b2d2
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/form-action/form-action-src-get-blocked.sub.html.ini
@@ -0,0 +1,3 @@
+[form-action-src-get-blocked.sub.html]
+  [Expecting logs: ["violated-directive=form-action","TEST COMPLETE"\]]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/form-action/form-action-src-javascript-blocked.sub.html.ini b/tests/wpt/meta/content-security-policy/form-action/form-action-src-javascript-blocked.sub.html.ini
new file mode 100644
index 00000000000..0c3b09b5436
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/form-action/form-action-src-javascript-blocked.sub.html.ini
@@ -0,0 +1,3 @@
+[form-action-src-javascript-blocked.sub.html]
+  [Expecting logs: ["violated-directive=form-action","TEST COMPLETE"\]]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/form-action/form-action-src-redirect-blocked.sub.html.ini b/tests/wpt/meta/content-security-policy/form-action/form-action-src-redirect-blocked.sub.html.ini
new file mode 100644
index 00000000000..991d6bf5ce2
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/form-action/form-action-src-redirect-blocked.sub.html.ini
@@ -0,0 +1,6 @@
+[form-action-src-redirect-blocked.sub.html]
+  [Expecting logs: ["violated-directive=form-action","blocked-uri=http://web-platform.test:8000/common/redirect.py?location=http://www1.web-platform.test:8000/content-security-policy/support/postmessage-fail.html","TEST COMPLETE"\]]
+    expected: FAIL
+
+  [form-action-src-redirect-blocked]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/frame-ancestors/frame-ancestors-from-serviceworker.https.html.ini b/tests/wpt/meta/content-security-policy/frame-ancestors/frame-ancestors-from-serviceworker.https.html.ini
new file mode 100644
index 00000000000..f4abd9c7f54
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/frame-ancestors/frame-ancestors-from-serviceworker.https.html.ini
@@ -0,0 +1,4 @@
+[frame-ancestors-from-serviceworker.https.html]
+  expected: ERROR
+  [A 'frame-ancestors' CSP directive set from a serviceworker response with a value 'none' should block rendering.]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-cross-none-block.html.ini b/tests/wpt/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-cross-none-block.html.ini
new file mode 100644
index 00000000000..85197986fba
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-cross-none-block.html.ini
@@ -0,0 +1,3 @@
+[frame-ancestors-nested-cross-in-cross-none-block.html]
+  [A 'frame-ancestors' CSP directive with a value 'none' should block rendering in nested frames.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-cross-self-block.html.ini b/tests/wpt/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-cross-self-block.html.ini
new file mode 100644
index 00000000000..05706b70fde
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-cross-self-block.html.ini
@@ -0,0 +1,3 @@
+[frame-ancestors-nested-cross-in-cross-self-block.html]
+  [A 'frame-ancestors' CSP directive with a value 'self' should block render in same-origin nested frames.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-cross-url-block.html.ini b/tests/wpt/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-cross-url-block.html.ini
new file mode 100644
index 00000000000..4c8783ec9cb
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-cross-url-block.html.ini
@@ -0,0 +1,3 @@
+[frame-ancestors-nested-cross-in-cross-url-block.html]
+  [A 'frame-ancestors' CSP directive with a URL value should block or allow rendering in nested frames as appropriate.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-cross-none-block.html.ini b/tests/wpt/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-cross-none-block.html.ini
new file mode 100644
index 00000000000..e62d12e8b11
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-cross-none-block.html.ini
@@ -0,0 +1,3 @@
+[frame-ancestors-nested-same-in-cross-none-block.html]
+  [A 'frame-ancestors' CSP directive with a value 'none' should block rendering in nested frames.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-cross-self-block.html.ini b/tests/wpt/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-cross-self-block.html.ini
new file mode 100644
index 00000000000..2cac8df4a5c
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-cross-self-block.html.ini
@@ -0,0 +1,3 @@
+[frame-ancestors-nested-same-in-cross-self-block.html]
+  [A 'frame-ancestors' CSP directive with a value 'self' should block render in same-origin nested frames.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-cross-url-block.html.ini b/tests/wpt/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-cross-url-block.html.ini
new file mode 100644
index 00000000000..b8055da2147
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-cross-url-block.html.ini
@@ -0,0 +1,3 @@
+[frame-ancestors-nested-same-in-cross-url-block.html]
+  [A 'frame-ancestors' CSP directive with a URL value should block or allow rendering in nested frames as appropriate.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-same-none-block.html.ini b/tests/wpt/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-same-none-block.html.ini
new file mode 100644
index 00000000000..17b0cc814fe
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-same-none-block.html.ini
@@ -0,0 +1,3 @@
+[frame-ancestors-nested-same-in-same-none-block.html]
+  [A 'frame-ancestors' CSP directive with a value 'none' should block rendering in nested frames.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-same-url-block.html.ini b/tests/wpt/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-same-url-block.html.ini
new file mode 100644
index 00000000000..39bc42ba8f4
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-same-url-block.html.ini
@@ -0,0 +1,3 @@
+[frame-ancestors-nested-same-in-same-url-block.html]
+  [A 'frame-ancestors' CSP directive with a URL value should block or allow rendering in nested frames as appropriate.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/frame-ancestors/frame-ancestors-none-block.html.ini b/tests/wpt/meta/content-security-policy/frame-ancestors/frame-ancestors-none-block.html.ini
new file mode 100644
index 00000000000..8d64bd37513
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/frame-ancestors/frame-ancestors-none-block.html.ini
@@ -0,0 +1,3 @@
+[frame-ancestors-none-block.html]
+  [A 'frame-ancestors' CSP directive with a value 'none' should block rendering.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/frame-ancestors/frame-ancestors-overrides-xfo.html.ini b/tests/wpt/meta/content-security-policy/frame-ancestors/frame-ancestors-overrides-xfo.html.ini
new file mode 100644
index 00000000000..2bdb212bde7
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/frame-ancestors/frame-ancestors-overrides-xfo.html.ini
@@ -0,0 +1,3 @@
+[frame-ancestors-overrides-xfo.html]
+  [A 'frame-ancestors' CSP directive overrides an 'x-frame-options' header which would allow the page.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/frame-ancestors/frame-ancestors-path-ignored.window.js.ini b/tests/wpt/meta/content-security-policy/frame-ancestors/frame-ancestors-path-ignored.window.js.ini
new file mode 100644
index 00000000000..493d04ea590
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/frame-ancestors/frame-ancestors-path-ignored.window.js.ini
@@ -0,0 +1,3 @@
+[frame-ancestors-path-ignored.window.html]
+  [A 'frame-ancestors' CSP directive with a URL that includes a path should be ignored.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/frame-ancestors/report-blocked-frame.sub.html.ini b/tests/wpt/meta/content-security-policy/frame-ancestors/report-blocked-frame.sub.html.ini
new file mode 100644
index 00000000000..87668edee55
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/frame-ancestors/report-blocked-frame.sub.html.ini
@@ -0,0 +1,3 @@
+[report-blocked-frame.sub.html]
+  [Violation report status OK.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/frame-ancestors/report-only-frame.sub.html.ini b/tests/wpt/meta/content-security-policy/frame-ancestors/report-only-frame.sub.html.ini
new file mode 100644
index 00000000000..452f2bda704
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/frame-ancestors/report-only-frame.sub.html.ini
@@ -0,0 +1,3 @@
+[report-only-frame.sub.html]
+  [Violation report status OK.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/frame-src/frame-src-blocked.sub.html.ini b/tests/wpt/meta/content-security-policy/frame-src/frame-src-blocked.sub.html.ini
new file mode 100644
index 00000000000..0ba5c4c9773
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/frame-src/frame-src-blocked.sub.html.ini
@@ -0,0 +1,4 @@
+[frame-src-blocked.sub.html]
+  expected: ERROR
+  [Expecting logs: ["PASS IFrame #1 generated a load event.","violated-directive=frame-src"\]]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/frame-src/frame-src-cross-origin-same-document-navigation.window.js.ini b/tests/wpt/meta/content-security-policy/frame-src/frame-src-cross-origin-same-document-navigation.window.js.ini
new file mode 100644
index 00000000000..84d3f383610
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/frame-src/frame-src-cross-origin-same-document-navigation.window.js.ini
@@ -0,0 +1,3 @@
+[frame-src-cross-origin-same-document-navigation.window.html]
+  [frame-src-cross-origin-same-document-navigation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/frame-src/frame-src-redirect.html.ini b/tests/wpt/meta/content-security-policy/frame-src/frame-src-redirect.html.ini
new file mode 100644
index 00000000000..d9e7e433022
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/frame-src/frame-src-redirect.html.ini
@@ -0,0 +1,4 @@
+[frame-src-redirect.html]
+  expected: TIMEOUT
+  [Redirected iframe src should evaluate both enforced and report-only policies on both original request and when following redirect]
+    expected: TIMEOUT
diff --git a/tests/wpt/meta/content-security-policy/frame-src/frame-src-same-document-meta.sub.html.ini b/tests/wpt/meta/content-security-policy/frame-src/frame-src-same-document-meta.sub.html.ini
new file mode 100644
index 00000000000..76c2310e18b
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/frame-src/frame-src-same-document-meta.sub.html.ini
@@ -0,0 +1,4 @@
+[frame-src-same-document-meta.sub.html]
+  expected: TIMEOUT
+  [Same-document navigations in an iframe blocked by CSP frame-src dynamically using the <meta> tag]
+    expected: TIMEOUT
diff --git a/tests/wpt/meta/content-security-policy/frame-src/frame-src-same-document.sub.html.ini b/tests/wpt/meta/content-security-policy/frame-src/frame-src-same-document.sub.html.ini
new file mode 100644
index 00000000000..5dfedaaf046
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/frame-src/frame-src-same-document.sub.html.ini
@@ -0,0 +1,4 @@
+[frame-src-same-document.sub.html]
+  expected: TIMEOUT
+  [Same-document navigation in an iframe blocked by CSP frame-src]
+    expected: TIMEOUT
diff --git a/tests/wpt/meta/content-security-policy/frame-src/frame-src-self-unique-origin.html.ini b/tests/wpt/meta/content-security-policy/frame-src/frame-src-self-unique-origin.html.ini
new file mode 100644
index 00000000000..3f276fa4eb9
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/frame-src/frame-src-self-unique-origin.html.ini
@@ -0,0 +1,4 @@
+[frame-src-self-unique-origin.html]
+  expected: TIMEOUT
+  [Iframe's url must not match with 'self'. It must be blocked.]
+    expected: TIMEOUT
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/script-tag.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/script-tag.http.html.ini
new file mode 100644
index 00000000000..e29f4dd5d4e
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/script-tag.http.html.ini
@@ -0,0 +1,15 @@
+[script-tag.http.html]
+  [Content Security Policy: Expects blocked for script-tag to cross-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for script-tag to cross-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for script-tag to cross-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for script-tag to same-http origin and swap-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for script-tag to same-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/script-tag.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/script-tag.https.html.ini
new file mode 100644
index 00000000000..bbe30519d0b
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/script-tag.https.html.ini
@@ -0,0 +1,15 @@
+[script-tag.https.html]
+  [Content Security Policy: Expects blocked for script-tag to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for script-tag to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for script-tag to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for script-tag to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for script-tag to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/sharedworker-classic.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/sharedworker-classic.http.html.ini
new file mode 100644
index 00000000000..b3f759cfae0
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/sharedworker-classic.http.html.ini
@@ -0,0 +1,6 @@
+[sharedworker-classic.http.html]
+  [Content Security Policy: Expects allowed for sharedworker-classic to same-http origin and keep-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-classic to same-http origin and no-redirect redirection from http context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/sharedworker-classic.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/sharedworker-classic.https.html.ini
new file mode 100644
index 00000000000..97b882b5f1f
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/sharedworker-classic.https.html.ini
@@ -0,0 +1,6 @@
+[sharedworker-classic.https.html]
+  [Content Security Policy: Expects allowed for sharedworker-classic to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-classic to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/sharedworker-import-data.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/sharedworker-import-data.http.html.ini
new file mode 100644
index 00000000000..a45c64db259
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/sharedworker-import-data.http.html.ini
@@ -0,0 +1,18 @@
+[sharedworker-import-data.http.html]
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/sharedworker-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/sharedworker-import-data.https.html.ini
new file mode 100644
index 00000000000..921d40badc0
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/sharedworker-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[sharedworker-import-data.https.html]
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/sharedworker-import.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/sharedworker-import.http.html.ini
new file mode 100644
index 00000000000..bea121921e7
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/sharedworker-import.http.html.ini
@@ -0,0 +1,18 @@
+[sharedworker-import.http.html]
+  [Content Security Policy: Expects allowed for sharedworker-import to same-http origin and keep-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-import to same-http origin and no-redirect redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to same-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/sharedworker-import.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/sharedworker-import.https.html.ini
new file mode 100644
index 00000000000..8b4f9913c21
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/sharedworker-import.https.html.ini
@@ -0,0 +1,18 @@
+[sharedworker-import.https.html]
+  [Content Security Policy: Expects allowed for sharedworker-import to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-import to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/sharedworker-module.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/sharedworker-module.http.html.ini
new file mode 100644
index 00000000000..29ec5913022
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/sharedworker-module.http.html.ini
@@ -0,0 +1,6 @@
+[sharedworker-module.http.html]
+  [Content Security Policy: Expects allowed for sharedworker-module to same-http origin and keep-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-module to same-http origin and no-redirect redirection from http context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/sharedworker-module.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/sharedworker-module.https.html.ini
new file mode 100644
index 00000000000..3f885487b53
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/sharedworker-module.https.html.ini
@@ -0,0 +1,6 @@
+[sharedworker-module.https.html]
+  [Content Security Policy: Expects allowed for sharedworker-module to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-module to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/worker-import-data.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/worker-import-data.http.html.ini
new file mode 100644
index 00000000000..437d2f9f629
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/worker-import-data.http.html.ini
@@ -0,0 +1,18 @@
+[worker-import-data.http.html]
+  [Content Security Policy: Expects blocked for worker-import-data to cross-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to cross-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to cross-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/worker-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/worker-import-data.https.html.ini
new file mode 100644
index 00000000000..7ae7249b54b
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/worker-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[worker-import-data.https.html]
+  [Content Security Policy: Expects blocked for worker-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/worker-import.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/worker-import.http.html.ini
new file mode 100644
index 00000000000..608c98d386b
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/worker-import.http.html.ini
@@ -0,0 +1,18 @@
+[worker-import.http.html]
+  [Content Security Policy: Expects allowed for worker-import to same-http origin and keep-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worker-import to same-http origin and no-redirect redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to same-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/worker-import.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/worker-import.https.html.ini
new file mode 100644
index 00000000000..527cfd1eaa1
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/worker-import.https.html.ini
@@ -0,0 +1,18 @@
+[worker-import.https.html]
+  [Content Security Policy: Expects allowed for worker-import to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worker-import to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/worklet-animation-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/worklet-animation-import-data.https.html.ini
new file mode 100644
index 00000000000..0047e9e5edb
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/worklet-animation-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-animation-import-data.https.html]
+  [Content Security Policy: Expects blocked for worklet-animation-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/worklet-animation.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/worklet-animation.https.html.ini
new file mode 100644
index 00000000000..56956467bb0
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/worklet-animation.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-animation.https.html]
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/worklet-audio-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/worklet-audio-import-data.https.html.ini
new file mode 100644
index 00000000000..6eece95fb56
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/worklet-audio-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-audio-import-data.https.html]
+  [Content Security Policy: Expects blocked for worklet-audio-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-audio-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-audio-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-audio-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-audio-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-audio-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/worklet-audio.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/worklet-audio.https.html.ini
new file mode 100644
index 00000000000..69622b1f718
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/worklet-audio.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-audio.https.html]
+  [Content Security Policy: Expects allowed for worklet-audio to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-audio to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-audio to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-audio to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-audio to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/worklet-layout-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/worklet-layout-import-data.https.html.ini
new file mode 100644
index 00000000000..94e74056e3b
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/worklet-layout-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-layout-import-data.https.html]
+  [Content Security Policy: Expects blocked for worklet-layout-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/worklet-layout.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/worklet-layout.https.html.ini
new file mode 100644
index 00000000000..86dcbe91c71
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/worklet-layout.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-layout.https.html]
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/worklet-paint-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/worklet-paint-import-data.https.html.ini
new file mode 100644
index 00000000000..d79d620f445
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/worklet-paint-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-paint-import-data.https.html]
+  [Content Security Policy: Expects blocked for worklet-paint-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/worklet-paint.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/worklet-paint.https.html.ini
new file mode 100644
index 00000000000..90d3d6df098
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-self/worklet-paint.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-paint.https.html]
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-classic.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-classic.http.html.ini
new file mode 100644
index 00000000000..b3f759cfae0
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-classic.http.html.ini
@@ -0,0 +1,6 @@
+[sharedworker-classic.http.html]
+  [Content Security Policy: Expects allowed for sharedworker-classic to same-http origin and keep-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-classic to same-http origin and no-redirect redirection from http context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-classic.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-classic.https.html.ini
new file mode 100644
index 00000000000..97b882b5f1f
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-classic.https.html.ini
@@ -0,0 +1,6 @@
+[sharedworker-classic.https.html]
+  [Content Security Policy: Expects allowed for sharedworker-classic to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-classic to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-import-data.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-import-data.http.html.ini
new file mode 100644
index 00000000000..a45c64db259
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-import-data.http.html.ini
@@ -0,0 +1,18 @@
+[sharedworker-import-data.http.html]
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-import-data.https.html.ini
new file mode 100644
index 00000000000..921d40badc0
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[sharedworker-import-data.https.html]
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-import.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-import.http.html.ini
new file mode 100644
index 00000000000..6f6c214ac7b
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-import.http.html.ini
@@ -0,0 +1,18 @@
+[sharedworker-import.http.html]
+  [Content Security Policy: Expects allowed for sharedworker-import to cross-http origin and keep-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-import to cross-http origin and no-redirect redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-import to cross-http origin and swap-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-import to same-http origin and keep-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-import to same-http origin and no-redirect redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-import to same-http origin and swap-origin redirection from http context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-import.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-import.https.html.ini
new file mode 100644
index 00000000000..3c993624663
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-import.https.html.ini
@@ -0,0 +1,18 @@
+[sharedworker-import.https.html]
+  [Content Security Policy: Expects allowed for sharedworker-import to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-import to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-import to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-import to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-import to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-import to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-module.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-module.http.html.ini
new file mode 100644
index 00000000000..29ec5913022
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-module.http.html.ini
@@ -0,0 +1,6 @@
+[sharedworker-module.http.html]
+  [Content Security Policy: Expects allowed for sharedworker-module to same-http origin and keep-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-module to same-http origin and no-redirect redirection from http context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-module.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-module.https.html.ini
new file mode 100644
index 00000000000..3f885487b53
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-module.https.html.ini
@@ -0,0 +1,6 @@
+[sharedworker-module.https.html]
+  [Content Security Policy: Expects allowed for sharedworker-module to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-module to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worker-import-data.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worker-import-data.http.html.ini
new file mode 100644
index 00000000000..437d2f9f629
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worker-import-data.http.html.ini
@@ -0,0 +1,18 @@
+[worker-import-data.http.html]
+  [Content Security Policy: Expects blocked for worker-import-data to cross-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to cross-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to cross-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worker-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worker-import-data.https.html.ini
new file mode 100644
index 00000000000..7ae7249b54b
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worker-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[worker-import-data.https.html]
+  [Content Security Policy: Expects blocked for worker-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worker-import.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worker-import.http.html.ini
new file mode 100644
index 00000000000..7a5623c4d4d
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worker-import.http.html.ini
@@ -0,0 +1,18 @@
+[worker-import.http.html]
+  [Content Security Policy: Expects allowed for worker-import to cross-http origin and keep-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worker-import to cross-http origin and no-redirect redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worker-import to cross-http origin and swap-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worker-import to same-http origin and keep-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worker-import to same-http origin and no-redirect redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worker-import to same-http origin and swap-origin redirection from http context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worker-import.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worker-import.https.html.ini
new file mode 100644
index 00000000000..0def7660cac
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worker-import.https.html.ini
@@ -0,0 +1,18 @@
+[worker-import.https.html]
+  [Content Security Policy: Expects allowed for worker-import to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worker-import to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worker-import to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worker-import to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worker-import to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worker-import to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worklet-animation-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worklet-animation-import-data.https.html.ini
new file mode 100644
index 00000000000..0047e9e5edb
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worklet-animation-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-animation-import-data.https.html]
+  [Content Security Policy: Expects blocked for worklet-animation-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worklet-animation.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worklet-animation.https.html.ini
new file mode 100644
index 00000000000..b86a23f746c
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worklet-animation.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-animation.https.html]
+  [Content Security Policy: Expects allowed for worklet-animation to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worklet-audio-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worklet-audio-import-data.https.html.ini
new file mode 100644
index 00000000000..6eece95fb56
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worklet-audio-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-audio-import-data.https.html]
+  [Content Security Policy: Expects blocked for worklet-audio-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-audio-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-audio-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-audio-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-audio-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-audio-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worklet-audio.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worklet-audio.https.html.ini
new file mode 100644
index 00000000000..ecf7af4c0b0
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worklet-audio.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-audio.https.html]
+  [Content Security Policy: Expects allowed for worklet-audio to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worklet-layout-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worklet-layout-import-data.https.html.ini
new file mode 100644
index 00000000000..94e74056e3b
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worklet-layout-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-layout-import-data.https.html]
+  [Content Security Policy: Expects blocked for worklet-layout-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worklet-layout.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worklet-layout.https.html.ini
new file mode 100644
index 00000000000..1faa14a5922
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worklet-layout.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-layout.https.html]
+  [Content Security Policy: Expects allowed for worklet-layout to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worklet-paint-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worklet-paint-import-data.https.html.ini
new file mode 100644
index 00000000000..d79d620f445
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worklet-paint-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-paint-import-data.https.html]
+  [Content Security Policy: Expects blocked for worklet-paint-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worklet-paint.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worklet-paint.https.html.ini
new file mode 100644
index 00000000000..84130ba65d1
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worklet-paint.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-paint.https.html]
+  [Content Security Policy: Expects allowed for worklet-paint to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-classic.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-classic.http.html.ini
new file mode 100644
index 00000000000..3b5bbab1be5
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-classic.http.html.ini
@@ -0,0 +1,6 @@
+[sharedworker-classic.http.html]
+  [Content Security Policy: Expects blocked for sharedworker-classic to same-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-classic to same-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-classic.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-classic.https.html.ini
new file mode 100644
index 00000000000..72b96f1fe61
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-classic.https.html.ini
@@ -0,0 +1,6 @@
+[sharedworker-classic.https.html]
+  [Content Security Policy: Expects blocked for sharedworker-classic to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-classic to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-import-data.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-import-data.http.html.ini
new file mode 100644
index 00000000000..a45c64db259
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-import-data.http.html.ini
@@ -0,0 +1,18 @@
+[sharedworker-import-data.http.html]
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-import-data.https.html.ini
new file mode 100644
index 00000000000..921d40badc0
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[sharedworker-import-data.https.html]
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-import.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-import.http.html.ini
new file mode 100644
index 00000000000..13c98c21e61
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-import.http.html.ini
@@ -0,0 +1,18 @@
+[sharedworker-import.http.html]
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to same-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to same-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to same-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-import.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-import.https.html.ini
new file mode 100644
index 00000000000..25d301db524
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-import.https.html.ini
@@ -0,0 +1,18 @@
+[sharedworker-import.https.html]
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-module.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-module.http.html.ini
new file mode 100644
index 00000000000..cd374fee28e
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-module.http.html.ini
@@ -0,0 +1,6 @@
+[sharedworker-module.http.html]
+  [Content Security Policy: Expects blocked for sharedworker-module to same-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-module to same-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-module.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-module.https.html.ini
new file mode 100644
index 00000000000..9ba93182139
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-module.https.html.ini
@@ -0,0 +1,6 @@
+[sharedworker-module.https.html]
+  [Content Security Policy: Expects blocked for sharedworker-module to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-module to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/worker-classic.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/worker-classic.http.html.ini
new file mode 100644
index 00000000000..7946a0b6e4b
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/worker-classic.http.html.ini
@@ -0,0 +1,12 @@
+[worker-classic.http.html]
+  [Content Security Policy: Expects blocked for worker-classic to same-http origin and keep-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-classic to same-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-classic to same-http origin and no-redirect redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-classic to same-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/worker-classic.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/worker-classic.https.html.ini
new file mode 100644
index 00000000000..012a8eeea7b
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/worker-classic.https.html.ini
@@ -0,0 +1,12 @@
+[worker-classic.https.html]
+  [Content Security Policy: Expects blocked for worker-classic to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-classic to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-classic to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-classic to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/worker-import-data.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/worker-import-data.http.html.ini
new file mode 100644
index 00000000000..437d2f9f629
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/worker-import-data.http.html.ini
@@ -0,0 +1,18 @@
+[worker-import-data.http.html]
+  [Content Security Policy: Expects blocked for worker-import-data to cross-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to cross-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to cross-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/worker-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/worker-import-data.https.html.ini
new file mode 100644
index 00000000000..7ae7249b54b
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/worker-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[worker-import-data.https.html]
+  [Content Security Policy: Expects blocked for worker-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/worker-import.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/worker-import.http.html.ini
new file mode 100644
index 00000000000..de8aee6d0d9
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/worker-import.http.html.ini
@@ -0,0 +1,18 @@
+[worker-import.http.html]
+  [Content Security Policy: Expects blocked for worker-import to cross-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to same-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to same-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to same-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/worker-import.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/worker-import.https.html.ini
new file mode 100644
index 00000000000..083522812e5
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/worker-import.https.html.ini
@@ -0,0 +1,18 @@
+[worker-import.https.html]
+  [Content Security Policy: Expects blocked for worker-import to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/worker-module.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/worker-module.http.html.ini
new file mode 100644
index 00000000000..bf1fa59e575
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/worker-module.http.html.ini
@@ -0,0 +1,12 @@
+[worker-module.http.html]
+  [Content Security Policy: Expects blocked for worker-module to same-http origin and keep-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-module to same-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-module to same-http origin and no-redirect redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-module to same-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/worker-module.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/worker-module.https.html.ini
new file mode 100644
index 00000000000..7c40dc70953
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/worker-module.https.html.ini
@@ -0,0 +1,12 @@
+[worker-module.https.html]
+  [Content Security Policy: Expects blocked for worker-module to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-module to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-module to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-module to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/worklet-animation-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/worklet-animation-import-data.https.html.ini
new file mode 100644
index 00000000000..d07fb3b5f35
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/worklet-animation-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-animation-import-data.https.html]
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/worklet-animation.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/worklet-animation.https.html.ini
new file mode 100644
index 00000000000..b86a23f746c
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/worklet-animation.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-animation.https.html]
+  [Content Security Policy: Expects allowed for worklet-animation to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/worklet-audio-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/worklet-audio-import-data.https.html.ini
new file mode 100644
index 00000000000..852411fad1e
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/worklet-audio-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-audio-import-data.https.html]
+  [Content Security Policy: Expects allowed for worklet-audio-import-data to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio-import-data to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio-import-data to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio-import-data to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio-import-data to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio-import-data to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/worklet-audio.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/worklet-audio.https.html.ini
new file mode 100644
index 00000000000..ecf7af4c0b0
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/worklet-audio.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-audio.https.html]
+  [Content Security Policy: Expects allowed for worklet-audio to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/worklet-layout-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/worklet-layout-import-data.https.html.ini
new file mode 100644
index 00000000000..e41ebb4f021
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/worklet-layout-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-layout-import-data.https.html]
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/worklet-layout.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/worklet-layout.https.html.ini
new file mode 100644
index 00000000000..1faa14a5922
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/worklet-layout.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-layout.https.html]
+  [Content Security Policy: Expects allowed for worklet-layout to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/worklet-paint-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/worklet-paint-import-data.https.html.ini
new file mode 100644
index 00000000000..e808725da67
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/worklet-paint-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-paint-import-data.https.html]
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/worklet-paint.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/worklet-paint.https.html.ini
new file mode 100644
index 00000000000..84130ba65d1
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-none/worklet-paint.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-paint.https.html]
+  [Content Security Policy: Expects allowed for worklet-paint to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-classic.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-classic.http.html.ini
new file mode 100644
index 00000000000..b3f759cfae0
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-classic.http.html.ini
@@ -0,0 +1,6 @@
+[sharedworker-classic.http.html]
+  [Content Security Policy: Expects allowed for sharedworker-classic to same-http origin and keep-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-classic to same-http origin and no-redirect redirection from http context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-classic.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-classic.https.html.ini
new file mode 100644
index 00000000000..97b882b5f1f
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-classic.https.html.ini
@@ -0,0 +1,6 @@
+[sharedworker-classic.https.html]
+  [Content Security Policy: Expects allowed for sharedworker-classic to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-classic to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-import-data.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-import-data.http.html.ini
new file mode 100644
index 00000000000..a45c64db259
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-import-data.http.html.ini
@@ -0,0 +1,18 @@
+[sharedworker-import-data.http.html]
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-import-data.https.html.ini
new file mode 100644
index 00000000000..921d40badc0
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[sharedworker-import-data.https.html]
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-import.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-import.http.html.ini
new file mode 100644
index 00000000000..bea121921e7
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-import.http.html.ini
@@ -0,0 +1,18 @@
+[sharedworker-import.http.html]
+  [Content Security Policy: Expects allowed for sharedworker-import to same-http origin and keep-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-import to same-http origin and no-redirect redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to same-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-import.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-import.https.html.ini
new file mode 100644
index 00000000000..8b4f9913c21
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-import.https.html.ini
@@ -0,0 +1,18 @@
+[sharedworker-import.https.html]
+  [Content Security Policy: Expects allowed for sharedworker-import to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-import to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-module.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-module.http.html.ini
new file mode 100644
index 00000000000..29ec5913022
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-module.http.html.ini
@@ -0,0 +1,6 @@
+[sharedworker-module.http.html]
+  [Content Security Policy: Expects allowed for sharedworker-module to same-http origin and keep-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-module to same-http origin and no-redirect redirection from http context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-module.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-module.https.html.ini
new file mode 100644
index 00000000000..3f885487b53
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-module.https.html.ini
@@ -0,0 +1,6 @@
+[sharedworker-module.https.html]
+  [Content Security Policy: Expects allowed for sharedworker-module to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-module to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/worker-import-data.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/worker-import-data.http.html.ini
new file mode 100644
index 00000000000..437d2f9f629
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/worker-import-data.http.html.ini
@@ -0,0 +1,18 @@
+[worker-import-data.http.html]
+  [Content Security Policy: Expects blocked for worker-import-data to cross-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to cross-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to cross-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/worker-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/worker-import-data.https.html.ini
new file mode 100644
index 00000000000..7ae7249b54b
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/worker-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[worker-import-data.https.html]
+  [Content Security Policy: Expects blocked for worker-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/worker-import.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/worker-import.http.html.ini
new file mode 100644
index 00000000000..608c98d386b
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/worker-import.http.html.ini
@@ -0,0 +1,18 @@
+[worker-import.http.html]
+  [Content Security Policy: Expects allowed for worker-import to same-http origin and keep-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worker-import to same-http origin and no-redirect redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to same-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/worker-import.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/worker-import.https.html.ini
new file mode 100644
index 00000000000..527cfd1eaa1
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/worker-import.https.html.ini
@@ -0,0 +1,18 @@
+[worker-import.https.html]
+  [Content Security Policy: Expects allowed for worker-import to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worker-import to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/worklet-animation-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/worklet-animation-import-data.https.html.ini
new file mode 100644
index 00000000000..d07fb3b5f35
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/worklet-animation-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-animation-import-data.https.html]
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/worklet-animation.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/worklet-animation.https.html.ini
new file mode 100644
index 00000000000..b86a23f746c
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/worklet-animation.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-animation.https.html]
+  [Content Security Policy: Expects allowed for worklet-animation to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/worklet-audio-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/worklet-audio-import-data.https.html.ini
new file mode 100644
index 00000000000..852411fad1e
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/worklet-audio-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-audio-import-data.https.html]
+  [Content Security Policy: Expects allowed for worklet-audio-import-data to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio-import-data to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio-import-data to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio-import-data to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio-import-data to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio-import-data to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/worklet-audio.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/worklet-audio.https.html.ini
new file mode 100644
index 00000000000..ecf7af4c0b0
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/worklet-audio.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-audio.https.html]
+  [Content Security Policy: Expects allowed for worklet-audio to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/worklet-layout-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/worklet-layout-import-data.https.html.ini
new file mode 100644
index 00000000000..e41ebb4f021
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/worklet-layout-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-layout-import-data.https.html]
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/worklet-layout.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/worklet-layout.https.html.ini
new file mode 100644
index 00000000000..1faa14a5922
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/worklet-layout.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-layout.https.html]
+  [Content Security Policy: Expects allowed for worklet-layout to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/worklet-paint-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/worklet-paint-import-data.https.html.ini
new file mode 100644
index 00000000000..e808725da67
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/worklet-paint-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-paint-import-data.https.html]
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/worklet-paint.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/worklet-paint.https.html.ini
new file mode 100644
index 00000000000..84130ba65d1
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-self/worklet-paint.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-paint.https.html]
+  [Content Security Policy: Expects allowed for worklet-paint to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-classic.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-classic.http.html.ini
new file mode 100644
index 00000000000..b3f759cfae0
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-classic.http.html.ini
@@ -0,0 +1,6 @@
+[sharedworker-classic.http.html]
+  [Content Security Policy: Expects allowed for sharedworker-classic to same-http origin and keep-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-classic to same-http origin and no-redirect redirection from http context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-classic.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-classic.https.html.ini
new file mode 100644
index 00000000000..97b882b5f1f
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-classic.https.html.ini
@@ -0,0 +1,6 @@
+[sharedworker-classic.https.html]
+  [Content Security Policy: Expects allowed for sharedworker-classic to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-classic to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-import-data.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-import-data.http.html.ini
new file mode 100644
index 00000000000..a45c64db259
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-import-data.http.html.ini
@@ -0,0 +1,18 @@
+[sharedworker-import-data.http.html]
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-import-data.https.html.ini
new file mode 100644
index 00000000000..921d40badc0
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[sharedworker-import-data.https.html]
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-import.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-import.http.html.ini
new file mode 100644
index 00000000000..6f6c214ac7b
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-import.http.html.ini
@@ -0,0 +1,18 @@
+[sharedworker-import.http.html]
+  [Content Security Policy: Expects allowed for sharedworker-import to cross-http origin and keep-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-import to cross-http origin and no-redirect redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-import to cross-http origin and swap-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-import to same-http origin and keep-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-import to same-http origin and no-redirect redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-import to same-http origin and swap-origin redirection from http context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-import.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-import.https.html.ini
new file mode 100644
index 00000000000..3c993624663
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-import.https.html.ini
@@ -0,0 +1,18 @@
+[sharedworker-import.https.html]
+  [Content Security Policy: Expects allowed for sharedworker-import to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-import to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-import to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-import to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-import to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-import to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-module.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-module.http.html.ini
new file mode 100644
index 00000000000..29ec5913022
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-module.http.html.ini
@@ -0,0 +1,6 @@
+[sharedworker-module.http.html]
+  [Content Security Policy: Expects allowed for sharedworker-module to same-http origin and keep-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-module to same-http origin and no-redirect redirection from http context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-module.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-module.https.html.ini
new file mode 100644
index 00000000000..3f885487b53
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-module.https.html.ini
@@ -0,0 +1,6 @@
+[sharedworker-module.https.html]
+  [Content Security Policy: Expects allowed for sharedworker-module to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-module to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worker-import-data.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worker-import-data.http.html.ini
new file mode 100644
index 00000000000..437d2f9f629
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worker-import-data.http.html.ini
@@ -0,0 +1,18 @@
+[worker-import-data.http.html]
+  [Content Security Policy: Expects blocked for worker-import-data to cross-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to cross-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to cross-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worker-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worker-import-data.https.html.ini
new file mode 100644
index 00000000000..7ae7249b54b
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worker-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[worker-import-data.https.html]
+  [Content Security Policy: Expects blocked for worker-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worker-import.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worker-import.http.html.ini
new file mode 100644
index 00000000000..7a5623c4d4d
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worker-import.http.html.ini
@@ -0,0 +1,18 @@
+[worker-import.http.html]
+  [Content Security Policy: Expects allowed for worker-import to cross-http origin and keep-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worker-import to cross-http origin and no-redirect redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worker-import to cross-http origin and swap-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worker-import to same-http origin and keep-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worker-import to same-http origin and no-redirect redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worker-import to same-http origin and swap-origin redirection from http context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worker-import.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worker-import.https.html.ini
new file mode 100644
index 00000000000..0def7660cac
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worker-import.https.html.ini
@@ -0,0 +1,18 @@
+[worker-import.https.html]
+  [Content Security Policy: Expects allowed for worker-import to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worker-import to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worker-import to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worker-import to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worker-import to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worker-import to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worklet-animation-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worklet-animation-import-data.https.html.ini
new file mode 100644
index 00000000000..d07fb3b5f35
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worklet-animation-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-animation-import-data.https.html]
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worklet-animation.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worklet-animation.https.html.ini
new file mode 100644
index 00000000000..b86a23f746c
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worklet-animation.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-animation.https.html]
+  [Content Security Policy: Expects allowed for worklet-animation to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worklet-audio-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worklet-audio-import-data.https.html.ini
new file mode 100644
index 00000000000..852411fad1e
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worklet-audio-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-audio-import-data.https.html]
+  [Content Security Policy: Expects allowed for worklet-audio-import-data to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio-import-data to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio-import-data to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio-import-data to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio-import-data to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio-import-data to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worklet-audio.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worklet-audio.https.html.ini
new file mode 100644
index 00000000000..ecf7af4c0b0
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worklet-audio.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-audio.https.html]
+  [Content Security Policy: Expects allowed for worklet-audio to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worklet-layout-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worklet-layout-import-data.https.html.ini
new file mode 100644
index 00000000000..e41ebb4f021
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worklet-layout-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-layout-import-data.https.html]
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worklet-layout.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worklet-layout.https.html.ini
new file mode 100644
index 00000000000..1faa14a5922
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worklet-layout.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-layout.https.html]
+  [Content Security Policy: Expects allowed for worklet-layout to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worklet-paint-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worklet-paint-import-data.https.html.ini
new file mode 100644
index 00000000000..e808725da67
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worklet-paint-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-paint-import-data.https.html]
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worklet-paint.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worklet-paint.https.html.ini
new file mode 100644
index 00000000000..84130ba65d1
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worklet-paint.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-paint.https.html]
+  [Content Security Policy: Expects allowed for worklet-paint to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/script-tag.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/script-tag.http.html.ini
new file mode 100644
index 00000000000..e29f4dd5d4e
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/script-tag.http.html.ini
@@ -0,0 +1,15 @@
+[script-tag.http.html]
+  [Content Security Policy: Expects blocked for script-tag to cross-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for script-tag to cross-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for script-tag to cross-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for script-tag to same-http origin and swap-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for script-tag to same-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/script-tag.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/script-tag.https.html.ini
new file mode 100644
index 00000000000..bbe30519d0b
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/script-tag.https.html.ini
@@ -0,0 +1,15 @@
+[script-tag.https.html]
+  [Content Security Policy: Expects blocked for script-tag to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for script-tag to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for script-tag to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for script-tag to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for script-tag to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-classic.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-classic.http.html.ini
new file mode 100644
index 00000000000..b3f759cfae0
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-classic.http.html.ini
@@ -0,0 +1,6 @@
+[sharedworker-classic.http.html]
+  [Content Security Policy: Expects allowed for sharedworker-classic to same-http origin and keep-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-classic to same-http origin and no-redirect redirection from http context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-classic.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-classic.https.html.ini
new file mode 100644
index 00000000000..97b882b5f1f
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-classic.https.html.ini
@@ -0,0 +1,6 @@
+[sharedworker-classic.https.html]
+  [Content Security Policy: Expects allowed for sharedworker-classic to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-classic to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-import-data.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-import-data.http.html.ini
new file mode 100644
index 00000000000..a45c64db259
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-import-data.http.html.ini
@@ -0,0 +1,18 @@
+[sharedworker-import-data.http.html]
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-import-data.https.html.ini
new file mode 100644
index 00000000000..921d40badc0
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[sharedworker-import-data.https.html]
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-import.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-import.http.html.ini
new file mode 100644
index 00000000000..bea121921e7
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-import.http.html.ini
@@ -0,0 +1,18 @@
+[sharedworker-import.http.html]
+  [Content Security Policy: Expects allowed for sharedworker-import to same-http origin and keep-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-import to same-http origin and no-redirect redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to same-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-import.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-import.https.html.ini
new file mode 100644
index 00000000000..8b4f9913c21
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-import.https.html.ini
@@ -0,0 +1,18 @@
+[sharedworker-import.https.html]
+  [Content Security Policy: Expects allowed for sharedworker-import to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-import to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-module.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-module.http.html.ini
new file mode 100644
index 00000000000..29ec5913022
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-module.http.html.ini
@@ -0,0 +1,6 @@
+[sharedworker-module.http.html]
+  [Content Security Policy: Expects allowed for sharedworker-module to same-http origin and keep-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-module to same-http origin and no-redirect redirection from http context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-module.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-module.https.html.ini
new file mode 100644
index 00000000000..3f885487b53
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-module.https.html.ini
@@ -0,0 +1,6 @@
+[sharedworker-module.https.html]
+  [Content Security Policy: Expects allowed for sharedworker-module to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-module to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/worker-import-data.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/worker-import-data.http.html.ini
new file mode 100644
index 00000000000..437d2f9f629
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/worker-import-data.http.html.ini
@@ -0,0 +1,18 @@
+[worker-import-data.http.html]
+  [Content Security Policy: Expects blocked for worker-import-data to cross-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to cross-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to cross-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/worker-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/worker-import-data.https.html.ini
new file mode 100644
index 00000000000..7ae7249b54b
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/worker-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[worker-import-data.https.html]
+  [Content Security Policy: Expects blocked for worker-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/worker-import.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/worker-import.http.html.ini
new file mode 100644
index 00000000000..608c98d386b
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/worker-import.http.html.ini
@@ -0,0 +1,18 @@
+[worker-import.http.html]
+  [Content Security Policy: Expects allowed for worker-import to same-http origin and keep-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worker-import to same-http origin and no-redirect redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to same-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/worker-import.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/worker-import.https.html.ini
new file mode 100644
index 00000000000..527cfd1eaa1
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/worker-import.https.html.ini
@@ -0,0 +1,18 @@
+[worker-import.https.html]
+  [Content Security Policy: Expects allowed for worker-import to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worker-import to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/worklet-animation-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/worklet-animation-import-data.https.html.ini
new file mode 100644
index 00000000000..0047e9e5edb
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/worklet-animation-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-animation-import-data.https.html]
+  [Content Security Policy: Expects blocked for worklet-animation-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/worklet-animation.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/worklet-animation.https.html.ini
new file mode 100644
index 00000000000..56956467bb0
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/worklet-animation.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-animation.https.html]
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/worklet-audio-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/worklet-audio-import-data.https.html.ini
new file mode 100644
index 00000000000..6eece95fb56
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/worklet-audio-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-audio-import-data.https.html]
+  [Content Security Policy: Expects blocked for worklet-audio-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-audio-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-audio-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-audio-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-audio-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-audio-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/worklet-audio.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/worklet-audio.https.html.ini
new file mode 100644
index 00000000000..69622b1f718
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/worklet-audio.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-audio.https.html]
+  [Content Security Policy: Expects allowed for worklet-audio to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-audio to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-audio to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-audio to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-audio to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/worklet-layout-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/worklet-layout-import-data.https.html.ini
new file mode 100644
index 00000000000..94e74056e3b
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/worklet-layout-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-layout-import-data.https.html]
+  [Content Security Policy: Expects blocked for worklet-layout-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/worklet-layout.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/worklet-layout.https.html.ini
new file mode 100644
index 00000000000..86dcbe91c71
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/worklet-layout.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-layout.https.html]
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/worklet-paint-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/worklet-paint-import-data.https.html.ini
new file mode 100644
index 00000000000..d79d620f445
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/worklet-paint-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-paint-import-data.https.html]
+  [Content Security Policy: Expects blocked for worklet-paint-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/worklet-paint.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/worklet-paint.https.html.ini
new file mode 100644
index 00000000000..90d3d6df098
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-self/worklet-paint.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-paint.https.html]
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-classic.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-classic.http.html.ini
new file mode 100644
index 00000000000..b3f759cfae0
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-classic.http.html.ini
@@ -0,0 +1,6 @@
+[sharedworker-classic.http.html]
+  [Content Security Policy: Expects allowed for sharedworker-classic to same-http origin and keep-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-classic to same-http origin and no-redirect redirection from http context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-classic.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-classic.https.html.ini
new file mode 100644
index 00000000000..97b882b5f1f
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-classic.https.html.ini
@@ -0,0 +1,6 @@
+[sharedworker-classic.https.html]
+  [Content Security Policy: Expects allowed for sharedworker-classic to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-classic to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-import-data.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-import-data.http.html.ini
new file mode 100644
index 00000000000..a45c64db259
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-import-data.http.html.ini
@@ -0,0 +1,18 @@
+[sharedworker-import-data.http.html]
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-import-data.https.html.ini
new file mode 100644
index 00000000000..921d40badc0
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[sharedworker-import-data.https.html]
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-import.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-import.http.html.ini
new file mode 100644
index 00000000000..6f6c214ac7b
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-import.http.html.ini
@@ -0,0 +1,18 @@
+[sharedworker-import.http.html]
+  [Content Security Policy: Expects allowed for sharedworker-import to cross-http origin and keep-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-import to cross-http origin and no-redirect redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-import to cross-http origin and swap-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-import to same-http origin and keep-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-import to same-http origin and no-redirect redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-import to same-http origin and swap-origin redirection from http context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-import.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-import.https.html.ini
new file mode 100644
index 00000000000..3c993624663
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-import.https.html.ini
@@ -0,0 +1,18 @@
+[sharedworker-import.https.html]
+  [Content Security Policy: Expects allowed for sharedworker-import to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-import to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-import to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-import to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-import to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-import to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-module.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-module.http.html.ini
new file mode 100644
index 00000000000..29ec5913022
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-module.http.html.ini
@@ -0,0 +1,6 @@
+[sharedworker-module.http.html]
+  [Content Security Policy: Expects allowed for sharedworker-module to same-http origin and keep-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-module to same-http origin and no-redirect redirection from http context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-module.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-module.https.html.ini
new file mode 100644
index 00000000000..3f885487b53
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-module.https.html.ini
@@ -0,0 +1,6 @@
+[sharedworker-module.https.html]
+  [Content Security Policy: Expects allowed for sharedworker-module to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-module to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/worker-import-data.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/worker-import-data.http.html.ini
new file mode 100644
index 00000000000..437d2f9f629
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/worker-import-data.http.html.ini
@@ -0,0 +1,18 @@
+[worker-import-data.http.html]
+  [Content Security Policy: Expects blocked for worker-import-data to cross-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to cross-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to cross-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/worker-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/worker-import-data.https.html.ini
new file mode 100644
index 00000000000..7ae7249b54b
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/worker-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[worker-import-data.https.html]
+  [Content Security Policy: Expects blocked for worker-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/worker-import.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/worker-import.http.html.ini
new file mode 100644
index 00000000000..7a5623c4d4d
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/worker-import.http.html.ini
@@ -0,0 +1,18 @@
+[worker-import.http.html]
+  [Content Security Policy: Expects allowed for worker-import to cross-http origin and keep-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worker-import to cross-http origin and no-redirect redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worker-import to cross-http origin and swap-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worker-import to same-http origin and keep-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worker-import to same-http origin and no-redirect redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worker-import to same-http origin and swap-origin redirection from http context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/worker-import.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/worker-import.https.html.ini
new file mode 100644
index 00000000000..0def7660cac
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/worker-import.https.html.ini
@@ -0,0 +1,18 @@
+[worker-import.https.html]
+  [Content Security Policy: Expects allowed for worker-import to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worker-import to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worker-import to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worker-import to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worker-import to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worker-import to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/worklet-animation-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/worklet-animation-import-data.https.html.ini
new file mode 100644
index 00000000000..0047e9e5edb
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/worklet-animation-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-animation-import-data.https.html]
+  [Content Security Policy: Expects blocked for worklet-animation-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/worklet-animation.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/worklet-animation.https.html.ini
new file mode 100644
index 00000000000..b86a23f746c
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/worklet-animation.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-animation.https.html]
+  [Content Security Policy: Expects allowed for worklet-animation to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/worklet-audio-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/worklet-audio-import-data.https.html.ini
new file mode 100644
index 00000000000..6eece95fb56
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/worklet-audio-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-audio-import-data.https.html]
+  [Content Security Policy: Expects blocked for worklet-audio-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-audio-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-audio-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-audio-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-audio-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-audio-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/worklet-audio.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/worklet-audio.https.html.ini
new file mode 100644
index 00000000000..ecf7af4c0b0
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/worklet-audio.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-audio.https.html]
+  [Content Security Policy: Expects allowed for worklet-audio to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/worklet-layout-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/worklet-layout-import-data.https.html.ini
new file mode 100644
index 00000000000..94e74056e3b
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/worklet-layout-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-layout-import-data.https.html]
+  [Content Security Policy: Expects blocked for worklet-layout-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/worklet-layout.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/worklet-layout.https.html.ini
new file mode 100644
index 00000000000..1faa14a5922
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/worklet-layout.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-layout.https.html]
+  [Content Security Policy: Expects allowed for worklet-layout to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/worklet-paint-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/worklet-paint-import-data.https.html.ini
new file mode 100644
index 00000000000..d79d620f445
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/worklet-paint-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-paint-import-data.https.html]
+  [Content Security Policy: Expects blocked for worklet-paint-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/worklet-paint.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/worklet-paint.https.html.ini
new file mode 100644
index 00000000000..84130ba65d1
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/script-src-wildcard/worklet-paint.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-paint.https.html]
+  [Content Security Policy: Expects allowed for worklet-paint to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-classic.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-classic.http.html.ini
new file mode 100644
index 00000000000..3b5bbab1be5
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-classic.http.html.ini
@@ -0,0 +1,6 @@
+[sharedworker-classic.http.html]
+  [Content Security Policy: Expects blocked for sharedworker-classic to same-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-classic to same-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-classic.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-classic.https.html.ini
new file mode 100644
index 00000000000..72b96f1fe61
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-classic.https.html.ini
@@ -0,0 +1,6 @@
+[sharedworker-classic.https.html]
+  [Content Security Policy: Expects blocked for sharedworker-classic to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-classic to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-import-data.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-import-data.http.html.ini
new file mode 100644
index 00000000000..a45c64db259
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-import-data.http.html.ini
@@ -0,0 +1,18 @@
+[sharedworker-import-data.http.html]
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-import-data.https.html.ini
new file mode 100644
index 00000000000..921d40badc0
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[sharedworker-import-data.https.html]
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-import.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-import.http.html.ini
new file mode 100644
index 00000000000..13c98c21e61
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-import.http.html.ini
@@ -0,0 +1,18 @@
+[sharedworker-import.http.html]
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to same-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to same-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to same-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-import.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-import.https.html.ini
new file mode 100644
index 00000000000..25d301db524
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-import.https.html.ini
@@ -0,0 +1,18 @@
+[sharedworker-import.https.html]
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-module.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-module.http.html.ini
new file mode 100644
index 00000000000..cd374fee28e
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-module.http.html.ini
@@ -0,0 +1,6 @@
+[sharedworker-module.http.html]
+  [Content Security Policy: Expects blocked for sharedworker-module to same-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-module to same-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-module.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-module.https.html.ini
new file mode 100644
index 00000000000..9ba93182139
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-module.https.html.ini
@@ -0,0 +1,6 @@
+[sharedworker-module.https.html]
+  [Content Security Policy: Expects blocked for sharedworker-module to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-module to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/worker-classic.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/worker-classic.http.html.ini
new file mode 100644
index 00000000000..7946a0b6e4b
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/worker-classic.http.html.ini
@@ -0,0 +1,12 @@
+[worker-classic.http.html]
+  [Content Security Policy: Expects blocked for worker-classic to same-http origin and keep-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-classic to same-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-classic to same-http origin and no-redirect redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-classic to same-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/worker-classic.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/worker-classic.https.html.ini
new file mode 100644
index 00000000000..012a8eeea7b
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/worker-classic.https.html.ini
@@ -0,0 +1,12 @@
+[worker-classic.https.html]
+  [Content Security Policy: Expects blocked for worker-classic to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-classic to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-classic to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-classic to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/worker-import-data.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/worker-import-data.http.html.ini
new file mode 100644
index 00000000000..437d2f9f629
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/worker-import-data.http.html.ini
@@ -0,0 +1,18 @@
+[worker-import-data.http.html]
+  [Content Security Policy: Expects blocked for worker-import-data to cross-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to cross-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to cross-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/worker-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/worker-import-data.https.html.ini
new file mode 100644
index 00000000000..7ae7249b54b
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/worker-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[worker-import-data.https.html]
+  [Content Security Policy: Expects blocked for worker-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/worker-import.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/worker-import.http.html.ini
new file mode 100644
index 00000000000..de8aee6d0d9
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/worker-import.http.html.ini
@@ -0,0 +1,18 @@
+[worker-import.http.html]
+  [Content Security Policy: Expects blocked for worker-import to cross-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to same-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to same-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to same-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/worker-import.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/worker-import.https.html.ini
new file mode 100644
index 00000000000..083522812e5
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/worker-import.https.html.ini
@@ -0,0 +1,18 @@
+[worker-import.https.html]
+  [Content Security Policy: Expects blocked for worker-import to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/worker-module.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/worker-module.http.html.ini
new file mode 100644
index 00000000000..bf1fa59e575
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/worker-module.http.html.ini
@@ -0,0 +1,12 @@
+[worker-module.http.html]
+  [Content Security Policy: Expects blocked for worker-module to same-http origin and keep-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-module to same-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-module to same-http origin and no-redirect redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-module to same-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/worker-module.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/worker-module.https.html.ini
new file mode 100644
index 00000000000..7c40dc70953
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/worker-module.https.html.ini
@@ -0,0 +1,12 @@
+[worker-module.https.html]
+  [Content Security Policy: Expects blocked for worker-module to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-module to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-module to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-module to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/worklet-animation-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/worklet-animation-import-data.https.html.ini
new file mode 100644
index 00000000000..d07fb3b5f35
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/worklet-animation-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-animation-import-data.https.html]
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/worklet-animation.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/worklet-animation.https.html.ini
new file mode 100644
index 00000000000..b86a23f746c
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/worklet-animation.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-animation.https.html]
+  [Content Security Policy: Expects allowed for worklet-animation to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/worklet-audio-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/worklet-audio-import-data.https.html.ini
new file mode 100644
index 00000000000..852411fad1e
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/worklet-audio-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-audio-import-data.https.html]
+  [Content Security Policy: Expects allowed for worklet-audio-import-data to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio-import-data to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio-import-data to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio-import-data to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio-import-data to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio-import-data to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/worklet-audio.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/worklet-audio.https.html.ini
new file mode 100644
index 00000000000..ecf7af4c0b0
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/worklet-audio.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-audio.https.html]
+  [Content Security Policy: Expects allowed for worklet-audio to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/worklet-layout-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/worklet-layout-import-data.https.html.ini
new file mode 100644
index 00000000000..e41ebb4f021
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/worklet-layout-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-layout-import-data.https.html]
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/worklet-layout.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/worklet-layout.https.html.ini
new file mode 100644
index 00000000000..1faa14a5922
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/worklet-layout.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-layout.https.html]
+  [Content Security Policy: Expects allowed for worklet-layout to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/worklet-paint-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/worklet-paint-import-data.https.html.ini
new file mode 100644
index 00000000000..e808725da67
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/worklet-paint-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-paint-import-data.https.html]
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/worklet-paint.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/worklet-paint.https.html.ini
new file mode 100644
index 00000000000..84130ba65d1
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-none/worklet-paint.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-paint.https.html]
+  [Content Security Policy: Expects allowed for worklet-paint to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-classic.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-classic.http.html.ini
new file mode 100644
index 00000000000..b3f759cfae0
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-classic.http.html.ini
@@ -0,0 +1,6 @@
+[sharedworker-classic.http.html]
+  [Content Security Policy: Expects allowed for sharedworker-classic to same-http origin and keep-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-classic to same-http origin and no-redirect redirection from http context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-classic.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-classic.https.html.ini
new file mode 100644
index 00000000000..97b882b5f1f
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-classic.https.html.ini
@@ -0,0 +1,6 @@
+[sharedworker-classic.https.html]
+  [Content Security Policy: Expects allowed for sharedworker-classic to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-classic to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-import-data.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-import-data.http.html.ini
new file mode 100644
index 00000000000..a45c64db259
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-import-data.http.html.ini
@@ -0,0 +1,18 @@
+[sharedworker-import-data.http.html]
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-import-data.https.html.ini
new file mode 100644
index 00000000000..921d40badc0
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[sharedworker-import-data.https.html]
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-import.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-import.http.html.ini
new file mode 100644
index 00000000000..bea121921e7
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-import.http.html.ini
@@ -0,0 +1,18 @@
+[sharedworker-import.http.html]
+  [Content Security Policy: Expects allowed for sharedworker-import to same-http origin and keep-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-import to same-http origin and no-redirect redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to same-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-import.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-import.https.html.ini
new file mode 100644
index 00000000000..8b4f9913c21
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-import.https.html.ini
@@ -0,0 +1,18 @@
+[sharedworker-import.https.html]
+  [Content Security Policy: Expects allowed for sharedworker-import to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-import to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-module.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-module.http.html.ini
new file mode 100644
index 00000000000..29ec5913022
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-module.http.html.ini
@@ -0,0 +1,6 @@
+[sharedworker-module.http.html]
+  [Content Security Policy: Expects allowed for sharedworker-module to same-http origin and keep-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-module to same-http origin and no-redirect redirection from http context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-module.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-module.https.html.ini
new file mode 100644
index 00000000000..3f885487b53
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-module.https.html.ini
@@ -0,0 +1,6 @@
+[sharedworker-module.https.html]
+  [Content Security Policy: Expects allowed for sharedworker-module to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-module to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/worker-import-data.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/worker-import-data.http.html.ini
new file mode 100644
index 00000000000..437d2f9f629
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/worker-import-data.http.html.ini
@@ -0,0 +1,18 @@
+[worker-import-data.http.html]
+  [Content Security Policy: Expects blocked for worker-import-data to cross-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to cross-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to cross-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/worker-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/worker-import-data.https.html.ini
new file mode 100644
index 00000000000..7ae7249b54b
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/worker-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[worker-import-data.https.html]
+  [Content Security Policy: Expects blocked for worker-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/worker-import.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/worker-import.http.html.ini
new file mode 100644
index 00000000000..608c98d386b
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/worker-import.http.html.ini
@@ -0,0 +1,18 @@
+[worker-import.http.html]
+  [Content Security Policy: Expects allowed for worker-import to same-http origin and keep-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worker-import to same-http origin and no-redirect redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to same-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/worker-import.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/worker-import.https.html.ini
new file mode 100644
index 00000000000..527cfd1eaa1
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/worker-import.https.html.ini
@@ -0,0 +1,18 @@
+[worker-import.https.html]
+  [Content Security Policy: Expects allowed for worker-import to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worker-import to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/worklet-animation-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/worklet-animation-import-data.https.html.ini
new file mode 100644
index 00000000000..d07fb3b5f35
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/worklet-animation-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-animation-import-data.https.html]
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/worklet-animation.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/worklet-animation.https.html.ini
new file mode 100644
index 00000000000..b86a23f746c
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/worklet-animation.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-animation.https.html]
+  [Content Security Policy: Expects allowed for worklet-animation to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/worklet-audio-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/worklet-audio-import-data.https.html.ini
new file mode 100644
index 00000000000..852411fad1e
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/worklet-audio-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-audio-import-data.https.html]
+  [Content Security Policy: Expects allowed for worklet-audio-import-data to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio-import-data to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio-import-data to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio-import-data to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio-import-data to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio-import-data to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/worklet-audio.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/worklet-audio.https.html.ini
new file mode 100644
index 00000000000..ecf7af4c0b0
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/worklet-audio.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-audio.https.html]
+  [Content Security Policy: Expects allowed for worklet-audio to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/worklet-layout-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/worklet-layout-import-data.https.html.ini
new file mode 100644
index 00000000000..e41ebb4f021
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/worklet-layout-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-layout-import-data.https.html]
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/worklet-layout.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/worklet-layout.https.html.ini
new file mode 100644
index 00000000000..1faa14a5922
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/worklet-layout.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-layout.https.html]
+  [Content Security Policy: Expects allowed for worklet-layout to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/worklet-paint-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/worklet-paint-import-data.https.html.ini
new file mode 100644
index 00000000000..e808725da67
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/worklet-paint-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-paint-import-data.https.html]
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/worklet-paint.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/worklet-paint.https.html.ini
new file mode 100644
index 00000000000..84130ba65d1
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-self/worklet-paint.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-paint.https.html]
+  [Content Security Policy: Expects allowed for worklet-paint to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-classic.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-classic.http.html.ini
new file mode 100644
index 00000000000..b3f759cfae0
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-classic.http.html.ini
@@ -0,0 +1,6 @@
+[sharedworker-classic.http.html]
+  [Content Security Policy: Expects allowed for sharedworker-classic to same-http origin and keep-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-classic to same-http origin and no-redirect redirection from http context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-classic.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-classic.https.html.ini
new file mode 100644
index 00000000000..97b882b5f1f
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-classic.https.html.ini
@@ -0,0 +1,6 @@
+[sharedworker-classic.https.html]
+  [Content Security Policy: Expects allowed for sharedworker-classic to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-classic to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-import-data.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-import-data.http.html.ini
new file mode 100644
index 00000000000..a45c64db259
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-import-data.http.html.ini
@@ -0,0 +1,18 @@
+[sharedworker-import-data.http.html]
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-import-data.https.html.ini
new file mode 100644
index 00000000000..921d40badc0
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[sharedworker-import-data.https.html]
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-import.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-import.http.html.ini
new file mode 100644
index 00000000000..6f6c214ac7b
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-import.http.html.ini
@@ -0,0 +1,18 @@
+[sharedworker-import.http.html]
+  [Content Security Policy: Expects allowed for sharedworker-import to cross-http origin and keep-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-import to cross-http origin and no-redirect redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-import to cross-http origin and swap-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-import to same-http origin and keep-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-import to same-http origin and no-redirect redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-import to same-http origin and swap-origin redirection from http context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-import.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-import.https.html.ini
new file mode 100644
index 00000000000..3c993624663
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-import.https.html.ini
@@ -0,0 +1,18 @@
+[sharedworker-import.https.html]
+  [Content Security Policy: Expects allowed for sharedworker-import to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-import to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-import to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-import to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-import to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-import to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-module.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-module.http.html.ini
new file mode 100644
index 00000000000..29ec5913022
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-module.http.html.ini
@@ -0,0 +1,6 @@
+[sharedworker-module.http.html]
+  [Content Security Policy: Expects allowed for sharedworker-module to same-http origin and keep-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-module to same-http origin and no-redirect redirection from http context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-module.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-module.https.html.ini
new file mode 100644
index 00000000000..3f885487b53
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-module.https.html.ini
@@ -0,0 +1,6 @@
+[sharedworker-module.https.html]
+  [Content Security Policy: Expects allowed for sharedworker-module to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for sharedworker-module to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worker-import-data.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worker-import-data.http.html.ini
new file mode 100644
index 00000000000..437d2f9f629
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worker-import-data.http.html.ini
@@ -0,0 +1,18 @@
+[worker-import-data.http.html]
+  [Content Security Policy: Expects blocked for worker-import-data to cross-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to cross-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to cross-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worker-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worker-import-data.https.html.ini
new file mode 100644
index 00000000000..7ae7249b54b
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worker-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[worker-import-data.https.html]
+  [Content Security Policy: Expects blocked for worker-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worker-import.http.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worker-import.http.html.ini
new file mode 100644
index 00000000000..7a5623c4d4d
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worker-import.http.html.ini
@@ -0,0 +1,18 @@
+[worker-import.http.html]
+  [Content Security Policy: Expects allowed for worker-import to cross-http origin and keep-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worker-import to cross-http origin and no-redirect redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worker-import to cross-http origin and swap-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worker-import to same-http origin and keep-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worker-import to same-http origin and no-redirect redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worker-import to same-http origin and swap-origin redirection from http context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worker-import.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worker-import.https.html.ini
new file mode 100644
index 00000000000..0def7660cac
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worker-import.https.html.ini
@@ -0,0 +1,18 @@
+[worker-import.https.html]
+  [Content Security Policy: Expects allowed for worker-import to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worker-import to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worker-import to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worker-import to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worker-import to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worker-import to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worklet-animation-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worklet-animation-import-data.https.html.ini
new file mode 100644
index 00000000000..d07fb3b5f35
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worklet-animation-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-animation-import-data.https.html]
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worklet-animation.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worklet-animation.https.html.ini
new file mode 100644
index 00000000000..b86a23f746c
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worklet-animation.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-animation.https.html]
+  [Content Security Policy: Expects allowed for worklet-animation to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worklet-audio-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worklet-audio-import-data.https.html.ini
new file mode 100644
index 00000000000..852411fad1e
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worklet-audio-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-audio-import-data.https.html]
+  [Content Security Policy: Expects allowed for worklet-audio-import-data to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio-import-data to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio-import-data to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio-import-data to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio-import-data to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio-import-data to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worklet-audio.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worklet-audio.https.html.ini
new file mode 100644
index 00000000000..ecf7af4c0b0
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worklet-audio.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-audio.https.html]
+  [Content Security Policy: Expects allowed for worklet-audio to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-audio to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worklet-layout-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worklet-layout-import-data.https.html.ini
new file mode 100644
index 00000000000..e41ebb4f021
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worklet-layout-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-layout-import-data.https.html]
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worklet-layout.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worklet-layout.https.html.ini
new file mode 100644
index 00000000000..1faa14a5922
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worklet-layout.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-layout.https.html]
+  [Content Security Policy: Expects allowed for worklet-layout to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worklet-paint-import-data.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worklet-paint-import-data.https.html.ini
new file mode 100644
index 00000000000..e808725da67
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worklet-paint-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-paint-import-data.https.html]
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worklet-paint.https.html.ini b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worklet-paint.https.html.ini
new file mode 100644
index 00000000000..84130ba65d1
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worklet-paint.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-paint.https.html]
+  [Content Security Policy: Expects allowed for worklet-paint to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/generic/304-response-should-update-csp.sub.html.ini b/tests/wpt/meta/content-security-policy/generic/304-response-should-update-csp.sub.html.ini
new file mode 100644
index 00000000000..50fb992352a
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/generic/304-response-should-update-csp.sub.html.ini
@@ -0,0 +1,7 @@
+[304-response-should-update-csp.sub.html]
+  expected: TIMEOUT
+  [Test that the first frame does not use nonce def]
+    expected: NOTRUN
+
+  [Test that the second frame does not use nonce abc]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/generic/directive-name-case-insensitive.sub.html.ini b/tests/wpt/meta/content-security-policy/generic/directive-name-case-insensitive.sub.html.ini
new file mode 100644
index 00000000000..aa4b88c3d75
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/generic/directive-name-case-insensitive.sub.html.ini
@@ -0,0 +1,7 @@
+[directive-name-case-insensitive.sub.html]
+  expected: TIMEOUT
+  [Test that the www2 image is not allowed to load]
+    expected: FAIL
+
+  [Test that the www2 image throws a violation event]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/generic/filesystem-urls-do-not-match-self.sub.html.ini b/tests/wpt/meta/content-security-policy/generic/filesystem-urls-do-not-match-self.sub.html.ini
new file mode 100644
index 00000000000..774fece4edc
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/generic/filesystem-urls-do-not-match-self.sub.html.ini
@@ -0,0 +1,7 @@
+[filesystem-urls-do-not-match-self.sub.html]
+  expected: TIMEOUT
+  [Expecting logs: ["violated-directive=script-src-elem"\]]
+    expected: NOTRUN
+
+  [filesystem-urls-do-not-match-self]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/generic/filesystem-urls-match-filesystem.sub.html.ini b/tests/wpt/meta/content-security-policy/generic/filesystem-urls-match-filesystem.sub.html.ini
new file mode 100644
index 00000000000..1dddfa6bc6a
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/generic/filesystem-urls-match-filesystem.sub.html.ini
@@ -0,0 +1,3 @@
+[filesystem-urls-match-filesystem.sub.html]
+  [Expecting logs: ["PASS (1/1)"\]]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/generic/generic-0_1-img-src.html.ini b/tests/wpt/meta/content-security-policy/generic/generic-0_1-img-src.html.ini
new file mode 100644
index 00000000000..b514431cf11
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/generic/generic-0_1-img-src.html.ini
@@ -0,0 +1,7 @@
+[generic-0_1-img-src.html]
+  expected: TIMEOUT
+  [Verify cascading of default-src to img-src policy]
+    expected: FAIL
+
+  [Should fire violation events for every failed violation]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/generic/generic-0_1-script-src.html.ini b/tests/wpt/meta/content-security-policy/generic/generic-0_1-script-src.html.ini
new file mode 100644
index 00000000000..6de5def7cb1
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/generic/generic-0_1-script-src.html.ini
@@ -0,0 +1,4 @@
+[generic-0_1-script-src.html]
+  expected: TIMEOUT
+  [Should fire violation events for every failed violation]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/generic/generic-0_10_1.sub.html.ini b/tests/wpt/meta/content-security-policy/generic/generic-0_10_1.sub.html.ini
new file mode 100644
index 00000000000..8bdb249874e
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/generic/generic-0_10_1.sub.html.ini
@@ -0,0 +1,4 @@
+[generic-0_10_1.sub.html]
+  expected: TIMEOUT
+  [Should fire violation events for every failed violation]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/generic/generic-0_2_2.sub.html.ini b/tests/wpt/meta/content-security-policy/generic/generic-0_2_2.sub.html.ini
new file mode 100644
index 00000000000..30b0d69799b
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/generic/generic-0_2_2.sub.html.ini
@@ -0,0 +1,4 @@
+[generic-0_2_2.sub.html]
+  expected: TIMEOUT
+  [Should fire violation events for every failed violation]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/generic/generic-0_2_3.html.ini b/tests/wpt/meta/content-security-policy/generic/generic-0_2_3.html.ini
new file mode 100644
index 00000000000..31107d13421
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/generic/generic-0_2_3.html.ini
@@ -0,0 +1,4 @@
+[generic-0_2_3.html]
+  expected: TIMEOUT
+  [Should fire violation events for every failed violation]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/generic/invalid-characters-in-policy.html.ini b/tests/wpt/meta/content-security-policy/generic/invalid-characters-in-policy.html.ini
new file mode 100644
index 00000000000..ccb770e00d4
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/generic/invalid-characters-in-policy.html.ini
@@ -0,0 +1,18 @@
+[invalid-characters-in-policy.html]
+  [Should not load image with 'none' CSP - meta tag]
+    expected: FAIL
+
+  [Should not load image with 'none' CSP - HTTP header]
+    expected: FAIL
+
+  [Non-ASCII character in directive value should not affect other directives. - meta tag]
+    expected: FAIL
+
+  [Non-ASCII character in directive value should not affect other directives. - HTTP header]
+    expected: FAIL
+
+  [Non-ASCII character in directive name should not affect other directives. - meta tag]
+    expected: FAIL
+
+  [Non-ASCII character in directive name should not affect other directives. - HTTP header]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/generic/only-valid-whitespaces-are-allowed.html.ini b/tests/wpt/meta/content-security-policy/generic/only-valid-whitespaces-are-allowed.html.ini
new file mode 100644
index 00000000000..ee568553b94
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/generic/only-valid-whitespaces-are-allowed.html.ini
@@ -0,0 +1,55 @@
+[only-valid-whitespaces-are-allowed.html]
+  expected: TIMEOUT
+  [Should not load image with 'none' CSP - meta tag]
+    expected: FAIL
+
+  [Should not load image with 'none' CSP - HTTP header]
+    expected: FAIL
+
+  [U+0009 TAB   should be properly parsed between directive name and value - meta tag]
+    expected: FAIL
+
+  [U+0009 TAB   should be properly parsed between directive name and value - HTTP header]
+    expected: FAIL
+
+  [U+000C FF    should be properly parsed between directive name and value - meta tag]
+    expected: FAIL
+
+  [U+000C FF    should be properly parsed between directive name and value - HTTP header]
+    expected: TIMEOUT
+
+  [U+000A LF    should be properly parsed between directive name and value - meta tag]
+    expected: FAIL
+
+  [U+000D CR    should be properly parsed between directive name and value - meta tag]
+    expected: FAIL
+
+  [U+0020 SPACE should be properly parsed between directive name and value - meta tag]
+    expected: FAIL
+
+  [U+0020 SPACE should be properly parsed between directive name and value - HTTP header]
+    expected: FAIL
+
+  [U+0009 TAB   should be properly parsed inside directive value - meta tag]
+    expected: FAIL
+
+  [U+0009 TAB   should be properly parsed inside directive value - HTTP header]
+    expected: FAIL
+
+  [U+000C FF    should be properly parsed inside directive value - meta tag]
+    expected: FAIL
+
+  [U+000C FF    should be properly parsed inside directive value - HTTP header]
+    expected: TIMEOUT
+
+  [U+000A LF    should be properly parsed inside directive value - meta tag]
+    expected: FAIL
+
+  [U+000D CR    should be properly parsed inside directive value - meta tag]
+    expected: FAIL
+
+  [U+0020 SPACE should be properly parsed inside directive value - meta tag]
+    expected: FAIL
+
+  [U+0020 SPACE should be properly parsed inside directive value - HTTP header]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/generic/policy-inherited-correctly-by-plznavigate.html.ini b/tests/wpt/meta/content-security-policy/generic/policy-inherited-correctly-by-plznavigate.html.ini
new file mode 100644
index 00000000000..97fc185b7ba
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/generic/policy-inherited-correctly-by-plznavigate.html.ini
@@ -0,0 +1,7 @@
+[policy-inherited-correctly-by-plznavigate.html]
+  expected: ERROR
+  [iframe still inherits correct CSP]
+    expected: NOTRUN
+
+  [Violation report status OK.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/generic/src-trailing-dot.sub.any.js.ini b/tests/wpt/meta/content-security-policy/generic/src-trailing-dot.sub.any.js.ini
new file mode 100644
index 00000000000..d96ded74d88
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/generic/src-trailing-dot.sub.any.js.ini
@@ -0,0 +1,14 @@
+[src-trailing-dot.sub.any.serviceworker.html]
+  expected: ERROR
+
+[src-trailing-dot.sub.any.sharedworker.html]
+  expected: ERROR
+
+[src-trailing-dot.sub.any.html]
+  [Fetch from host with trailing dot should be allowed by CSP.]
+    expected: FAIL
+
+
+[src-trailing-dot.sub.any.worker.html]
+  [Fetch from host with trailing dot should be allowed by CSP.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/img-src/css-filter-blocked.tentative.html.ini b/tests/wpt/meta/content-security-policy/img-src/css-filter-blocked.tentative.html.ini
new file mode 100644
index 00000000000..204e15a4b4a
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/img-src/css-filter-blocked.tentative.html.ini
@@ -0,0 +1,4 @@
+[css-filter-blocked.tentative.html]
+  expected: TIMEOUT
+  [Blocked CSS filter: SVG]
+    expected: TIMEOUT
diff --git a/tests/wpt/meta/content-security-policy/img-src/icon-blocked.sub.html.ini b/tests/wpt/meta/content-security-policy/img-src/icon-blocked.sub.html.ini
new file mode 100644
index 00000000000..1ed665f5245
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/img-src/icon-blocked.sub.html.ini
@@ -0,0 +1,4 @@
+[icon-blocked.sub.html]
+  expected: TIMEOUT
+  [Test that spv event is fired]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/img-src/img-src-full-host-wildcard-blocked.sub.html.ini b/tests/wpt/meta/content-security-policy/img-src/img-src-full-host-wildcard-blocked.sub.html.ini
new file mode 100644
index 00000000000..9d834d05fe1
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/img-src/img-src-full-host-wildcard-blocked.sub.html.ini
@@ -0,0 +1,3 @@
+[img-src-full-host-wildcard-blocked.sub.html]
+  [img src does not match full host and wildcard csp directive]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/img-src/img-src-none-blocks-data-uri.html.ini b/tests/wpt/meta/content-security-policy/img-src/img-src-none-blocks-data-uri.html.ini
new file mode 100644
index 00000000000..ad739afc5b9
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/img-src/img-src-none-blocks-data-uri.html.ini
@@ -0,0 +1,3 @@
+[img-src-none-blocks-data-uri.html]
+  [img-src with 'none' source should not match]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/img-src/img-src-none-blocks.html.ini b/tests/wpt/meta/content-security-policy/img-src/img-src-none-blocks.html.ini
new file mode 100644
index 00000000000..32e84a94fd9
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/img-src/img-src-none-blocks.html.ini
@@ -0,0 +1,3 @@
+[img-src-none-blocks.html]
+  [img-src with 'none' source should not match]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/img-src/img-src-self-unique-origin.html.ini b/tests/wpt/meta/content-security-policy/img-src/img-src-self-unique-origin.html.ini
new file mode 100644
index 00000000000..f5ccd49ccee
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/img-src/img-src-self-unique-origin.html.ini
@@ -0,0 +1,4 @@
+[img-src-self-unique-origin.html]
+  expected: TIMEOUT
+  [Image's url must not match with 'self'. Image must be blocked.]
+    expected: TIMEOUT
diff --git a/tests/wpt/meta/content-security-policy/img-src/report-blocked-data-uri.sub.html.ini b/tests/wpt/meta/content-security-policy/img-src/report-blocked-data-uri.sub.html.ini
new file mode 100644
index 00000000000..b0430f92595
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/img-src/report-blocked-data-uri.sub.html.ini
@@ -0,0 +1,3 @@
+[report-blocked-data-uri.sub.html]
+  [Expecting logs: ["violated-directive=img-src"\]]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/img-src/svg-use-blocked.tentative.html.ini b/tests/wpt/meta/content-security-policy/img-src/svg-use-blocked.tentative.html.ini
new file mode 100644
index 00000000000..3ba99de903a
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/img-src/svg-use-blocked.tentative.html.ini
@@ -0,0 +1,4 @@
+[svg-use-blocked.tentative.html]
+  expected: TIMEOUT
+  [Blocked SVG <use> element]
+    expected: TIMEOUT
diff --git a/tests/wpt/meta/content-security-policy/inheritance/blob-url-in-child-frame-self-navigate-inherits.sub.html.ini b/tests/wpt/meta/content-security-policy/inheritance/blob-url-in-child-frame-self-navigate-inherits.sub.html.ini
new file mode 100644
index 00000000000..25062b63645
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/inheritance/blob-url-in-child-frame-self-navigate-inherits.sub.html.ini
@@ -0,0 +1,3 @@
+[blob-url-in-child-frame-self-navigate-inherits.sub.html]
+  [Violation report status OK.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/inheritance/blob-url-in-main-window-self-navigate-inherits.sub.html.ini b/tests/wpt/meta/content-security-policy/inheritance/blob-url-in-main-window-self-navigate-inherits.sub.html.ini
new file mode 100644
index 00000000000..948eea2bac2
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/inheritance/blob-url-in-main-window-self-navigate-inherits.sub.html.ini
@@ -0,0 +1,3 @@
+[blob-url-in-main-window-self-navigate-inherits.sub.html]
+  [Violation report status OK.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/inheritance/blob-url-inherits-from-initiator.sub.html.ini b/tests/wpt/meta/content-security-policy/inheritance/blob-url-inherits-from-initiator.sub.html.ini
new file mode 100644
index 00000000000..9385f4e6025
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/inheritance/blob-url-inherits-from-initiator.sub.html.ini
@@ -0,0 +1,7 @@
+[blob-url-inherits-from-initiator.sub.html]
+  expected: TIMEOUT
+  [Initiator is same-origin with target frame.]
+    expected: TIMEOUT
+
+  [Initiator is cross-origin with target frame.]
+    expected: TIMEOUT
diff --git a/tests/wpt/meta/content-security-policy/inheritance/document-write-iframe.html.ini b/tests/wpt/meta/content-security-policy/inheritance/document-write-iframe.html.ini
new file mode 100644
index 00000000000..d93be0d40ea
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/inheritance/document-write-iframe.html.ini
@@ -0,0 +1,3 @@
+[document-write-iframe.html]
+  [document.open() keeps inherited CSPs on empty iframe.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/inheritance/frame-src-javascript-url.html.ini b/tests/wpt/meta/content-security-policy/inheritance/frame-src-javascript-url.html.ini
new file mode 100644
index 00000000000..630c7204927
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/inheritance/frame-src-javascript-url.html.ini
@@ -0,0 +1,4 @@
+[frame-src-javascript-url.html]
+  expected: TIMEOUT
+  [<iframe src='javascript:...'>'s inherits policy (dynamically inserted <iframe> is blocked)]
+    expected: TIMEOUT
diff --git a/tests/wpt/meta/content-security-policy/inheritance/history-iframe.sub.html.ini b/tests/wpt/meta/content-security-policy/inheritance/history-iframe.sub.html.ini
new file mode 100644
index 00000000000..d629ffef04f
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/inheritance/history-iframe.sub.html.ini
@@ -0,0 +1,24 @@
+[history-iframe.sub.html]
+  [History navigation in iframe: "about:blank" document is navigated back from history same-origin.]
+    expected: FAIL
+
+  [History navigation in iframe: "about:blank" document is navigated back from history cross-origin.]
+    expected: FAIL
+
+  [History navigation in iframe: blob URL document is navigated back from history same-origin.]
+    expected: FAIL
+
+  [History navigation in iframe: blob URL document is navigated back from history cross-origin.]
+    expected: FAIL
+
+  [History navigation in iframe: data URL document is navigated back from history same-origin.]
+    expected: FAIL
+
+  [History navigation in iframe: data URL document is navigated back from history cross-origin.]
+    expected: FAIL
+
+  [History navigation in iframe: srcdoc iframe is navigated back from history same-origin.]
+    expected: FAIL
+
+  [History navigation in iframe: srcdoc iframe is navigated back from history cross-origin.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/inheritance/history.sub.html.ini b/tests/wpt/meta/content-security-policy/inheritance/history.sub.html.ini
new file mode 100644
index 00000000000..c6c78131de0
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/inheritance/history.sub.html.ini
@@ -0,0 +1,18 @@
+[history.sub.html]
+  [History navigation: "about:blank" document is navigated back from history same-origin.]
+    expected: FAIL
+
+  [History navigation: "about:blank" document is navigated back from history cross-origin.]
+    expected: FAIL
+
+  [History navigation: blob URL document is navigated back from history same-origin.]
+    expected: FAIL
+
+  [History navigation: blob URL document is navigated back from history cross-origin.]
+    expected: FAIL
+
+  [History navigation: blob URL document is navigated back from history (without bfcache on Firefox) same-origin.]
+    expected: FAIL
+
+  [History navigation: blob URL document is navigated back from history (without bfcache on Firefox) cross-origin.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/inheritance/iframe-all-local-schemes.sub.html.ini b/tests/wpt/meta/content-security-policy/inheritance/iframe-all-local-schemes.sub.html.ini
new file mode 100644
index 00000000000..781468a1f16
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/inheritance/iframe-all-local-schemes.sub.html.ini
@@ -0,0 +1,30 @@
+[iframe-all-local-schemes.sub.html]
+  [<iframe>'s about:blank inherits policy.]
+    expected: FAIL
+
+  [window about:blank inherits policy.]
+    expected: FAIL
+
+  [<iframe srcdoc>'s inherits policy.]
+    expected: FAIL
+
+  [<iframe src='blob:...'>'s inherits policy.]
+    expected: FAIL
+
+  [window url='blob:...' inherits policy.]
+    expected: FAIL
+
+  [<iframe src='data:...'>'s inherits policy.]
+    expected: FAIL
+
+  [<iframe src='javascript:...'>'s inherits policy (static <img> is blocked)]
+    expected: FAIL
+
+  [window url='javascript:...'>'s inherits policy (static <img> is blocked)]
+    expected: FAIL
+
+  [<iframe src='javascript:...'>'s inherits policy (dynamically inserted <img> is blocked)]
+    expected: FAIL
+
+  [<iframe sandbox src='blob:...'>'s inherits policy. (opaque origin sandbox)]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/inheritance/iframe-srcdoc-history-inheritance.html.ini b/tests/wpt/meta/content-security-policy/inheritance/iframe-srcdoc-history-inheritance.html.ini
new file mode 100644
index 00000000000..ae178939b32
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/inheritance/iframe-srcdoc-history-inheritance.html.ini
@@ -0,0 +1,4 @@
+[iframe-srcdoc-history-inheritance.html]
+  expected: TIMEOUT
+  [iframe-srcdoc-history-inheritance]
+    expected: TIMEOUT
diff --git a/tests/wpt/meta/content-security-policy/inheritance/iframe-srcdoc-inheritance.html.ini b/tests/wpt/meta/content-security-policy/inheritance/iframe-srcdoc-inheritance.html.ini
new file mode 100644
index 00000000000..61468867d57
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/inheritance/iframe-srcdoc-inheritance.html.ini
@@ -0,0 +1,7 @@
+[iframe-srcdoc-inheritance.html]
+  expected: TIMEOUT
+  [First image should be blocked]
+    expected: FAIL
+
+  [Second image should be blocked]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/inheritance/inheritance-from-initiator.sub.html.ini b/tests/wpt/meta/content-security-policy/inheritance/inheritance-from-initiator.sub.html.ini
new file mode 100644
index 00000000000..397f1e43e6f
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/inheritance/inheritance-from-initiator.sub.html.ini
@@ -0,0 +1,21 @@
+[inheritance-from-initiator.sub.html]
+  [Setting src inherits from parent.]
+    expected: FAIL
+
+  [Changing contentWindow.location inherits from who changed it.]
+    expected: FAIL
+
+  [Changing contentWindow.location indirectly inherits from who changed it directly.]
+    expected: FAIL
+
+  [window.open() inherits from caller.]
+    expected: FAIL
+
+  [Click on anchor inherits from owner of the anchor.]
+    expected: FAIL
+
+  [Form submission through submit() inherits from owner of form.]
+    expected: FAIL
+
+  [Form submission through button click inherits from owner of form.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/inheritance/inherited-csp-list-modifications-are-local.html.ini b/tests/wpt/meta/content-security-policy/inheritance/inherited-csp-list-modifications-are-local.html.ini
new file mode 100644
index 00000000000..f02921ab1b3
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/inheritance/inherited-csp-list-modifications-are-local.html.ini
@@ -0,0 +1,7 @@
+[inherited-csp-list-modifications-are-local.html]
+  expected: TIMEOUT
+  [Test that embedded iframe document image does not load]
+    expected: FAIL
+
+  [Test that spv event is fired]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/inheritance/javascript-url-open-in-main-window.html.ini b/tests/wpt/meta/content-security-policy/inheritance/javascript-url-open-in-main-window.html.ini
new file mode 100644
index 00000000000..bf5137f7bb9
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/inheritance/javascript-url-open-in-main-window.html.ini
@@ -0,0 +1,3 @@
+[javascript-url-open-in-main-window.html]
+  [Executing Javascript URL keeps enforcing previous CSPs of the document.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/inheritance/javascript-url-srcdoc-cross-origin-iframe-inheritance.html.ini b/tests/wpt/meta/content-security-policy/inheritance/javascript-url-srcdoc-cross-origin-iframe-inheritance.html.ini
new file mode 100644
index 00000000000..ab2897917b1
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/inheritance/javascript-url-srcdoc-cross-origin-iframe-inheritance.html.ini
@@ -0,0 +1,4 @@
+[javascript-url-srcdoc-cross-origin-iframe-inheritance.html]
+  expected: TIMEOUT
+  [Nested cross-origin iframe should be blocked by frame-src 'self'.]
+    expected: TIMEOUT
diff --git a/tests/wpt/meta/content-security-policy/inheritance/location-reload.html.ini b/tests/wpt/meta/content-security-policy/inheritance/location-reload.html.ini
new file mode 100644
index 00000000000..4b0c78cb0d8
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/inheritance/location-reload.html.ini
@@ -0,0 +1,9 @@
+[location-reload.html]
+  [location.reload() of empty iframe.]
+    expected: FAIL
+
+  [location.reload() of blob URL iframe.]
+    expected: FAIL
+
+  [location.reload() of srcdoc iframe.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/inheritance/sandboxed-blob-scheme.html.ini b/tests/wpt/meta/content-security-policy/inheritance/sandboxed-blob-scheme.html.ini
new file mode 100644
index 00000000000..2d9ee4f9447
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/inheritance/sandboxed-blob-scheme.html.ini
@@ -0,0 +1,3 @@
+[sandboxed-blob-scheme.html]
+  [Violation report status OK.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/inheritance/sandboxed-data-scheme.html.ini b/tests/wpt/meta/content-security-policy/inheritance/sandboxed-data-scheme.html.ini
new file mode 100644
index 00000000000..b33c47c75c7
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/inheritance/sandboxed-data-scheme.html.ini
@@ -0,0 +1,3 @@
+[sandboxed-data-scheme.html]
+  [Violation report status OK.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/inheritance/unsandboxed-blob-scheme.html.ini b/tests/wpt/meta/content-security-policy/inheritance/unsandboxed-blob-scheme.html.ini
new file mode 100644
index 00000000000..0fe22eefc30
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/inheritance/unsandboxed-blob-scheme.html.ini
@@ -0,0 +1,3 @@
+[unsandboxed-blob-scheme.html]
+  [Violation report status OK.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/inheritance/unsandboxed-data-scheme.html.ini b/tests/wpt/meta/content-security-policy/inheritance/unsandboxed-data-scheme.html.ini
new file mode 100644
index 00000000000..cfaaf57ab3a
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/inheritance/unsandboxed-data-scheme.html.ini
@@ -0,0 +1,3 @@
+[unsandboxed-data-scheme.html]
+  [Violation report status OK.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/inheritance/window-open-local-after-network-scheme.sub.html.ini b/tests/wpt/meta/content-security-policy/inheritance/window-open-local-after-network-scheme.sub.html.ini
new file mode 100644
index 00000000000..05caa33cfaf
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/inheritance/window-open-local-after-network-scheme.sub.html.ini
@@ -0,0 +1,6 @@
+[window-open-local-after-network-scheme.sub.html]
+  [Popup being navigated to about:blank was same-origin.]
+    expected: FAIL
+
+  [Popup being navigated to about:blank was cross-origin.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/inheritance/window.html.ini b/tests/wpt/meta/content-security-policy/inheritance/window.html.ini
new file mode 100644
index 00000000000..e8f1ad8e3df
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/inheritance/window.html.ini
@@ -0,0 +1,12 @@
+[window.html]
+  [window.open() inherits policy.]
+    expected: FAIL
+
+  [`document.write` into `window.open()` inherits policy.]
+    expected: FAIL
+
+  [window.open('blob:...') inherits policy.]
+    expected: FAIL
+
+  [window.open('javascript:...') inherits policy.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/inside-worker/dedicatedworker-connect-src.html.ini b/tests/wpt/meta/content-security-policy/inside-worker/dedicatedworker-connect-src.html.ini
new file mode 100644
index 00000000000..9aff7028839
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/inside-worker/dedicatedworker-connect-src.html.ini
@@ -0,0 +1,30 @@
+[dedicatedworker-connect-src.html]
+  [Cross-origin 'fetch()' in http: with connect-src 'self']
+    expected: FAIL
+
+  [Cross-origin XHR in http: with connect-src 'self']
+    expected: FAIL
+
+  [Same-origin => cross-origin 'fetch()' in http: with connect-src 'self']
+    expected: FAIL
+
+  [WebSocket in http: with connect-src 'self']
+    expected: FAIL
+
+  [Reports match in http: with connect-src 'self']
+    expected: FAIL
+
+  [Cross-origin 'fetch()' in blob: with connect-src 'self']
+    expected: FAIL
+
+  [Cross-origin XHR in blob: with connect-src 'self']
+    expected: FAIL
+
+  [Same-origin => cross-origin 'fetch()' in blob: with connect-src 'self']
+    expected: FAIL
+
+  [WebSocket in blob: with connect-src 'self']
+    expected: FAIL
+
+  [Reports match in blob: with connect-src 'self']
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/inside-worker/dedicatedworker-report-only.html.ini b/tests/wpt/meta/content-security-policy/inside-worker/dedicatedworker-report-only.html.ini
new file mode 100644
index 00000000000..cb18d19fb52
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/inside-worker/dedicatedworker-report-only.html.ini
@@ -0,0 +1,16 @@
+[dedicatedworker-report-only.html]
+  expected: TIMEOUT
+  [Cross-origin 'fetch()'.]
+    expected: TIMEOUT
+
+  [Cross-origin XHR.]
+    expected: NOTRUN
+
+  [Same-origin => cross-origin 'fetch()'.]
+    expected: NOTRUN
+
+  [WebSocket.]
+    expected: NOTRUN
+
+  [connect-src-self-report-only]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/inside-worker/dedicatedworker-script-src.html.ini b/tests/wpt/meta/content-security-policy/inside-worker/dedicatedworker-script-src.html.ini
new file mode 100644
index 00000000000..a630ac3bcc1
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/inside-worker/dedicatedworker-script-src.html.ini
@@ -0,0 +1,24 @@
+[dedicatedworker-script-src.html]
+  [Cross-origin `importScripts()` blocked in http: with script-src 'self']
+    expected: FAIL
+
+  [`eval()` blocked in http: with script-src 'self']
+    expected: FAIL
+
+  [`setTimeout([string\])` blocked in http: with script-src 'self']
+    expected: FAIL
+
+  [Reports are sent for http: with script-src 'self']
+    expected: FAIL
+
+  [Cross-origin `importScripts()` blocked in blob: with script-src 'self']
+    expected: FAIL
+
+  [`eval()` blocked in blob: with script-src 'self']
+    expected: FAIL
+
+  [`setTimeout([string\])` blocked in blob: with script-src 'self']
+    expected: FAIL
+
+  [Reports are sent for blob: with script-src 'self']
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/inside-worker/serviceworker-connect-src.https.sub.html.ini b/tests/wpt/meta/content-security-policy/inside-worker/serviceworker-connect-src.https.sub.html.ini
new file mode 100644
index 00000000000..b86f6845ee9
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/inside-worker/serviceworker-connect-src.https.sub.html.ini
@@ -0,0 +1,10 @@
+[serviceworker-connect-src.https.sub.html]
+  expected: TIMEOUT
+  [serviceworker-connect-src]
+    expected: TIMEOUT
+
+  [serviceworker-connect-src 1]
+    expected: NOTRUN
+
+  [serviceworker-connect-src 2]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/inside-worker/serviceworker-report-only.https.sub.html.ini b/tests/wpt/meta/content-security-policy/inside-worker/serviceworker-report-only.https.sub.html.ini
new file mode 100644
index 00000000000..2c67d93c625
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/inside-worker/serviceworker-report-only.https.sub.html.ini
@@ -0,0 +1,4 @@
+[serviceworker-report-only.https.sub.html]
+  expected: TIMEOUT
+  [serviceworker-report-only]
+    expected: TIMEOUT
diff --git a/tests/wpt/meta/content-security-policy/inside-worker/serviceworker-script-src.https.sub.html.ini b/tests/wpt/meta/content-security-policy/inside-worker/serviceworker-script-src.https.sub.html.ini
new file mode 100644
index 00000000000..373fd612d30
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/inside-worker/serviceworker-script-src.https.sub.html.ini
@@ -0,0 +1,10 @@
+[serviceworker-script-src.https.sub.html]
+  expected: TIMEOUT
+  [serviceworker-script-src]
+    expected: TIMEOUT
+
+  [serviceworker-script-src 1]
+    expected: NOTRUN
+
+  [serviceworker-script-src 2]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/inside-worker/sharedworker-connect-src.sub.html.ini b/tests/wpt/meta/content-security-policy/inside-worker/sharedworker-connect-src.sub.html.ini
new file mode 100644
index 00000000000..3c2c692d657
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/inside-worker/sharedworker-connect-src.sub.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-connect-src.sub.html]
+  [sharedworker-connect-src]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/inside-worker/sharedworker-report-only.sub.html.ini b/tests/wpt/meta/content-security-policy/inside-worker/sharedworker-report-only.sub.html.ini
new file mode 100644
index 00000000000..8916dff227a
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/inside-worker/sharedworker-report-only.sub.html.ini
@@ -0,0 +1,2 @@
+[sharedworker-report-only.sub.html]
+  expected: ERROR
diff --git a/tests/wpt/meta/content-security-policy/inside-worker/sharedworker-script-src.sub.html.ini b/tests/wpt/meta/content-security-policy/inside-worker/sharedworker-script-src.sub.html.ini
new file mode 100644
index 00000000000..07c8971a6d5
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/inside-worker/sharedworker-script-src.sub.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-script-src.sub.html]
+  [sharedworker-script-src]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/media-src/media-src-7_1_2.sub.html.ini b/tests/wpt/meta/content-security-policy/media-src/media-src-7_1_2.sub.html.ini
new file mode 100644
index 00000000000..026c0088640
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/media-src/media-src-7_1_2.sub.html.ini
@@ -0,0 +1,7 @@
+[media-src-7_1_2.sub.html]
+  expected: TIMEOUT
+  [Disallowed async video src]
+    expected: FAIL
+
+  [Test that securitypolicyviolation events are fired]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/media-src/media-src-7_2_2.sub.html.ini b/tests/wpt/meta/content-security-policy/media-src/media-src-7_2_2.sub.html.ini
new file mode 100644
index 00000000000..debc367f6ea
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/media-src/media-src-7_2_2.sub.html.ini
@@ -0,0 +1,10 @@
+[media-src-7_2_2.sub.html]
+  expected: TIMEOUT
+  [Disallaowed audio src]
+    expected: FAIL
+
+  [Disallowed audio source element]
+    expected: FAIL
+
+  [Test that securitypolicyviolation events are fired]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/media-src/media-src-7_3_2.sub.html.ini b/tests/wpt/meta/content-security-policy/media-src/media-src-7_3_2.sub.html.ini
new file mode 100644
index 00000000000..25ba27cd1b7
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/media-src/media-src-7_3_2.sub.html.ini
@@ -0,0 +1,7 @@
+[media-src-7_3_2.sub.html]
+  expected: TIMEOUT
+  [Disallowed track element onerror handler fires.]
+    expected: FAIL
+
+  [Test that securitypolicyviolation events are fired]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/media-src/media-src-blocked.sub.html.ini b/tests/wpt/meta/content-security-policy/media-src/media-src-blocked.sub.html.ini
new file mode 100644
index 00000000000..111d0147dce
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/media-src/media-src-blocked.sub.html.ini
@@ -0,0 +1,12 @@
+[media-src-blocked.sub.html]
+  [Disallowed async video src]
+    expected: FAIL
+
+  [Disallowed async video source element]
+    expected: FAIL
+
+  [Disallowed audio src]
+    expected: FAIL
+
+  [Disallowed audio source element]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/meta/combine-header-and-meta-policies.sub.html.ini b/tests/wpt/meta/content-security-policy/meta/combine-header-and-meta-policies.sub.html.ini
new file mode 100644
index 00000000000..e91dd2236b8
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/meta/combine-header-and-meta-policies.sub.html.ini
@@ -0,0 +1,3 @@
+[combine-header-and-meta-policies.sub.html]
+  [Expecting logs: ["TEST COMPLETE", "violated-directive=img-src", "violated-directive=style-src-elem"\]]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/meta/meta-img-src.html.ini b/tests/wpt/meta/content-security-policy/meta/meta-img-src.html.ini
new file mode 100644
index 00000000000..7b9a7ae2247
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/meta/meta-img-src.html.ini
@@ -0,0 +1,3 @@
+[meta-img-src.html]
+  [Expecting logs: ["PASS","TEST COMPLETE"\]]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/meta/meta-modified.html.ini b/tests/wpt/meta/content-security-policy/meta/meta-modified.html.ini
new file mode 100644
index 00000000000..a85cc0cab6b
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/meta/meta-modified.html.ini
@@ -0,0 +1,3 @@
+[meta-modified.html]
+  [Expecting logs: ["PASS", "PASS","TEST COMPLETE"\]]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/meta/sandbox-iframe.html.ini b/tests/wpt/meta/content-security-policy/meta/sandbox-iframe.html.ini
new file mode 100644
index 00000000000..60605889895
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/meta/sandbox-iframe.html.ini
@@ -0,0 +1,4 @@
+[sandbox-iframe.html]
+  expected: TIMEOUT
+  [img-src 'self' works when specified in a meta tag.]
+    expected: TIMEOUT
diff --git a/tests/wpt/meta/content-security-policy/navigation/javascript-url-navigation-evaluated-to-string-inherits-csp.html.ini b/tests/wpt/meta/content-security-policy/navigation/javascript-url-navigation-evaluated-to-string-inherits-csp.html.ini
new file mode 100644
index 00000000000..ab1ff9392a4
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/navigation/javascript-url-navigation-evaluated-to-string-inherits-csp.html.ini
@@ -0,0 +1,3 @@
+[javascript-url-navigation-evaluated-to-string-inherits-csp.html]
+  [Violation report status OK.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/navigation/to-javascript-parent-initiated-check-csp-order.html.ini b/tests/wpt/meta/content-security-policy/navigation/to-javascript-parent-initiated-check-csp-order.html.ini
new file mode 100644
index 00000000000..adba5ecd2f0
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/navigation/to-javascript-parent-initiated-check-csp-order.html.ini
@@ -0,0 +1,22 @@
+[to-javascript-parent-initiated-check-csp-order.html]
+  expected: TIMEOUT
+  [Executing the javascript URL should violate the parent's CSP for\n          iframe.contentWindow.location.href]
+    expected: TIMEOUT
+
+  [Executing the javascript URL should violate the parent's CSP for\n          iframe.src]
+    expected: NOTRUN
+
+  [Executing the javascript URL should violate the parent's CSP for\n          a[target=iframeWithScriptSrcNone\].href]
+    expected: NOTRUN
+
+  [Executing the javascript URL should violate the parent's CSP for\n          a[target=otherTabWithScriptSrcNone\].href]
+    expected: NOTRUN
+
+  [Executing the javascript URL should violate the parent's CSP for\n          area[target=iframeWithScriptScrcNone\].href]
+    expected: NOTRUN
+
+  [Executing the javascript URL should violate the parent's CSP for\n          area[target=otherTabWithScriptSrcNone\].href]
+    expected: NOTRUN
+
+  [Executing the javascript URL should violate the parent's CSP for\n          otherTabWithScriptSrcNone.location.href]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/navigation/to-javascript-parent-initiated-child-csp.html.ini b/tests/wpt/meta/content-security-policy/navigation/to-javascript-parent-initiated-child-csp.html.ini
new file mode 100644
index 00000000000..e09851b2685
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/navigation/to-javascript-parent-initiated-child-csp.html.ini
@@ -0,0 +1,19 @@
+[to-javascript-parent-initiated-child-csp.html]
+  expected: TIMEOUT
+  [Should not have executed the javascript URL for\n        iframe.contentWindow.location.href with child's CSP "script-src 'none'"]
+    expected: TIMEOUT
+
+  [Should not have executed the javascript URL for\n        iframe.src with child's CSP "script-src 'none'"]
+    expected: NOTRUN
+
+  [Should not have executed the javascript URL for\n        otherTabWithScriptSrcNone.location.href with child's CSP "script-src 'none'"]
+    expected: NOTRUN
+
+  [Should not have executed the javascript URL for\n        a[target=iframeWithScriptSrcNone\].href with child's CSP "script-src 'none'"]
+    expected: NOTRUN
+
+  [Should not have executed the javascript URL for\n        area[target=iframeWithScriptSrcNone\].href with child's CSP "script-src 'none'"]
+    expected: NOTRUN
+
+  [Should not have executed the javascript URL for\n        area[target=otherTabWithScriptSrcNone\].href with child's CSP "script-src 'none'"]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/navigation/to-javascript-parent-initiated-parent-csp.html.ini b/tests/wpt/meta/content-security-policy/navigation/to-javascript-parent-initiated-parent-csp.html.ini
new file mode 100644
index 00000000000..bf7d79650ae
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/navigation/to-javascript-parent-initiated-parent-csp.html.ini
@@ -0,0 +1,22 @@
+[to-javascript-parent-initiated-parent-csp.html]
+  expected: TIMEOUT
+  [Should not have executed the javascript url for\n      iframe.contentWindow.location.href]
+    expected: FAIL
+
+  [Should not have executed the javascript url for\n      iframe.src]
+    expected: FAIL
+
+  [Should not have executed the javascript url for\n      otherTab.location.href]
+    expected: TIMEOUT
+
+  [Should not have executed the javascript url for\n      area[target=iframe\].href]
+    expected: NOTRUN
+
+  [Should not have executed the javascript url for\n      area[target=otherTab\].href]
+    expected: NOTRUN
+
+  [Should not have executed the javascript url for\n      a[target=otherTab\].href]
+    expected: NOTRUN
+
+  [Should not have executed the javascript url for\n      a[target=iframe\].href]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/navigation/to-javascript-url-script-src.html.ini b/tests/wpt/meta/content-security-policy/navigation/to-javascript-url-script-src.html.ini
new file mode 100644
index 00000000000..213ed2d4692
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/navigation/to-javascript-url-script-src.html.ini
@@ -0,0 +1,13 @@
+[to-javascript-url-script-src.html]
+  expected: TIMEOUT
+  [<iframe src='javascript:'> blocked without 'unsafe-inline'.]
+    expected: TIMEOUT
+
+  [<iframe> navigated to 'javascript:' blocked without 'unsafe-inline'.]
+    expected: NOTRUN
+
+  [<iframe src='...'> with 'unsafe-inline' navigated to 'javascript:' blocked in this document]
+    expected: NOTRUN
+
+  [<iframe src='...'> without 'unsafe-inline' navigated to 'javascript:' blocked in this document.]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/nonce-hiding/dangling-html-or-body.html.ini b/tests/wpt/meta/content-security-policy/nonce-hiding/dangling-html-or-body.html.ini
new file mode 100644
index 00000000000..47023b4596f
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/nonce-hiding/dangling-html-or-body.html.ini
@@ -0,0 +1,6 @@
+[dangling-html-or-body.html]
+  [Nonces don't leak via CSS side-channels when a dangling body is injected.]
+    expected: FAIL
+
+  [Nonces don't leak via CSS side-channels when a dangling html is injected.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/nonce-hiding/nonces.html.ini b/tests/wpt/meta/content-security-policy/nonce-hiding/nonces.html.ini
new file mode 100644
index 00000000000..76f01fd8a4e
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/nonce-hiding/nonces.html.ini
@@ -0,0 +1,42 @@
+[nonces.html]
+  [Basic nonce tests for meh in HTML namespace]
+    expected: FAIL
+
+  [Basic nonce tests for div in HTML namespace]
+    expected: FAIL
+
+  [Basic nonce tests for script in HTML namespace]
+    expected: FAIL
+
+  [Basic nonce tests for meh in SVG namespace]
+    expected: FAIL
+
+  [Ensure that removal of content attribute does not affect IDL attribute for meh in SVG namespace]
+    expected: FAIL
+
+  [Test empty nonces for meh in SVG namespace]
+    expected: FAIL
+
+  [Basic nonce tests for svg in SVG namespace]
+    expected: FAIL
+
+  [Ensure that removal of content attribute does not affect IDL attribute for svg in SVG namespace]
+    expected: FAIL
+
+  [Test empty nonces for svg in SVG namespace]
+    expected: FAIL
+
+  [Basic nonce tests for script in SVG namespace]
+    expected: FAIL
+
+  [Ensure that removal of content attribute does not affect IDL attribute for script in SVG namespace]
+    expected: FAIL
+
+  [Test empty nonces for script in SVG namespace]
+    expected: FAIL
+
+  [Basic nonce tests for style in HTML namespace]
+    expected: FAIL
+
+  [Basic nonce tests for link in HTML namespace]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/nonce-hiding/script-nonces-hidden-meta.sub.html.ini b/tests/wpt/meta/content-security-policy/nonce-hiding/script-nonces-hidden-meta.sub.html.ini
new file mode 100644
index 00000000000..7268cf08bda
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/nonce-hiding/script-nonces-hidden-meta.sub.html.ini
@@ -0,0 +1,6 @@
+[script-nonces-hidden-meta.sub.html]
+  [Writing 'nonce' IDL attribute.]
+    expected: FAIL
+
+  [createElement.nonce.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/nonce-hiding/script-nonces-hidden.html.ini b/tests/wpt/meta/content-security-policy/nonce-hiding/script-nonces-hidden.html.ini
new file mode 100644
index 00000000000..8b687e4ecfb
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/nonce-hiding/script-nonces-hidden.html.ini
@@ -0,0 +1,30 @@
+[script-nonces-hidden.html]
+  [Reading 'nonce' content attribute and IDL attribute.]
+    expected: FAIL
+
+  [Cloned node retains nonce.]
+    expected: FAIL
+
+  [Cloned node retains nonce when inserted.]
+    expected: FAIL
+
+  [Writing 'nonce' IDL attribute.]
+    expected: FAIL
+
+  [Document-written script's nonce value.]
+    expected: FAIL
+
+  [createElement.nonce.]
+    expected: FAIL
+
+  [setAttribute('nonce') overwrites '.nonce' upon insertion.]
+    expected: FAIL
+
+  [createElement.setAttribute.]
+    expected: FAIL
+
+  [Custom elements expose the correct events.]
+    expected: FAIL
+
+  [Nonces don't leak via CSS side-channels.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/nonce-hiding/svgscript-nonces-hidden-meta.sub.html.ini b/tests/wpt/meta/content-security-policy/nonce-hiding/svgscript-nonces-hidden-meta.sub.html.ini
new file mode 100644
index 00000000000..243e95a6943
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/nonce-hiding/svgscript-nonces-hidden-meta.sub.html.ini
@@ -0,0 +1,19 @@
+[svgscript-nonces-hidden-meta.sub.html]
+  expected: TIMEOUT
+  [Reading 'nonce' content attribute and IDL attribute.]
+    expected: FAIL
+
+  [Cloned node retains nonce.]
+    expected: FAIL
+
+  [Cloned node retains nonce when inserted.]
+    expected: FAIL
+
+  [Writing 'nonce' content attribute.]
+    expected: FAIL
+
+  [Document-written script executes.]
+    expected: NOTRUN
+
+  [createElement.nonce.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/nonce-hiding/svgscript-nonces-hidden.html.ini b/tests/wpt/meta/content-security-policy/nonce-hiding/svgscript-nonces-hidden.html.ini
new file mode 100644
index 00000000000..ba5e820a18e
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/nonce-hiding/svgscript-nonces-hidden.html.ini
@@ -0,0 +1,22 @@
+[svgscript-nonces-hidden.html]
+  expected: TIMEOUT
+  [Reading 'nonce' content attribute and IDL attribute.]
+    expected: FAIL
+
+  [Cloned node retains nonce.]
+    expected: FAIL
+
+  [Cloned node retains nonce when inserted.]
+    expected: FAIL
+
+  [Writing 'nonce' content attribute.]
+    expected: FAIL
+
+  [Document-written script executes.]
+    expected: NOTRUN
+
+  [createElement.nonce.]
+    expected: FAIL
+
+  [createElement.setAttribute.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/object-src/object-src-no-url-blocked.html.ini b/tests/wpt/meta/content-security-policy/object-src/object-src-no-url-blocked.html.ini
new file mode 100644
index 00000000000..a0e1c56214a
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/object-src/object-src-no-url-blocked.html.ini
@@ -0,0 +1,4 @@
+[object-src-no-url-blocked.html]
+  expected: TIMEOUT
+  [Should block the object and fire a spv]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/object-src/object-src-url-blocked.html.ini b/tests/wpt/meta/content-security-policy/object-src/object-src-url-blocked.html.ini
new file mode 100644
index 00000000000..c6642793ea3
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/object-src/object-src-url-blocked.html.ini
@@ -0,0 +1,4 @@
+[object-src-url-blocked.html]
+  expected: TIMEOUT
+  [Should block the object and fire a spv]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/object-src/object-src-url-embed-blocked.html.ini b/tests/wpt/meta/content-security-policy/object-src/object-src-url-embed-blocked.html.ini
new file mode 100644
index 00000000000..243bbcce03b
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/object-src/object-src-url-embed-blocked.html.ini
@@ -0,0 +1,4 @@
+[object-src-url-embed-blocked.html]
+  expected: TIMEOUT
+  [Should block the object and fire a spv]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/object-src/object-src-url-redirect-blocked.sub.html.ini b/tests/wpt/meta/content-security-policy/object-src/object-src-url-redirect-blocked.sub.html.ini
new file mode 100644
index 00000000000..1058fc1856e
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/object-src/object-src-url-redirect-blocked.sub.html.ini
@@ -0,0 +1,4 @@
+[object-src-url-redirect-blocked.sub.html]
+  expected: TIMEOUT
+  [Should block the object and fire a spv]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/parsing/invalid-directive.html.ini b/tests/wpt/meta/content-security-policy/parsing/invalid-directive.html.ini
new file mode 100644
index 00000000000..5044852bdc4
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/parsing/invalid-directive.html.ini
@@ -0,0 +1,3 @@
+[invalid-directive.html]
+  [Even if an unknown directive is specified, img-src is honored.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/report-hash/default-src.https.window.js.ini b/tests/wpt/meta/content-security-policy/report-hash/default-src.https.window.js.ini
new file mode 100644
index 00000000000..97015c0d985
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/report-hash/default-src.https.window.js.ini
@@ -0,0 +1,2 @@
+[default-src.https.window.html]
+  expected: ERROR
diff --git a/tests/wpt/meta/content-security-policy/report-hash/multiple-policies.https.sub.html.ini b/tests/wpt/meta/content-security-policy/report-hash/multiple-policies.https.sub.html.ini
new file mode 100644
index 00000000000..8c85b90e8f9
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/report-hash/multiple-policies.https.sub.html.ini
@@ -0,0 +1,2 @@
+[multiple-policies.https.sub.html]
+  expected: ERROR
diff --git a/tests/wpt/meta/content-security-policy/report-hash/reportonly-default-src.https.window.js.ini b/tests/wpt/meta/content-security-policy/report-hash/reportonly-default-src.https.window.js.ini
new file mode 100644
index 00000000000..d8d4cb11a7e
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/report-hash/reportonly-default-src.https.window.js.ini
@@ -0,0 +1,2 @@
+[reportonly-default-src.https.window.html]
+  expected: ERROR
diff --git a/tests/wpt/meta/content-security-policy/report-hash/reportonly-script-src-elem.https.window.js.ini b/tests/wpt/meta/content-security-policy/report-hash/reportonly-script-src-elem.https.window.js.ini
new file mode 100644
index 00000000000..153531bb6c0
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/report-hash/reportonly-script-src-elem.https.window.js.ini
@@ -0,0 +1,2 @@
+[reportonly-script-src-elem.https.window.html]
+  expected: ERROR
diff --git a/tests/wpt/meta/content-security-policy/report-hash/reportonly-script-src-none.https.window.js.ini b/tests/wpt/meta/content-security-policy/report-hash/reportonly-script-src-none.https.window.js.ini
new file mode 100644
index 00000000000..e66c84f5425
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/report-hash/reportonly-script-src-none.https.window.js.ini
@@ -0,0 +1,2 @@
+[reportonly-script-src-none.https.window.html]
+  expected: ERROR
diff --git a/tests/wpt/meta/content-security-policy/report-hash/reportonly-script-src.https.window.js.ini b/tests/wpt/meta/content-security-policy/report-hash/reportonly-script-src.https.window.js.ini
new file mode 100644
index 00000000000..40a3040ab2b
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/report-hash/reportonly-script-src.https.window.js.ini
@@ -0,0 +1,2 @@
+[reportonly-script-src.https.window.html]
+  expected: ERROR
diff --git a/tests/wpt/meta/content-security-policy/report-hash/script-src-elem.https.window.js.ini b/tests/wpt/meta/content-security-policy/report-hash/script-src-elem.https.window.js.ini
new file mode 100644
index 00000000000..449223773b0
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/report-hash/script-src-elem.https.window.js.ini
@@ -0,0 +1,2 @@
+[script-src-elem.https.window.html]
+  expected: ERROR
diff --git a/tests/wpt/meta/content-security-policy/report-hash/script-src-sha512.https.window.js.ini b/tests/wpt/meta/content-security-policy/report-hash/script-src-sha512.https.window.js.ini
new file mode 100644
index 00000000000..b03172ffbd4
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/report-hash/script-src-sha512.https.window.js.ini
@@ -0,0 +1,2 @@
+[script-src-sha512.https.window.html]
+  expected: ERROR
diff --git a/tests/wpt/meta/content-security-policy/report-hash/script-src.https.window.js.ini b/tests/wpt/meta/content-security-policy/report-hash/script-src.https.window.js.ini
new file mode 100644
index 00000000000..f9e1ac1f9c0
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/report-hash/script-src.https.window.js.ini
@@ -0,0 +1,2 @@
+[script-src.https.window.html]
+  expected: ERROR
diff --git a/tests/wpt/meta/content-security-policy/reporting-api/report-to-directive-allowed-in-meta.https.sub.html.ini b/tests/wpt/meta/content-security-policy/reporting-api/report-to-directive-allowed-in-meta.https.sub.html.ini
new file mode 100644
index 00000000000..b49405b5ff0
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/reporting-api/report-to-directive-allowed-in-meta.https.sub.html.ini
@@ -0,0 +1,13 @@
+[report-to-directive-allowed-in-meta.https.sub.html]
+  expected: TIMEOUT
+  [Test that image does not load]
+    expected: NOTRUN
+
+  [Event is fired]
+    expected: TIMEOUT
+
+  [Report is observable to ReportingObserver]
+    expected: FAIL
+
+  [Violation report status OK.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/reporting-api/reporting-api-report-only-sends-reports-on-violation.https.sub.html.ini b/tests/wpt/meta/content-security-policy/reporting-api/reporting-api-report-only-sends-reports-on-violation.https.sub.html.ini
new file mode 100644
index 00000000000..215ef61c88a
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/reporting-api/reporting-api-report-only-sends-reports-on-violation.https.sub.html.ini
@@ -0,0 +1,7 @@
+[reporting-api-report-only-sends-reports-on-violation.https.sub.html]
+  expected: TIMEOUT
+  [Event is fired]
+    expected: TIMEOUT
+
+  [Violation report status OK.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/reporting-api/reporting-api-report-to-only-sends-reports-to-first-endpoint.https.sub.html.ini b/tests/wpt/meta/content-security-policy/reporting-api/reporting-api-report-to-only-sends-reports-to-first-endpoint.https.sub.html.ini
new file mode 100644
index 00000000000..6b41e87865a
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/reporting-api/reporting-api-report-to-only-sends-reports-to-first-endpoint.https.sub.html.ini
@@ -0,0 +1,7 @@
+[reporting-api-report-to-only-sends-reports-to-first-endpoint.https.sub.html]
+  expected: TIMEOUT
+  [Test that image does not load]
+    expected: NOTRUN
+
+  [Event is fired]
+    expected: TIMEOUT
diff --git a/tests/wpt/meta/content-security-policy/reporting-api/reporting-api-report-to-overrides-report-uri-1.https.sub.html.ini b/tests/wpt/meta/content-security-policy/reporting-api/reporting-api-report-to-overrides-report-uri-1.https.sub.html.ini
new file mode 100644
index 00000000000..124806f97b8
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/reporting-api/reporting-api-report-to-overrides-report-uri-1.https.sub.html.ini
@@ -0,0 +1,7 @@
+[reporting-api-report-to-overrides-report-uri-1.https.sub.html]
+  expected: TIMEOUT
+  [Test that image does not load]
+    expected: NOTRUN
+
+  [Event is fired]
+    expected: TIMEOUT
diff --git a/tests/wpt/meta/content-security-policy/reporting-api/reporting-api-report-to-overrides-report-uri-2.https.sub.html.ini b/tests/wpt/meta/content-security-policy/reporting-api/reporting-api-report-to-overrides-report-uri-2.https.sub.html.ini
new file mode 100644
index 00000000000..d0546ace6ac
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/reporting-api/reporting-api-report-to-overrides-report-uri-2.https.sub.html.ini
@@ -0,0 +1,7 @@
+[reporting-api-report-to-overrides-report-uri-2.https.sub.html]
+  expected: TIMEOUT
+  [Test that image does not load]
+    expected: NOTRUN
+
+  [Event is fired]
+    expected: TIMEOUT
diff --git a/tests/wpt/meta/content-security-policy/reporting-api/reporting-api-sends-reports-on-violation.https.sub.html.ini b/tests/wpt/meta/content-security-policy/reporting-api/reporting-api-sends-reports-on-violation.https.sub.html.ini
new file mode 100644
index 00000000000..9292dda4b2d
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/reporting-api/reporting-api-sends-reports-on-violation.https.sub.html.ini
@@ -0,0 +1,13 @@
+[reporting-api-sends-reports-on-violation.https.sub.html]
+  expected: TIMEOUT
+  [Test that image does not load]
+    expected: NOTRUN
+
+  [Event is fired]
+    expected: TIMEOUT
+
+  [Report is observable to ReportingObserver]
+    expected: FAIL
+
+  [Violation report status OK.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/reporting-api/reporting-api-works-on-frame-ancestors.https.sub.html.ini b/tests/wpt/meta/content-security-policy/reporting-api/reporting-api-works-on-frame-ancestors.https.sub.html.ini
new file mode 100644
index 00000000000..a99307cc850
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/reporting-api/reporting-api-works-on-frame-ancestors.https.sub.html.ini
@@ -0,0 +1,3 @@
+[reporting-api-works-on-frame-ancestors.https.sub.html]
+  [Violation report status OK.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/reporting-api/reporting-api-works-on-frame-src.https.sub.html.ini b/tests/wpt/meta/content-security-policy/reporting-api/reporting-api-works-on-frame-src.https.sub.html.ini
new file mode 100644
index 00000000000..40ed15766c9
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/reporting-api/reporting-api-works-on-frame-src.https.sub.html.ini
@@ -0,0 +1,7 @@
+[reporting-api-works-on-frame-src.https.sub.html]
+  expected: TIMEOUT
+  [Event is fired]
+    expected: TIMEOUT
+
+  [Violation report status OK.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/reporting/multiple-report-policies.html.ini b/tests/wpt/meta/content-security-policy/reporting/multiple-report-policies.html.ini
new file mode 100644
index 00000000000..b691cd78d4f
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/reporting/multiple-report-policies.html.ini
@@ -0,0 +1,6 @@
+[multiple-report-policies.html]
+  [2-Violation report status OK]
+    expected: FAIL
+
+  [1-Violation report status OK]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/reporting/post-redirect-stacktrace.https.html.ini b/tests/wpt/meta/content-security-policy/reporting/post-redirect-stacktrace.https.html.ini
new file mode 100644
index 00000000000..0623ac8d003
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/reporting/post-redirect-stacktrace.https.html.ini
@@ -0,0 +1,13 @@
+[post-redirect-stacktrace.https.html]
+  expected: ERROR
+  [StackTrace do not leak cross-origin post-redirect URL]
+    expected: FAIL
+
+  [StackTrace do not leak cross-site post-redirect URL]
+    expected: FAIL
+
+  [CSP report do not leak cross-origin post-redirect URL]
+    expected: NOTRUN
+
+  [CSP report do not leak cross-site post-redirect URL]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/reporting/report-and-enforce.html.ini b/tests/wpt/meta/content-security-policy/reporting/report-and-enforce.html.ini
new file mode 100644
index 00000000000..4341d759cf3
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/reporting/report-and-enforce.html.ini
@@ -0,0 +1,6 @@
+[report-and-enforce.html]
+  [The image should be blocked]
+    expected: FAIL
+
+  [Violation report status OK.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/reporting/report-blocked-data-uri.html.ini b/tests/wpt/meta/content-security-policy/reporting/report-blocked-data-uri.html.ini
new file mode 100644
index 00000000000..d8269171239
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/reporting/report-blocked-data-uri.html.ini
@@ -0,0 +1,3 @@
+[report-blocked-data-uri.html]
+  [Violation report status OK.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/reporting/report-blocked-uri-cross-origin.sub.html.ini b/tests/wpt/meta/content-security-policy/reporting/report-blocked-uri-cross-origin.sub.html.ini
new file mode 100644
index 00000000000..e70dcdeca70
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/reporting/report-blocked-uri-cross-origin.sub.html.ini
@@ -0,0 +1,3 @@
+[report-blocked-uri-cross-origin.sub.html]
+  [Violation report status OK.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/reporting/report-blocked-uri.html.ini b/tests/wpt/meta/content-security-policy/reporting/report-blocked-uri.html.ini
new file mode 100644
index 00000000000..2275d16dae2
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/reporting/report-blocked-uri.html.ini
@@ -0,0 +1,3 @@
+[report-blocked-uri.html]
+  [Violation report status OK.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/reporting/report-clips-sample.https.html.ini b/tests/wpt/meta/content-security-policy/reporting/report-clips-sample.https.html.ini
new file mode 100644
index 00000000000..783a58399e0
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/reporting/report-clips-sample.https.html.ini
@@ -0,0 +1,21 @@
+[report-clips-sample.https.html]
+  [Unsafe eval violation sample is clipped to 40 characters.]
+    expected: FAIL
+
+  [Unsafe indirect eval violation sample is clipped to 40 characters.]
+    expected: FAIL
+
+  [Function constructor - the other kind of eval - is clipped.]
+    expected: FAIL
+
+  [Async Function constructor is also clipped.]
+    expected: FAIL
+
+  [Generator Function constructor is also clipped.]
+    expected: FAIL
+
+  [AsyncGenerator Function constructor is also clipped.]
+    expected: FAIL
+
+  [Trusted Types violation sample is clipped to 40 characters excluded the sink name.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/reporting/report-cross-origin-no-cookies.sub.html.ini b/tests/wpt/meta/content-security-policy/reporting/report-cross-origin-no-cookies.sub.html.ini
new file mode 100644
index 00000000000..c7665aab918
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/reporting/report-cross-origin-no-cookies.sub.html.ini
@@ -0,0 +1,3 @@
+[report-cross-origin-no-cookies.sub.html]
+  [Violation report status OK.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/reporting/report-frame-ancestors-no-parent-cookies.sub.html.ini b/tests/wpt/meta/content-security-policy/reporting/report-frame-ancestors-no-parent-cookies.sub.html.ini
new file mode 100644
index 00000000000..98c1f8c14cb
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/reporting/report-frame-ancestors-no-parent-cookies.sub.html.ini
@@ -0,0 +1,3 @@
+[report-frame-ancestors-no-parent-cookies.sub.html]
+  [Violation report status OK.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/reporting/report-frame-ancestors-with-x-frame-options.sub.html.ini b/tests/wpt/meta/content-security-policy/reporting/report-frame-ancestors-with-x-frame-options.sub.html.ini
new file mode 100644
index 00000000000..82711cce67b
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/reporting/report-frame-ancestors-with-x-frame-options.sub.html.ini
@@ -0,0 +1,3 @@
+[report-frame-ancestors-with-x-frame-options.sub.html]
+  [Violation report status OK.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/reporting/report-frame-ancestors.sub.html.ini b/tests/wpt/meta/content-security-policy/reporting/report-frame-ancestors.sub.html.ini
new file mode 100644
index 00000000000..24f5c02ceda
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/reporting/report-frame-ancestors.sub.html.ini
@@ -0,0 +1,3 @@
+[report-frame-ancestors.sub.html]
+  [Violation report status OK.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/reporting/report-multiple-violations-01.html.ini b/tests/wpt/meta/content-security-policy/reporting/report-multiple-violations-01.html.ini
new file mode 100644
index 00000000000..5b221057d2f
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/reporting/report-multiple-violations-01.html.ini
@@ -0,0 +1,6 @@
+[report-multiple-violations-01.html]
+  [Violation report status OK.]
+    expected: FAIL
+
+  [Test number of sent reports.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/reporting/report-multiple-violations-02.html.ini b/tests/wpt/meta/content-security-policy/reporting/report-multiple-violations-02.html.ini
new file mode 100644
index 00000000000..9934866aef7
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/reporting/report-multiple-violations-02.html.ini
@@ -0,0 +1,6 @@
+[report-multiple-violations-02.html]
+  [Violation report status OK.]
+    expected: FAIL
+
+  [Test number of sent reports.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/reporting/report-only-cross-origin-frame.sub.html.ini b/tests/wpt/meta/content-security-policy/reporting/report-only-cross-origin-frame.sub.html.ini
new file mode 100644
index 00000000000..d005975d3bb
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/reporting/report-only-cross-origin-frame.sub.html.ini
@@ -0,0 +1,7 @@
+[report-only-cross-origin-frame.sub.html]
+  expected: TIMEOUT
+  [The securitypolicyviolation is triggered.]
+    expected: NOTRUN
+
+  [Violation report status OK.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/reporting/report-only-unsafe-eval.html.ini b/tests/wpt/meta/content-security-policy/reporting/report-only-unsafe-eval.html.ini
new file mode 100644
index 00000000000..0c3690b9bec
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/reporting/report-only-unsafe-eval.html.ini
@@ -0,0 +1,6 @@
+[report-only-unsafe-eval.html]
+  [SPV event is still raised]
+    expected: FAIL
+
+  [Violation report status OK.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/reporting/report-original-url-on-mixed-content-frame.https.sub.html.ini b/tests/wpt/meta/content-security-policy/reporting/report-original-url-on-mixed-content-frame.https.sub.html.ini
new file mode 100644
index 00000000000..92366249526
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/reporting/report-original-url-on-mixed-content-frame.https.sub.html.ini
@@ -0,0 +1,3 @@
+[report-original-url-on-mixed-content-frame.https.sub.html]
+  [Violation report status OK.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/reporting/report-original-url.sub.html.ini b/tests/wpt/meta/content-security-policy/reporting/report-original-url.sub.html.ini
new file mode 100644
index 00000000000..9d64a7e6bc4
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/reporting/report-original-url.sub.html.ini
@@ -0,0 +1,16 @@
+[report-original-url.sub.html]
+  expected: TIMEOUT
+  [Direct block, same-origin = full URL in report]
+    expected: TIMEOUT
+
+  [Direct block, cross-origin = full URL in report]
+    expected: TIMEOUT
+
+  [Block after redirect, same-origin = original URL in report]
+    expected: TIMEOUT
+
+  [Block after redirect, cross-origin = original URL in report]
+    expected: TIMEOUT
+
+  [Violation report status OK.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/reporting/report-preload-and-consume.https.html.ini b/tests/wpt/meta/content-security-policy/reporting/report-preload-and-consume.https.html.ini
new file mode 100644
index 00000000000..2d09ea340b3
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/reporting/report-preload-and-consume.https.html.ini
@@ -0,0 +1,4 @@
+[report-preload-and-consume.https.html]
+  expected: TIMEOUT
+  [Reporting endpoints received credentials.]
+    expected: TIMEOUT
diff --git a/tests/wpt/meta/content-security-policy/reporting/report-same-origin-with-cookies.html.ini b/tests/wpt/meta/content-security-policy/reporting/report-same-origin-with-cookies.html.ini
new file mode 100644
index 00000000000..7bcf1b8cc61
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/reporting/report-same-origin-with-cookies.html.ini
@@ -0,0 +1,9 @@
+[report-same-origin-with-cookies.html]
+  [Image should not load]
+    expected: FAIL
+
+  [Violation report status OK.]
+    expected: FAIL
+
+  [Test report cookies.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/reporting/report-strips-fragment.html.ini b/tests/wpt/meta/content-security-policy/reporting/report-strips-fragment.html.ini
new file mode 100644
index 00000000000..1aab8623c95
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/reporting/report-strips-fragment.html.ini
@@ -0,0 +1,4 @@
+[report-strips-fragment.html]
+  expected: TIMEOUT
+  [Reported document URI does not contain fragments.]
+    expected: TIMEOUT
diff --git a/tests/wpt/meta/content-security-policy/reporting/report-uri-effective-directive.html.ini b/tests/wpt/meta/content-security-policy/reporting/report-uri-effective-directive.html.ini
new file mode 100644
index 00000000000..1571539a4e4
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/reporting/report-uri-effective-directive.html.ini
@@ -0,0 +1,3 @@
+[report-uri-effective-directive.html]
+  [Violation report status OK.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/reporting/report-uri-from-child-frame.html.ini b/tests/wpt/meta/content-security-policy/reporting/report-uri-from-child-frame.html.ini
new file mode 100644
index 00000000000..4112d8054e5
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/reporting/report-uri-from-child-frame.html.ini
@@ -0,0 +1,3 @@
+[report-uri-from-child-frame.html]
+  [Violation report status OK.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/reporting/report-uri-from-inline-javascript.html.ini b/tests/wpt/meta/content-security-policy/reporting/report-uri-from-inline-javascript.html.ini
new file mode 100644
index 00000000000..a37311b0d13
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/reporting/report-uri-from-inline-javascript.html.ini
@@ -0,0 +1,3 @@
+[report-uri-from-inline-javascript.html]
+  [Violation report status OK.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/reporting/report-uri-from-javascript.html.ini b/tests/wpt/meta/content-security-policy/reporting/report-uri-from-javascript.html.ini
new file mode 100644
index 00000000000..92daa7fe26d
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/reporting/report-uri-from-javascript.html.ini
@@ -0,0 +1,3 @@
+[report-uri-from-javascript.html]
+  [Violation report status OK.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/reporting/report-uri-multiple-reversed.html.ini b/tests/wpt/meta/content-security-policy/reporting/report-uri-multiple-reversed.html.ini
new file mode 100644
index 00000000000..1edf44b5887
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/reporting/report-uri-multiple-reversed.html.ini
@@ -0,0 +1,3 @@
+[report-uri-multiple-reversed.html]
+  [Violation report status OK.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/reporting/report-uri-multiple.html.ini b/tests/wpt/meta/content-security-policy/reporting/report-uri-multiple.html.ini
new file mode 100644
index 00000000000..1ea240219fa
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/reporting/report-uri-multiple.html.ini
@@ -0,0 +1,3 @@
+[report-uri-multiple.html]
+  [Violation report status OK.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/reporting/report-uri-scheme-relative.html.ini b/tests/wpt/meta/content-security-policy/reporting/report-uri-scheme-relative.html.ini
new file mode 100644
index 00000000000..6a803717b04
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/reporting/report-uri-scheme-relative.html.ini
@@ -0,0 +1,3 @@
+[report-uri-scheme-relative.html]
+  [Violation report status OK.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/resource-hints/prefetch-allowed-by-any-directive.sub.html.ini b/tests/wpt/meta/content-security-policy/resource-hints/prefetch-allowed-by-any-directive.sub.html.ini
new file mode 100644
index 00000000000..816cd785fe7
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/resource-hints/prefetch-allowed-by-any-directive.sub.html.ini
@@ -0,0 +1,10 @@
+[prefetch-allowed-by-any-directive.sub.html]
+  expected: TIMEOUT
+  [Prefetch should succeed when restricted by default-src but allowed by other directive]
+    expected: TIMEOUT
+
+  [Prefetch should fail when restricted by default-src and different origin allowed by other directive]
+    expected: NOTRUN
+
+  [Prefetch should succeed when restricted by default-src but origin allowed by other directive]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/resource-hints/prefetch-allowed-by-default.html.ini b/tests/wpt/meta/content-security-policy/resource-hints/prefetch-allowed-by-default.html.ini
new file mode 100644
index 00000000000..8d5f47089a3
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/resource-hints/prefetch-allowed-by-default.html.ini
@@ -0,0 +1,4 @@
+[prefetch-allowed-by-default.html]
+  expected: TIMEOUT
+  [Prefetch should succeed when allowed by default-src]
+    expected: TIMEOUT
diff --git a/tests/wpt/meta/content-security-policy/resource-hints/prefetch-allowed-no-default.html.ini b/tests/wpt/meta/content-security-policy/resource-hints/prefetch-allowed-no-default.html.ini
new file mode 100644
index 00000000000..328cb2551c4
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/resource-hints/prefetch-allowed-no-default.html.ini
@@ -0,0 +1,4 @@
+[prefetch-allowed-no-default.html]
+  expected: TIMEOUT
+  [Prefetch should succeed when there is no default-src]
+    expected: TIMEOUT
diff --git a/tests/wpt/meta/content-security-policy/resource-hints/prefetch-allowed-with-conflicting-permissive-policies.html.ini b/tests/wpt/meta/content-security-policy/resource-hints/prefetch-allowed-with-conflicting-permissive-policies.html.ini
new file mode 100644
index 00000000000..0919ef94aa5
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/resource-hints/prefetch-allowed-with-conflicting-permissive-policies.html.ini
@@ -0,0 +1,4 @@
+[prefetch-allowed-with-conflicting-permissive-policies.html]
+  expected: TIMEOUT
+  [Prefetch should succeed when a directive in a policy is permissive, even if a subsequent policy overrides that.]
+    expected: TIMEOUT
diff --git a/tests/wpt/meta/content-security-policy/resource-hints/prefetch-blocked-by-default-multiple-policies.html.ini b/tests/wpt/meta/content-security-policy/resource-hints/prefetch-blocked-by-default-multiple-policies.html.ini
new file mode 100644
index 00000000000..f795f8c5d4b
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/resource-hints/prefetch-blocked-by-default-multiple-policies.html.ini
@@ -0,0 +1,4 @@
+[prefetch-blocked-by-default-multiple-policies.html]
+  expected: TIMEOUT
+  [Prefetch should fail when restricted by default-src]
+    expected: TIMEOUT
diff --git a/tests/wpt/meta/content-security-policy/resource-hints/prefetch-blocked-by-default.html.ini b/tests/wpt/meta/content-security-policy/resource-hints/prefetch-blocked-by-default.html.ini
new file mode 100644
index 00000000000..3ee2b910a58
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/resource-hints/prefetch-blocked-by-default.html.ini
@@ -0,0 +1,4 @@
+[prefetch-blocked-by-default.html]
+  expected: TIMEOUT
+  [Prefetch should fail when restricted by default-src]
+    expected: TIMEOUT
diff --git a/tests/wpt/meta/content-security-policy/resource-hints/prefetch-generate-directives.html.ini b/tests/wpt/meta/content-security-policy/resource-hints/prefetch-generate-directives.html.ini
new file mode 100644
index 00000000000..7843cf2984c
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/resource-hints/prefetch-generate-directives.html.ini
@@ -0,0 +1,79 @@
+[prefetch-generate-directives.html]
+  expected: TIMEOUT
+  [Test that script-src enabled with everything else disabled allows prefetching]
+    expected: FAIL
+
+  [Test that script-src enabled with default-src disabled allows prefetching]
+    expected: FAIL
+
+  [Test that img-src enabled with everything else disabled allows prefetching]
+    expected: FAIL
+
+  [Test that img-src enabled with default-src disabled allows prefetching]
+    expected: FAIL
+
+  [Test that connect-src enabled with everything else disabled allows prefetching]
+    expected: TIMEOUT
+
+  [Test that connect-src enabled with default-src disabled allows prefetching]
+    expected: NOTRUN
+
+  [Test that object-src enabled with everything else disabled allows prefetching]
+    expected: NOTRUN
+
+  [Test that object-src enabled with default-src disabled allows prefetching]
+    expected: NOTRUN
+
+  [Test that font-src enabled with everything else disabled allows prefetching]
+    expected: NOTRUN
+
+  [Test that font-src enabled with default-src disabled allows prefetching]
+    expected: NOTRUN
+
+  [Test that manifest-src enabled with everything else disabled allows prefetching]
+    expected: NOTRUN
+
+  [Test that manifest-src enabled with default-src disabled allows prefetching]
+    expected: NOTRUN
+
+  [Test that media-src enabled with everything else disabled allows prefetching]
+    expected: NOTRUN
+
+  [Test that media-src enabled with default-src disabled allows prefetching]
+    expected: NOTRUN
+
+  [Test that style-src enabled with everything else disabled allows prefetching]
+    expected: NOTRUN
+
+  [Test that style-src enabled with default-src disabled allows prefetching]
+    expected: NOTRUN
+
+  [Test that child-src enabled with everything else disabled allows prefetching]
+    expected: NOTRUN
+
+  [Test that child-src enabled with default-src disabled allows prefetching]
+    expected: NOTRUN
+
+  [Test that frame-src enabled with everything else disabled allows prefetching]
+    expected: NOTRUN
+
+  [Test that frame-src enabled with default-src disabled allows prefetching]
+    expected: NOTRUN
+
+  [Test that worker-src enabled with everything else disabled allows prefetching]
+    expected: NOTRUN
+
+  [Test that worker-src enabled with default-src disabled allows prefetching]
+    expected: NOTRUN
+
+  [Test that base-uri enabled with everything else disabled allows prefetching]
+    expected: NOTRUN
+
+  [Test that base-uri enabled with default-src disabled allows prefetching]
+    expected: NOTRUN
+
+  [Test that permissive script-src-elem supersedes script-src]
+    expected: NOTRUN
+
+  [Test that permissive script-src supersedes script-src-elem]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/resource-hints/prefetch-ignores-prefetch-src.sub.html.ini b/tests/wpt/meta/content-security-policy/resource-hints/prefetch-ignores-prefetch-src.sub.html.ini
new file mode 100644
index 00000000000..30e8ff98e77
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/resource-hints/prefetch-ignores-prefetch-src.sub.html.ini
@@ -0,0 +1,4 @@
+[prefetch-ignores-prefetch-src.sub.html]
+  expected: TIMEOUT
+  [Prefetch should fail when restricted by default-src and allowed by unsupported prefetch-src directive (prefetch-src should be ignored)]
+    expected: TIMEOUT
diff --git a/tests/wpt/meta/content-security-policy/resource-hints/prefetch-no-csp.html.ini b/tests/wpt/meta/content-security-policy/resource-hints/prefetch-no-csp.html.ini
new file mode 100644
index 00000000000..414e4ff720e
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/resource-hints/prefetch-no-csp.html.ini
@@ -0,0 +1,4 @@
+[prefetch-no-csp.html]
+  expected: TIMEOUT
+  [Prefetch succeeds when no CSP]
+    expected: TIMEOUT
diff --git a/tests/wpt/meta/content-security-policy/sandbox/sandbox-empty-subframe.sub.html.ini b/tests/wpt/meta/content-security-policy/sandbox/sandbox-empty-subframe.sub.html.ini
new file mode 100644
index 00000000000..f8d402376f5
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/sandbox/sandbox-empty-subframe.sub.html.ini
@@ -0,0 +1,3 @@
+[sandbox-empty-subframe.sub.html]
+  [Expecting logs: ["PASS2"\]]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/sandbox/service-worker-sandbox.https.html.ini b/tests/wpt/meta/content-security-policy/sandbox/service-worker-sandbox.https.html.ini
new file mode 100644
index 00000000000..295b4b39ba3
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/sandbox/service-worker-sandbox.https.html.ini
@@ -0,0 +1,21 @@
+[service-worker-sandbox.https.html]
+  [global setup]
+    expected: FAIL
+
+  [Origin of service worker]
+    expected: FAIL
+
+  [Response generated by service worker can be fetched as same-origin]
+    expected: FAIL
+
+  [Origin used in fetch on service worker (mode: same-origin, with ACAOrigin)]
+    expected: FAIL
+
+  [Origin used in fetch on service worker (mode: same-origin)]
+    expected: FAIL
+
+  [Origin used in fetch on service worker (mode: cors, with ACAOrigin)]
+    expected: FAIL
+
+  [Origin used in fetch on service worker (mode: cors)]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/sandbox/shared-worker-sandbox.html.ini b/tests/wpt/meta/content-security-policy/sandbox/shared-worker-sandbox.html.ini
new file mode 100644
index 00000000000..c0387673a23
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/sandbox/shared-worker-sandbox.html.ini
@@ -0,0 +1,3 @@
+[shared-worker-sandbox.html]
+  [sandbox directive for SharedWorker]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/sandbox/window-reuse-unsandboxed.html.ini b/tests/wpt/meta/content-security-policy/sandbox/window-reuse-unsandboxed.html.ini
new file mode 100644
index 00000000000..d85981340d8
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/sandbox/window-reuse-unsandboxed.html.ini
@@ -0,0 +1,3 @@
+[window-reuse-unsandboxed.html]
+  [Window object should be reused]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/script-src-attr-elem/script-src-attr-blocked-src-allowed.html.ini b/tests/wpt/meta/content-security-policy/script-src-attr-elem/script-src-attr-blocked-src-allowed.html.ini
new file mode 100644
index 00000000000..7d63c9c4aa8
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/script-src-attr-elem/script-src-attr-blocked-src-allowed.html.ini
@@ -0,0 +1,4 @@
+[script-src-attr-blocked-src-allowed.html]
+  expected: TIMEOUT
+  [Should fire a security policy violation event]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/script-src-attr-elem/script-src-elem-allowed-attr-blocked.html.ini b/tests/wpt/meta/content-security-policy/script-src-attr-elem/script-src-elem-allowed-attr-blocked.html.ini
new file mode 100644
index 00000000000..26cdda4bcb0
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/script-src-attr-elem/script-src-elem-allowed-attr-blocked.html.ini
@@ -0,0 +1,4 @@
+[script-src-elem-allowed-attr-blocked.html]
+  expected: TIMEOUT
+  [Should fire a security policy violation for the attribute]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/script-src-attr-elem/script-src-elem-blocked-attr-allowed.html.ini b/tests/wpt/meta/content-security-policy/script-src-attr-elem/script-src-elem-blocked-attr-allowed.html.ini
new file mode 100644
index 00000000000..dbcc0e32fea
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/script-src-attr-elem/script-src-elem-blocked-attr-allowed.html.ini
@@ -0,0 +1,4 @@
+[script-src-elem-blocked-attr-allowed.html]
+  expected: TIMEOUT
+  [Should fire a security policy violation for the attribute]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/script-src-attr-elem/script-src-elem-blocked-src-allowed.html.ini b/tests/wpt/meta/content-security-policy/script-src-attr-elem/script-src-elem-blocked-src-allowed.html.ini
new file mode 100644
index 00000000000..2b588c54a1b
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/script-src-attr-elem/script-src-elem-blocked-src-allowed.html.ini
@@ -0,0 +1,4 @@
+[script-src-elem-blocked-src-allowed.html]
+  expected: TIMEOUT
+  [Should fire a spv event]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/script-src-attr-elem/strict-dynamic-elem-blocked-src-allowed.sub.html.ini b/tests/wpt/meta/content-security-policy/script-src-attr-elem/strict-dynamic-elem-blocked-src-allowed.sub.html.ini
new file mode 100644
index 00000000000..cd0c153e461
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/script-src-attr-elem/strict-dynamic-elem-blocked-src-allowed.sub.html.ini
@@ -0,0 +1,4 @@
+[strict-dynamic-elem-blocked-src-allowed.sub.html]
+  expected: TIMEOUT
+  [Should fire a security policy violation event]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/script-src/eval-allowed-in-report-only-mode-and-sends-report.html.ini b/tests/wpt/meta/content-security-policy/script-src/eval-allowed-in-report-only-mode-and-sends-report.html.ini
new file mode 100644
index 00000000000..e0ac35d5d2d
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/script-src/eval-allowed-in-report-only-mode-and-sends-report.html.ini
@@ -0,0 +1,3 @@
+[eval-allowed-in-report-only-mode-and-sends-report.html]
+  [Violation report status OK.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/script-src/injected-inline-script-blocked.sub.html.ini b/tests/wpt/meta/content-security-policy/script-src/injected-inline-script-blocked.sub.html.ini
new file mode 100644
index 00000000000..a238a868a00
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/script-src/injected-inline-script-blocked.sub.html.ini
@@ -0,0 +1,3 @@
+[injected-inline-script-blocked.sub.html]
+  [Expecting logs: ["violated-directive=script-src-elem","blocked-uri=inline"\]]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/script-src/javascript-window-open-blocked.html.ini b/tests/wpt/meta/content-security-policy/script-src/javascript-window-open-blocked.html.ini
new file mode 100644
index 00000000000..125b4088132
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/script-src/javascript-window-open-blocked.html.ini
@@ -0,0 +1,4 @@
+[javascript-window-open-blocked.html]
+  expected: TIMEOUT
+  [Check that a securitypolicyviolation event is fired]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/script-src/nonce-enforce-blocked.html.ini b/tests/wpt/meta/content-security-policy/script-src/nonce-enforce-blocked.html.ini
new file mode 100644
index 00000000000..f6f7521b516
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/script-src/nonce-enforce-blocked.html.ini
@@ -0,0 +1,3 @@
+[nonce-enforce-blocked.html]
+  [Unnonced scripts generate reports.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/script-src/script-src-1_1.html.ini b/tests/wpt/meta/content-security-policy/script-src/script-src-1_1.html.ini
new file mode 100644
index 00000000000..539ba1d3fe6
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/script-src/script-src-1_1.html.ini
@@ -0,0 +1,7 @@
+[script-src-1_1.html]
+  expected: TIMEOUT
+  [Inline event handler]
+    expected: FAIL
+
+  [Should fire policy violation events]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/script-src/script-src-1_10.html.ini b/tests/wpt/meta/content-security-policy/script-src/script-src-1_10.html.ini
new file mode 100644
index 00000000000..cc343c33362
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/script-src/script-src-1_10.html.ini
@@ -0,0 +1,4 @@
+[script-src-1_10.html]
+  expected: TIMEOUT
+  [Test that securitypolicyviolation event is fired]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/script-src/script-src-1_2.html.ini b/tests/wpt/meta/content-security-policy/script-src/script-src-1_2.html.ini
new file mode 100644
index 00000000000..3b78af2b156
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/script-src/script-src-1_2.html.ini
@@ -0,0 +1,7 @@
+[script-src-1_2.html]
+  expected: TIMEOUT
+  [Inline event handler]
+    expected: FAIL
+
+  [Should fire policy violation events]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/script-src/script-src-1_2_1.html.ini b/tests/wpt/meta/content-security-policy/script-src/script-src-1_2_1.html.ini
new file mode 100644
index 00000000000..b67e9008738
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/script-src/script-src-1_2_1.html.ini
@@ -0,0 +1,4 @@
+[script-src-1_2_1.html]
+  expected: TIMEOUT
+  [Test that securitypolicyviolation event is fired]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/script-src/script-src-report-only-policy-works-with-external-hash-policy.html.ini b/tests/wpt/meta/content-security-policy/script-src/script-src-report-only-policy-works-with-external-hash-policy.html.ini
new file mode 100644
index 00000000000..96eac5af576
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/script-src/script-src-report-only-policy-works-with-external-hash-policy.html.ini
@@ -0,0 +1,7 @@
+[script-src-report-only-policy-works-with-external-hash-policy.html]
+  expected: TIMEOUT
+  [Should fire securitypolicyviolation event]
+    expected: NOTRUN
+
+  [External script in a script tag with matching SRI hash should run.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/script-src/script-src-report-only-policy-works-with-hash-policy.html.ini b/tests/wpt/meta/content-security-policy/script-src/script-src-report-only-policy-works-with-hash-policy.html.ini
new file mode 100644
index 00000000000..31bfeae4a12
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/script-src/script-src-report-only-policy-works-with-hash-policy.html.ini
@@ -0,0 +1,4 @@
+[script-src-report-only-policy-works-with-hash-policy.html]
+  expected: TIMEOUT
+  [Test that the securitypolicyviolation event is fired]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/script-src/script-src-sri_hash.sub.html.ini b/tests/wpt/meta/content-security-policy/script-src/script-src-sri_hash.sub.html.ini
new file mode 100644
index 00000000000..7ce862f5a16
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/script-src/script-src-sri_hash.sub.html.ini
@@ -0,0 +1,9 @@
+[script-src-sri_hash.sub.html]
+  [multiple matching integrity]
+    expected: FAIL
+
+  [partially matching integrity]
+    expected: FAIL
+
+  [External script in a script tag with matching SRI hash should run.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/script-src/script-src-strict_dynamic_discard_source_expressions.html.ini b/tests/wpt/meta/content-security-policy/script-src/script-src-strict_dynamic_discard_source_expressions.html.ini
new file mode 100644
index 00000000000..63cfa444854
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/script-src/script-src-strict_dynamic_discard_source_expressions.html.ini
@@ -0,0 +1,3 @@
+[script-src-strict_dynamic_discard_source_expressions.html]
+  [Allowed scripts without a correct nonce are not permitted with `strict-dynamic`.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/script-src/script-src-strict_dynamic_double_policy_different_nonce.html.ini b/tests/wpt/meta/content-security-policy/script-src/script-src-strict_dynamic_double_policy_different_nonce.html.ini
new file mode 100644
index 00000000000..64a53f8c449
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/script-src/script-src-strict_dynamic_double_policy_different_nonce.html.ini
@@ -0,0 +1,4 @@
+[script-src-strict_dynamic_double_policy_different_nonce.html]
+  expected: TIMEOUT
+  [Unnonced script injected via `appendChild` is not allowed with `strict-dynamic` + a nonce-only double policy.]
+    expected: TIMEOUT
diff --git a/tests/wpt/meta/content-security-policy/script-src/script-src-strict_dynamic_double_policy_honor_source_expressions.sub.html.ini b/tests/wpt/meta/content-security-policy/script-src/script-src-strict_dynamic_double_policy_honor_source_expressions.sub.html.ini
new file mode 100644
index 00000000000..6a8346f0e25
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/script-src/script-src-strict_dynamic_double_policy_honor_source_expressions.sub.html.ini
@@ -0,0 +1,4 @@
+[script-src-strict_dynamic_double_policy_honor_source_expressions.sub.html]
+  expected: TIMEOUT
+  [Non-allowed script injected via `appendChild` is not permitted with `strict-dynamic` + a nonce+allowed double policy.]
+    expected: TIMEOUT
diff --git a/tests/wpt/meta/content-security-policy/script-src/script-src-strict_dynamic_javascript_uri.html.ini b/tests/wpt/meta/content-security-policy/script-src/script-src-strict_dynamic_javascript_uri.html.ini
new file mode 100644
index 00000000000..b16c3876c44
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/script-src/script-src-strict_dynamic_javascript_uri.html.ini
@@ -0,0 +1,4 @@
+[script-src-strict_dynamic_javascript_uri.html]
+  expected: TIMEOUT
+  [Script injected via `javascript:` URIs are not allowed with `strict-dynamic`.]
+    expected: TIMEOUT
diff --git a/tests/wpt/meta/content-security-policy/script-src/script-src-strict_dynamic_meta_tag.html.ini b/tests/wpt/meta/content-security-policy/script-src/script-src-strict_dynamic_meta_tag.html.ini
new file mode 100644
index 00000000000..eaee0eea6e0
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/script-src/script-src-strict_dynamic_meta_tag.html.ini
@@ -0,0 +1,7 @@
+[script-src-strict_dynamic_meta_tag.html]
+  expected: TIMEOUT
+  [Script injected via `appendChild` populated via `textContent` is allowed with `strict-dynamic`.]
+    expected: TIMEOUT
+
+  [Script injected via `appendChild` populated via `textContent` is allowed with `strict-dynamic`, even if it carries an incorrect nonce.]
+    expected: TIMEOUT
diff --git a/tests/wpt/meta/content-security-policy/script-src/script-src-strict_dynamic_non_parser_inserted.html.ini b/tests/wpt/meta/content-security-policy/script-src/script-src-strict_dynamic_non_parser_inserted.html.ini
new file mode 100644
index 00000000000..f25fbbe74d1
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/script-src/script-src-strict_dynamic_non_parser_inserted.html.ini
@@ -0,0 +1,7 @@
+[script-src-strict_dynamic_non_parser_inserted.html]
+  expected: TIMEOUT
+  [Script injected via `appendChild` populated via `textContent` is allowed with `strict-dynamic`.]
+    expected: TIMEOUT
+
+  [Script injected via `appendChild` populated via `textContent` is allowed with `strict-dynamic`, even if it carries an incorrect nonce.]
+    expected: TIMEOUT
diff --git a/tests/wpt/meta/content-security-policy/script-src/script-src-strict_dynamic_non_parser_inserted_incorrect_nonce.html.ini b/tests/wpt/meta/content-security-policy/script-src/script-src-strict_dynamic_non_parser_inserted_incorrect_nonce.html.ini
new file mode 100644
index 00000000000..95e07a69fd6
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/script-src/script-src-strict_dynamic_non_parser_inserted_incorrect_nonce.html.ini
@@ -0,0 +1,4 @@
+[script-src-strict_dynamic_non_parser_inserted_incorrect_nonce.html]
+  expected: TIMEOUT
+  [All the expected CSP violation reports have been fired.]
+    expected: TIMEOUT
diff --git a/tests/wpt/meta/content-security-policy/script-src/script-src-strict_dynamic_parser_inserted.html.ini b/tests/wpt/meta/content-security-policy/script-src/script-src-strict_dynamic_parser_inserted.html.ini
new file mode 100644
index 00000000000..44bc930f887
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/script-src/script-src-strict_dynamic_parser_inserted.html.ini
@@ -0,0 +1,31 @@
+[script-src-strict_dynamic_parser_inserted.html]
+  expected: TIMEOUT
+  [Parser-inserted script via `document.write` without a correct nonce is not allowed with `strict-dynamic`.]
+    expected: FAIL
+
+  [Parser-inserted script via `document.writeln` without a correct nonce is not allowed with `strict-dynamic`.]
+    expected: FAIL
+
+  [Parser-inserted deferred script via `document.write` without a correct nonce is not allowed with `strict-dynamic`.]
+    expected: FAIL
+
+  [Parser-inserted deferred script via `document.writeln` without a correct nonce is not allowed with `strict-dynamic`.]
+    expected: FAIL
+
+  [Parser-inserted async script via `document.write` without a correct nonce is not allowed with `strict-dynamic`.]
+    expected: FAIL
+
+  [Parser-inserted async script via `document.writeln` without a correct nonce is not allowed with `strict-dynamic`.]
+    expected: FAIL
+
+  [Parser-inserted deferred async script via `document.write` without a correct nonce is not allowed with `strict-dynamic`.]
+    expected: FAIL
+
+  [Parser-inserted deferred async script via `document.writeln` without a correct nonce is not allowed with `strict-dynamic`.]
+    expected: TIMEOUT
+
+  [Script injected via `innerHTML` is not allowed with `strict-dynamic`.]
+    expected: TIMEOUT
+
+  [Script injected via `insertAdjacentHTML` is not allowed with `strict-dynamic`.]
+    expected: TIMEOUT
diff --git a/tests/wpt/meta/content-security-policy/script-src/script-src-strict_dynamic_worker.https.html.ini b/tests/wpt/meta/content-security-policy/script-src/script-src-strict_dynamic_worker.https.html.ini
new file mode 100644
index 00000000000..6015fecfd69
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/script-src/script-src-strict_dynamic_worker.https.html.ini
@@ -0,0 +1,7 @@
+[script-src-strict_dynamic_worker.https.html]
+  expected: TIMEOUT
+  [Shared worker is allowed via 'strict-dynamic']
+    expected: FAIL
+
+  [Service worker is allowed via 'strict-dynamic']
+    expected: TIMEOUT
diff --git a/tests/wpt/meta/content-security-policy/script-src/script-src-trusted_types_eval_with_require_trusted_types_eval.html.ini b/tests/wpt/meta/content-security-policy/script-src/script-src-trusted_types_eval_with_require_trusted_types_eval.html.ini
new file mode 100644
index 00000000000..63f89f3c8fd
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/script-src/script-src-trusted_types_eval_with_require_trusted_types_eval.html.ini
@@ -0,0 +1,13 @@
+[script-src-trusted_types_eval_with_require_trusted_types_eval.html]
+  expected: ERROR
+  [Script injected via direct `eval` is allowed with `trusted-types-eval` and `require-trusted-types-for 'script'`.]
+    expected: FAIL
+
+  [Script injected via indirect `eval` is allowed with `trusted-types-eval` and `require-trusted-types-for 'script'`.]
+    expected: FAIL
+
+  [Script injected via `new Function` is allowed with `trusted-types-eval` and `require-trusted-types-for 'script'`.]
+    expected: FAIL
+
+  [Script injected via `setTimeout` is allowed with `trusted-types-eval` and `require-trusted-types-for 'script'`.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/script-src/scripthash-case-insensitive.sub.html.ini b/tests/wpt/meta/content-security-policy/script-src/scripthash-case-insensitive.sub.html.ini
new file mode 100644
index 00000000000..19b7395760a
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/script-src/scripthash-case-insensitive.sub.html.ini
@@ -0,0 +1,3 @@
+[scripthash-case-insensitive.sub.html]
+  [Expecting alerts: ["PASS (1/6)","PASS (2/6)","PASS (3/6)","PASS (4/6)","PASS (5/6)","PASS (6/6)"\]]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/script-src/scripthash-unicode-normalization.sub.html.ini b/tests/wpt/meta/content-security-policy/script-src/scripthash-unicode-normalization.sub.html.ini
new file mode 100644
index 00000000000..9884e4545fd
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/script-src/scripthash-unicode-normalization.sub.html.ini
@@ -0,0 +1,4 @@
+[scripthash-unicode-normalization.sub.html]
+  expected: TIMEOUT
+  [Should fire securitypolicyviolation]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/script-src/scriptnonce-and-scripthash.sub.html.ini b/tests/wpt/meta/content-security-policy/script-src/scriptnonce-and-scripthash.sub.html.ini
new file mode 100644
index 00000000000..ebb9846200d
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/script-src/scriptnonce-and-scripthash.sub.html.ini
@@ -0,0 +1,4 @@
+[scriptnonce-and-scripthash.sub.html]
+  expected: TIMEOUT
+  [Expecting alerts: ["PASS (1/3)","PASS (2/3)","PASS (3/3)"\]]
+    expected: TIMEOUT
diff --git a/tests/wpt/meta/content-security-policy/script-src/scriptnonce-basic-blocked.sub.html.ini b/tests/wpt/meta/content-security-policy/script-src/scriptnonce-basic-blocked.sub.html.ini
new file mode 100644
index 00000000000..dc8de328080
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/script-src/scriptnonce-basic-blocked.sub.html.ini
@@ -0,0 +1,3 @@
+[scriptnonce-basic-blocked.sub.html]
+  [Expecting alerts: ["PASS (closely-quoted nonce)","PASS (nonce w/whitespace)", "violated-directive=script-src-elem", "violated-directive=script-src-elem", "violated-directive=script-src-elem"\]]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/script-src/scriptnonce-ignore-unsafeinline.sub.html.ini b/tests/wpt/meta/content-security-policy/script-src/scriptnonce-ignore-unsafeinline.sub.html.ini
new file mode 100644
index 00000000000..a002d68b3a0
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/script-src/scriptnonce-ignore-unsafeinline.sub.html.ini
@@ -0,0 +1,4 @@
+[scriptnonce-ignore-unsafeinline.sub.html]
+  expected: TIMEOUT
+  [Expecting alerts: ["PASS (1/2)","PASS (2/2)", "violated-directive=script-src-elem"\]]
+    expected: TIMEOUT
diff --git a/tests/wpt/meta/content-security-policy/script-src/srcdoc-doesnt-bypass-script-src.sub.html.ini b/tests/wpt/meta/content-security-policy/script-src/srcdoc-doesnt-bypass-script-src.sub.html.ini
new file mode 100644
index 00000000000..d7dfbd73af7
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/script-src/srcdoc-doesnt-bypass-script-src.sub.html.ini
@@ -0,0 +1,3 @@
+[srcdoc-doesnt-bypass-script-src.sub.html]
+  [Expecting logs: ["violated-directive=script-src-elem"\]]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/script-src/worker-data-set-timeout.sub.html.ini b/tests/wpt/meta/content-security-policy/script-src/worker-data-set-timeout.sub.html.ini
new file mode 100644
index 00000000000..82516e33560
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/script-src/worker-data-set-timeout.sub.html.ini
@@ -0,0 +1,3 @@
+[worker-data-set-timeout.sub.html]
+  [Shared worker with data: url inherits CSP]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/script-src/worker-eval-blocked.sub.html.ini b/tests/wpt/meta/content-security-policy/script-src/worker-eval-blocked.sub.html.ini
new file mode 100644
index 00000000000..d9edf485e4a
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/script-src/worker-eval-blocked.sub.html.ini
@@ -0,0 +1,3 @@
+[worker-eval-blocked.sub.html]
+  [Expecting logs: ["eval blocked"\]]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/script-src/worker-function-function-blocked.sub.html.ini b/tests/wpt/meta/content-security-policy/script-src/worker-function-function-blocked.sub.html.ini
new file mode 100644
index 00000000000..95343a8cd4c
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/script-src/worker-function-function-blocked.sub.html.ini
@@ -0,0 +1,3 @@
+[worker-function-function-blocked.sub.html]
+  [Expecting logs: ["Function() function blocked"\]]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/script-src/worker-importscripts.sub.html.ini b/tests/wpt/meta/content-security-policy/script-src/worker-importscripts.sub.html.ini
new file mode 100644
index 00000000000..cc36e7c5326
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/script-src/worker-importscripts.sub.html.ini
@@ -0,0 +1,6 @@
+[worker-importscripts.sub.html]
+  [Dedicated worker delivers its own CSP]
+    expected: FAIL
+
+  [Shared worker delivers its own CSP]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/script-src/worker-set-timeout.sub.html.ini b/tests/wpt/meta/content-security-policy/script-src/worker-set-timeout.sub.html.ini
new file mode 100644
index 00000000000..e9b5a17d05e
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/script-src/worker-set-timeout.sub.html.ini
@@ -0,0 +1,6 @@
+[worker-set-timeout.sub.html]
+  [Dedicated worker delivers its own CSP]
+    expected: FAIL
+
+  [Shared worker delivers its own CSP]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/style-src-attr-elem/style-src-attr-blocked-src-allowed.html.ini b/tests/wpt/meta/content-security-policy/style-src-attr-elem/style-src-attr-blocked-src-allowed.html.ini
new file mode 100644
index 00000000000..a5cf5faf238
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/style-src-attr-elem/style-src-attr-blocked-src-allowed.html.ini
@@ -0,0 +1,7 @@
+[style-src-attr-blocked-src-allowed.html]
+  expected: TIMEOUT
+  [Should fire a security policy violation event]
+    expected: NOTRUN
+
+  [The attribute style should not be applied]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/style-src-attr-elem/style-src-elem-allowed-attr-blocked.html.ini b/tests/wpt/meta/content-security-policy/style-src-attr-elem/style-src-elem-allowed-attr-blocked.html.ini
new file mode 100644
index 00000000000..979fc151f38
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/style-src-attr-elem/style-src-elem-allowed-attr-blocked.html.ini
@@ -0,0 +1,7 @@
+[style-src-elem-allowed-attr-blocked.html]
+  expected: TIMEOUT
+  [Should fire a security policy violation for the attribute]
+    expected: NOTRUN
+
+  [The attribute style should not be applied and the inline style should be applied]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/style-src-attr-elem/style-src-elem-blocked-attr-allowed.html.ini b/tests/wpt/meta/content-security-policy/style-src-attr-elem/style-src-elem-blocked-attr-allowed.html.ini
new file mode 100644
index 00000000000..c67fec5245c
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/style-src-attr-elem/style-src-elem-blocked-attr-allowed.html.ini
@@ -0,0 +1,7 @@
+[style-src-elem-blocked-attr-allowed.html]
+  expected: TIMEOUT
+  [Should fire a security policy violation for the inline block]
+    expected: NOTRUN
+
+  [The inline style should not be applied and the attribute style should be applied]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/style-src-attr-elem/style-src-elem-blocked-src-allowed.html.ini b/tests/wpt/meta/content-security-policy/style-src-attr-elem/style-src-elem-blocked-src-allowed.html.ini
new file mode 100644
index 00000000000..06439a8cc0a
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/style-src-attr-elem/style-src-elem-blocked-src-allowed.html.ini
@@ -0,0 +1,7 @@
+[style-src-elem-blocked-src-allowed.html]
+  expected: TIMEOUT
+  [Should fire a security policy violation event]
+    expected: NOTRUN
+
+  [The inline style should not be applied]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/style-src/import-style-allowed.sub.html.ini b/tests/wpt/meta/content-security-policy/style-src/import-style-allowed.sub.html.ini
new file mode 100644
index 00000000000..b2ba54aff55
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/style-src/import-style-allowed.sub.html.ini
@@ -0,0 +1,2 @@
+[import-style-allowed.sub.html]
+  expected: ERROR
diff --git a/tests/wpt/meta/content-security-policy/style-src/import-style-blocked.sub.html.ini b/tests/wpt/meta/content-security-policy/style-src/import-style-blocked.sub.html.ini
new file mode 100644
index 00000000000..14e556cb044
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/style-src/import-style-blocked.sub.html.ini
@@ -0,0 +1,2 @@
+[import-style-blocked.sub.html]
+  expected: ERROR
diff --git a/tests/wpt/meta/content-security-policy/style-src/injected-inline-style-blocked.sub.html.ini b/tests/wpt/meta/content-security-policy/style-src/injected-inline-style-blocked.sub.html.ini
new file mode 100644
index 00000000000..06132f67bfc
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/style-src/injected-inline-style-blocked.sub.html.ini
@@ -0,0 +1,3 @@
+[injected-inline-style-blocked.sub.html]
+  [Expecting logs: ["violated-directive=style-src-elem","violated-directive=style-src-elem","PASS"\]]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/style-src/inline-style-allowed-while-cloning-objects.sub.html.ini b/tests/wpt/meta/content-security-policy/style-src/inline-style-allowed-while-cloning-objects.sub.html.ini
new file mode 100644
index 00000000000..0c8111987c0
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/style-src/inline-style-allowed-while-cloning-objects.sub.html.ini
@@ -0,0 +1,13 @@
+[inline-style-allowed-while-cloning-objects.sub.html]
+  expected: TIMEOUT
+  [Test that violation report event was fired]
+    expected: NOTRUN
+
+  [inline-style-allowed-while-cloning-objects 12]
+    expected: FAIL
+
+  [inline-style-allowed-while-cloning-objects 14]
+    expected: FAIL
+
+  [non-HTML namespace]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/style-src/inline-style-attribute-blocked.sub.html.ini b/tests/wpt/meta/content-security-policy/style-src/inline-style-attribute-blocked.sub.html.ini
new file mode 100644
index 00000000000..92f00acdffe
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/style-src/inline-style-attribute-blocked.sub.html.ini
@@ -0,0 +1,3 @@
+[inline-style-attribute-blocked.sub.html]
+  [Expecting logs: ["violated-directive=style-src-attr","PASS"\]]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/style-src/inline-style-blocked.sub.html.ini b/tests/wpt/meta/content-security-policy/style-src/inline-style-blocked.sub.html.ini
new file mode 100644
index 00000000000..62bbd2f0e13
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/style-src/inline-style-blocked.sub.html.ini
@@ -0,0 +1,7 @@
+[inline-style-blocked.sub.html]
+  expected: TIMEOUT
+  [Triggers securitypolicyviolation.]
+    expected: TIMEOUT
+
+  [Inline style element is blocked by CSP.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/style-src/style-blocked.html.ini b/tests/wpt/meta/content-security-policy/style-src/style-blocked.html.ini
new file mode 100644
index 00000000000..beff1f1d0a4
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/style-src/style-blocked.html.ini
@@ -0,0 +1,4 @@
+[style-blocked.html]
+  expected: TIMEOUT
+  [Violated directive is script-src-elem.]
+    expected: TIMEOUT
diff --git a/tests/wpt/meta/content-security-policy/style-src/style-src-error-event-fires.html.ini b/tests/wpt/meta/content-security-policy/style-src/style-src-error-event-fires.html.ini
new file mode 100644
index 00000000000..ea29e6e67be
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/style-src/style-src-error-event-fires.html.ini
@@ -0,0 +1,7 @@
+[style-src-error-event-fires.html]
+  expected: TIMEOUT
+  [Test error event fires on stylesheet link]
+    expected: NOTRUN
+
+  [Test error event fires on inline style]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/style-src/style-src-hash-blocked.html.ini b/tests/wpt/meta/content-security-policy/style-src/style-src-hash-blocked.html.ini
new file mode 100644
index 00000000000..a79f011aec3
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/style-src/style-src-hash-blocked.html.ini
@@ -0,0 +1,7 @@
+[style-src-hash-blocked.html]
+  expected: TIMEOUT
+  [Should not load style that does not match hash]
+    expected: FAIL
+
+  [Should fire a securitypolicyviolation event]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/style-src/style-src-imported-style-blocked.html.ini b/tests/wpt/meta/content-security-policy/style-src/style-src-imported-style-blocked.html.ini
new file mode 100644
index 00000000000..fba57c0f24f
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/style-src/style-src-imported-style-blocked.html.ini
@@ -0,0 +1,4 @@
+[style-src-imported-style-blocked.html]
+  expected: TIMEOUT
+  [Should fire a securitypolicyviolation event]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/style-src/style-src-injected-inline-style-blocked.html.ini b/tests/wpt/meta/content-security-policy/style-src/style-src-injected-inline-style-blocked.html.ini
new file mode 100644
index 00000000000..bb5c48df1b0
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/style-src/style-src-injected-inline-style-blocked.html.ini
@@ -0,0 +1,7 @@
+[style-src-injected-inline-style-blocked.html]
+  expected: TIMEOUT
+  [Injected style attributes should not be applied]
+    expected: FAIL
+
+  [Should fire a securitypolicyviolation event]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/style-src/style-src-injected-stylesheet-blocked.sub.html.ini b/tests/wpt/meta/content-security-policy/style-src/style-src-injected-stylesheet-blocked.sub.html.ini
new file mode 100644
index 00000000000..53167e1f117
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/style-src/style-src-injected-stylesheet-blocked.sub.html.ini
@@ -0,0 +1,7 @@
+[style-src-injected-stylesheet-blocked.sub.html]
+  expected: TIMEOUT
+  [Programatically injected stylesheet should not load]
+    expected: FAIL
+
+  [Should fire a securitypolicyviolation event]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/style-src/style-src-inline-style-attribute-blocked.html.ini b/tests/wpt/meta/content-security-policy/style-src/style-src-inline-style-attribute-blocked.html.ini
new file mode 100644
index 00000000000..d910f28e56a
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/style-src/style-src-inline-style-attribute-blocked.html.ini
@@ -0,0 +1,7 @@
+[style-src-inline-style-attribute-blocked.html]
+  expected: TIMEOUT
+  [Inline style attribute should not be applied without 'unsafe-inline']
+    expected: FAIL
+
+  [Should fire a securitypolicyviolation event]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/style-src/style-src-inline-style-blocked.html.ini b/tests/wpt/meta/content-security-policy/style-src/style-src-inline-style-blocked.html.ini
new file mode 100644
index 00000000000..33ee0df35af
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/style-src/style-src-inline-style-blocked.html.ini
@@ -0,0 +1,7 @@
+[style-src-inline-style-blocked.html]
+  expected: TIMEOUT
+  [Inline style element should not load without 'unsafe-inline']
+    expected: FAIL
+
+  [Should fire a securitypolicyviolation event]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/style-src/style-src-inline-style-nonce-blocked-error-event.html.ini b/tests/wpt/meta/content-security-policy/style-src/style-src-inline-style-nonce-blocked-error-event.html.ini
new file mode 100644
index 00000000000..63a1c9b6240
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/style-src/style-src-inline-style-nonce-blocked-error-event.html.ini
@@ -0,0 +1,7 @@
+[style-src-inline-style-nonce-blocked-error-event.html]
+  expected: TIMEOUT
+  [Should fire a securitypolicyviolation event]
+    expected: NOTRUN
+
+  [Test that paragraph remains unmodified and error events received.]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/style-src/style-src-inline-style-nonce-blocked.html.ini b/tests/wpt/meta/content-security-policy/style-src/style-src-inline-style-nonce-blocked.html.ini
new file mode 100644
index 00000000000..df0fb590691
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/style-src/style-src-inline-style-nonce-blocked.html.ini
@@ -0,0 +1,7 @@
+[style-src-inline-style-nonce-blocked.html]
+  expected: TIMEOUT
+  [Should not load inline style element with invalid nonce]
+    expected: FAIL
+
+  [Should fire a securitypolicyviolation event]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/style-src/style-src-none-blocked.html.ini b/tests/wpt/meta/content-security-policy/style-src/style-src-none-blocked.html.ini
new file mode 100644
index 00000000000..93e7ffb3173
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/style-src/style-src-none-blocked.html.ini
@@ -0,0 +1,7 @@
+[style-src-none-blocked.html]
+  expected: TIMEOUT
+  [Should not stylesheet when style-src is 'none']
+    expected: FAIL
+
+  [Should fire a securitypolicyviolation event]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/style-src/style-src-stylesheet-nonce-blocked.html.ini b/tests/wpt/meta/content-security-policy/style-src/style-src-stylesheet-nonce-blocked.html.ini
new file mode 100644
index 00000000000..f29b72f8cad
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/style-src/style-src-stylesheet-nonce-blocked.html.ini
@@ -0,0 +1,7 @@
+[style-src-stylesheet-nonce-blocked.html]
+  expected: TIMEOUT
+  [Should not load stylesheet without correct nonce]
+    expected: FAIL
+
+  [Should fire a securitypolicyviolation event]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/style-src/stylehash-basic-blocked.sub.html.ini b/tests/wpt/meta/content-security-policy/style-src/stylehash-basic-blocked.sub.html.ini
new file mode 100644
index 00000000000..10375077b42
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/style-src/stylehash-basic-blocked.sub.html.ini
@@ -0,0 +1,3 @@
+[stylehash-basic-blocked.sub.html]
+  [Expecting alerts: ["PASS: The 'p' element's text is green, which means the style was correctly applied.", "violated-directive=style-src-elem"\]]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/style-src/stylenonce-allowed.sub.html.ini b/tests/wpt/meta/content-security-policy/style-src/stylenonce-allowed.sub.html.ini
new file mode 100644
index 00000000000..ae2f83c41d8
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/style-src/stylenonce-allowed.sub.html.ini
@@ -0,0 +1,7 @@
+[stylenonce-allowed.sub.html]
+  expected: TIMEOUT
+  [Should fire securitypolicyviolation]
+    expected: NOTRUN
+
+  [stylenonce-allowed]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/style-src/stylenonce-blocked.sub.html.ini b/tests/wpt/meta/content-security-policy/style-src/stylenonce-blocked.sub.html.ini
new file mode 100644
index 00000000000..97a86a69eea
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/style-src/stylenonce-blocked.sub.html.ini
@@ -0,0 +1,7 @@
+[stylenonce-blocked.sub.html]
+  expected: TIMEOUT
+  [Should fire securitypolicyviolation]
+    expected: NOTRUN
+
+  [stylenonce-blocked]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/svg/object-in-svg-foreignobject.sub.html.ini b/tests/wpt/meta/content-security-policy/svg/object-in-svg-foreignobject.sub.html.ini
new file mode 100644
index 00000000000..b6620011bb9
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/svg/object-in-svg-foreignobject.sub.html.ini
@@ -0,0 +1,4 @@
+[object-in-svg-foreignobject.sub.html]
+  expected: TIMEOUT
+  [Should throw a securitypolicyviolation]
+    expected: TIMEOUT
diff --git a/tests/wpt/meta/content-security-policy/svg/svg-inline.sub.html.ini b/tests/wpt/meta/content-security-policy/svg/svg-inline.sub.html.ini
new file mode 100644
index 00000000000..79792113915
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/svg/svg-inline.sub.html.ini
@@ -0,0 +1,4 @@
+[svg-inline.sub.html]
+  expected: TIMEOUT
+  [Should fire violation event]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/tentative/require-sri-for/script-blocked-meta.https.html.ini b/tests/wpt/meta/content-security-policy/tentative/require-sri-for/script-blocked-meta.https.html.ini
new file mode 100644
index 00000000000..9e618be4547
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/tentative/require-sri-for/script-blocked-meta.https.html.ini
@@ -0,0 +1,4 @@
+[script-blocked-meta.https.html]
+  expected: TIMEOUT
+  [Test that meta require-sri-for blocks scripts with no SRI]
+    expected: TIMEOUT
diff --git a/tests/wpt/meta/content-security-policy/tentative/require-sri-for/script.https.html.ini b/tests/wpt/meta/content-security-policy/tentative/require-sri-for/script.https.html.ini
new file mode 100644
index 00000000000..6139cc9c782
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/tentative/require-sri-for/script.https.html.ini
@@ -0,0 +1,9 @@
+[script.https.html]
+  [Ensure that a script without integrity did not run]
+    expected: FAIL
+
+  [Ensure that a script with unknown integrity algorithm did not run]
+    expected: FAIL
+
+  [Ensure that a no-cors script gets blocked]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-href.html.ini b/tests/wpt/meta/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-href.html.ini
new file mode 100644
index 00000000000..4496339f476
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-href.html.ini
@@ -0,0 +1,3 @@
+[javascript_src_denied_missing_unsafe_hashes-href.html]
+  [javascript: navigation using <a href> should be refused due to missing unsafe-hashes]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-href_blank-script-src-elem.html.ini b/tests/wpt/meta/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-href_blank-script-src-elem.html.ini
new file mode 100644
index 00000000000..a3d83dd566b
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-href_blank-script-src-elem.html.ini
@@ -0,0 +1,3 @@
+[javascript_src_denied_missing_unsafe_hashes-href_blank-script-src-elem.html]
+  [javascript: navigation using <a href target=_blank> should be refused due to missing unsafe-hashes]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-href_blank.html.ini b/tests/wpt/meta/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-href_blank.html.ini
new file mode 100644
index 00000000000..c66badeaccc
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-href_blank.html.ini
@@ -0,0 +1,3 @@
+[javascript_src_denied_missing_unsafe_hashes-href_blank.html]
+  [javascript: navigation using <a href target=_blank> should be refused due to missing unsafe-hashes]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-window_location.html.ini b/tests/wpt/meta/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-window_location.html.ini
new file mode 100644
index 00000000000..5d8a7e6683b
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-window_location.html.ini
@@ -0,0 +1,3 @@
+[javascript_src_denied_missing_unsafe_hashes-window_location.html]
+  [Test that the javascript: src is not allowed to run]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-window_open.html.ini b/tests/wpt/meta/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-window_open.html.ini
new file mode 100644
index 00000000000..f9f0d0de85e
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-window_open.html.ini
@@ -0,0 +1,3 @@
+[javascript_src_denied_missing_unsafe_hashes-window_open.html]
+  [Test that the javascript: src is not allowed to run]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-href.html.ini b/tests/wpt/meta/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-href.html.ini
new file mode 100644
index 00000000000..6f785e1732f
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-href.html.ini
@@ -0,0 +1,3 @@
+[javascript_src_denied_wrong_hash-href.html]
+  [javascript: navigation using <a href> should be refused due to wrong hash]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-href_blank-script-src-elem.html.ini b/tests/wpt/meta/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-href_blank-script-src-elem.html.ini
new file mode 100644
index 00000000000..9d3c2babe20
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-href_blank-script-src-elem.html.ini
@@ -0,0 +1,3 @@
+[javascript_src_denied_wrong_hash-href_blank-script-src-elem.html]
+  [javascript: navigation using <a href target=_blank> should be refused due to wrong hash]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-href_blank.html.ini b/tests/wpt/meta/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-href_blank.html.ini
new file mode 100644
index 00000000000..5253448b548
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-href_blank.html.ini
@@ -0,0 +1,3 @@
+[javascript_src_denied_wrong_hash-href_blank.html]
+  [javascript: navigation using <a href target=_blank> should be refused due to wrong hash]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-window_location.html.ini b/tests/wpt/meta/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-window_location.html.ini
new file mode 100644
index 00000000000..413b1198c61
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-window_location.html.ini
@@ -0,0 +1,3 @@
+[javascript_src_denied_wrong_hash-window_location.html]
+  [Test that the javascript: src is not allowed to run]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-window_open.html.ini b/tests/wpt/meta/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-window_open.html.ini
new file mode 100644
index 00000000000..2e96e3d7594
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-window_open.html.ini
@@ -0,0 +1,3 @@
+[javascript_src_denied_wrong_hash-window_open.html]
+  [Test that the javascript: src is not allowed to run]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/unsafe-hashes/script_event_handlers_denied_missing_unsafe_hashes.html.ini b/tests/wpt/meta/content-security-policy/unsafe-hashes/script_event_handlers_denied_missing_unsafe_hashes.html.ini
new file mode 100644
index 00000000000..1b173ed7507
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/unsafe-hashes/script_event_handlers_denied_missing_unsafe_hashes.html.ini
@@ -0,0 +1,4 @@
+[script_event_handlers_denied_missing_unsafe_hashes.html]
+  expected: TIMEOUT
+  [Test that the inline event handler is not allowed to run]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/unsafe-hashes/script_event_handlers_denied_wrong_hash.html.ini b/tests/wpt/meta/content-security-policy/unsafe-hashes/script_event_handlers_denied_wrong_hash.html.ini
new file mode 100644
index 00000000000..85499b57550
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/unsafe-hashes/script_event_handlers_denied_wrong_hash.html.ini
@@ -0,0 +1,4 @@
+[script_event_handlers_denied_wrong_hash.html]
+  expected: TIMEOUT
+  [Test that the inline event handler is not allowed to run]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/unsafe-hashes/style_attribute_denied_missing_unsafe_hashes.html.ini b/tests/wpt/meta/content-security-policy/unsafe-hashes/style_attribute_denied_missing_unsafe_hashes.html.ini
new file mode 100644
index 00000000000..26dc98e8f62
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/unsafe-hashes/style_attribute_denied_missing_unsafe_hashes.html.ini
@@ -0,0 +1,4 @@
+[style_attribute_denied_missing_unsafe_hashes.html]
+  expected: TIMEOUT
+  [Test that the inline style attribute is blocked]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/unsafe-hashes/style_attribute_denied_wrong_hash.html.ini b/tests/wpt/meta/content-security-policy/unsafe-hashes/style_attribute_denied_wrong_hash.html.ini
new file mode 100644
index 00000000000..3031a4f6f77
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/unsafe-hashes/style_attribute_denied_wrong_hash.html.ini
@@ -0,0 +1,4 @@
+[style_attribute_denied_wrong_hash.html]
+  expected: TIMEOUT
+  [Test that the inline style attribute is blocked]
+    expected: NOTRUN
diff --git a/tests/wpt/meta/content-security-policy/webrtc/webrtc-allowed-default-src-none.html.ini b/tests/wpt/meta/content-security-policy/webrtc/webrtc-allowed-default-src-none.html.ini
new file mode 100644
index 00000000000..bda6bb22662
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/webrtc/webrtc-allowed-default-src-none.html.ini
@@ -0,0 +1,3 @@
+[webrtc-allowed-default-src-none.html]
+  [webrtc allowed with default-src 'none']
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/webrtc/webrtc-allowed-explicit.html.ini b/tests/wpt/meta/content-security-policy/webrtc/webrtc-allowed-explicit.html.ini
new file mode 100644
index 00000000000..4af6b371b85
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/webrtc/webrtc-allowed-explicit.html.ini
@@ -0,0 +1,3 @@
+[webrtc-allowed-explicit.html]
+  [webrtc allowed with an explicit webrtc allowed policy]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/webrtc/webrtc-allowed-nopolicy.html.ini b/tests/wpt/meta/content-security-policy/webrtc/webrtc-allowed-nopolicy.html.ini
new file mode 100644
index 00000000000..c5df58eec7d
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/webrtc/webrtc-allowed-nopolicy.html.ini
@@ -0,0 +1,3 @@
+[webrtc-allowed-nopolicy.html]
+  [webrtc allowed with no policy]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/webrtc/webrtc-blocked-explicit.html.ini b/tests/wpt/meta/content-security-policy/webrtc/webrtc-blocked-explicit.html.ini
new file mode 100644
index 00000000000..08f9839e5db
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/webrtc/webrtc-blocked-explicit.html.ini
@@ -0,0 +1,3 @@
+[webrtc-blocked-explicit.html]
+  [webrtc blocked with an explicit webrtc blocked policy]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/webrtc/webrtc-blocked-unknown.html.ini b/tests/wpt/meta/content-security-policy/webrtc/webrtc-blocked-unknown.html.ini
new file mode 100644
index 00000000000..8ac24260a7b
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/webrtc/webrtc-blocked-unknown.html.ini
@@ -0,0 +1,3 @@
+[webrtc-blocked-unknown.html]
+  [webrtc blocked with an unrecognized explicit webrtc policy]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/worker-src/dedicated-none.sub.html.ini b/tests/wpt/meta/content-security-policy/worker-src/dedicated-none.sub.html.ini
new file mode 100644
index 00000000000..66b55497454
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/worker-src/dedicated-none.sub.html.ini
@@ -0,0 +1,6 @@
+[dedicated-none.sub.html]
+  [Same-origin dedicated worker blocked by host-source expression.]
+    expected: FAIL
+
+  [blob: dedicated worker blocked by 'blob:'.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/worker-src/dedicated-worker-src-child-fallback-blocked.sub.html.ini b/tests/wpt/meta/content-security-policy/worker-src/dedicated-worker-src-child-fallback-blocked.sub.html.ini
new file mode 100644
index 00000000000..f9325472c4f
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/worker-src/dedicated-worker-src-child-fallback-blocked.sub.html.ini
@@ -0,0 +1,3 @@
+[dedicated-worker-src-child-fallback-blocked.sub.html]
+  [Same-origin dedicated worker allowed by worker-src 'self'.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/worker-src/service-child.https.sub.html.ini b/tests/wpt/meta/content-security-policy/worker-src/service-child.https.sub.html.ini
new file mode 100644
index 00000000000..6b731628095
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/worker-src/service-child.https.sub.html.ini
@@ -0,0 +1,4 @@
+[service-child.https.sub.html]
+  expected: TIMEOUT
+  [Same-origin service worker allowed by host-source expression.]
+    expected: TIMEOUT
diff --git a/tests/wpt/meta/content-security-policy/worker-src/service-fallback.https.sub.html.ini b/tests/wpt/meta/content-security-policy/worker-src/service-fallback.https.sub.html.ini
new file mode 100644
index 00000000000..be55e35f549
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/worker-src/service-fallback.https.sub.html.ini
@@ -0,0 +1,4 @@
+[service-fallback.https.sub.html]
+  expected: TIMEOUT
+  [Same-origin service worker allowed by host-source expression.]
+    expected: TIMEOUT
diff --git a/tests/wpt/meta/content-security-policy/worker-src/service-list.https.sub.html.ini b/tests/wpt/meta/content-security-policy/worker-src/service-list.https.sub.html.ini
new file mode 100644
index 00000000000..2417914a0a1
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/worker-src/service-list.https.sub.html.ini
@@ -0,0 +1,4 @@
+[service-list.https.sub.html]
+  expected: TIMEOUT
+  [Same-origin service worker allowed by host-source expression.]
+    expected: TIMEOUT
diff --git a/tests/wpt/meta/content-security-policy/worker-src/service-none.https.sub.html.ini b/tests/wpt/meta/content-security-policy/worker-src/service-none.https.sub.html.ini
new file mode 100644
index 00000000000..30b52f38ed2
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/worker-src/service-none.https.sub.html.ini
@@ -0,0 +1,3 @@
+[service-none.https.sub.html]
+  [Same-origin service worker blocked by 'none'.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/worker-src/service-self.https.sub.html.ini b/tests/wpt/meta/content-security-policy/worker-src/service-self.https.sub.html.ini
new file mode 100644
index 00000000000..c9daf2455ed
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/worker-src/service-self.https.sub.html.ini
@@ -0,0 +1,4 @@
+[service-self.https.sub.html]
+  expected: TIMEOUT
+  [Same-origin service worker allowed by 'self'.]
+    expected: TIMEOUT
diff --git a/tests/wpt/meta/content-security-policy/worker-src/service-worker-src-child-fallback-blocked.https.sub.html.ini b/tests/wpt/meta/content-security-policy/worker-src/service-worker-src-child-fallback-blocked.https.sub.html.ini
new file mode 100644
index 00000000000..5b2d82aa71e
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/worker-src/service-worker-src-child-fallback-blocked.https.sub.html.ini
@@ -0,0 +1,3 @@
+[service-worker-src-child-fallback-blocked.https.sub.html]
+  [Same-origin service worker allowed by child-src 'self'.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/worker-src/service-worker-src-child-fallback.https.sub.html.ini b/tests/wpt/meta/content-security-policy/worker-src/service-worker-src-child-fallback.https.sub.html.ini
new file mode 100644
index 00000000000..6599ba16cba
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/worker-src/service-worker-src-child-fallback.https.sub.html.ini
@@ -0,0 +1,4 @@
+[service-worker-src-child-fallback.https.sub.html]
+  expected: TIMEOUT
+  [Same-origin service worker allowed by child-src 'self'.]
+    expected: TIMEOUT
diff --git a/tests/wpt/meta/content-security-policy/worker-src/service-worker-src-default-fallback.https.sub.html.ini b/tests/wpt/meta/content-security-policy/worker-src/service-worker-src-default-fallback.https.sub.html.ini
new file mode 100644
index 00000000000..217c1b6f1a4
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/worker-src/service-worker-src-default-fallback.https.sub.html.ini
@@ -0,0 +1,4 @@
+[service-worker-src-default-fallback.https.sub.html]
+  expected: TIMEOUT
+  [Same-origin service worker allowed by default-src 'self'.]
+    expected: TIMEOUT
diff --git a/tests/wpt/meta/content-security-policy/worker-src/service-worker-src-script-fallback.https.sub.html.ini b/tests/wpt/meta/content-security-policy/worker-src/service-worker-src-script-fallback.https.sub.html.ini
new file mode 100644
index 00000000000..ffcf76f5780
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/worker-src/service-worker-src-script-fallback.https.sub.html.ini
@@ -0,0 +1,4 @@
+[service-worker-src-script-fallback.https.sub.html]
+  expected: TIMEOUT
+  [Same-origin service worker allowed by script-src 'self'.]
+    expected: TIMEOUT
diff --git a/tests/wpt/meta/content-security-policy/worker-src/service-worker-src-self-fallback.https.sub.html.ini b/tests/wpt/meta/content-security-policy/worker-src/service-worker-src-self-fallback.https.sub.html.ini
new file mode 100644
index 00000000000..2df736dc563
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/worker-src/service-worker-src-self-fallback.https.sub.html.ini
@@ -0,0 +1,4 @@
+[service-worker-src-self-fallback.https.sub.html]
+  expected: TIMEOUT
+  [Same-origin service worker allowed by worker-src 'self'.]
+    expected: TIMEOUT
diff --git a/tests/wpt/meta/content-security-policy/worker-src/shared-child.sub.html.ini b/tests/wpt/meta/content-security-policy/worker-src/shared-child.sub.html.ini
new file mode 100644
index 00000000000..0e5f7c2a38b
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/worker-src/shared-child.sub.html.ini
@@ -0,0 +1,6 @@
+[shared-child.sub.html]
+  [Same-origin dedicated worker allowed by 'self'.]
+    expected: FAIL
+
+  [blob: dedicated worker allowed by 'blob:'.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/worker-src/shared-fallback.sub.html.ini b/tests/wpt/meta/content-security-policy/worker-src/shared-fallback.sub.html.ini
new file mode 100644
index 00000000000..47f3a03406c
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/worker-src/shared-fallback.sub.html.ini
@@ -0,0 +1,6 @@
+[shared-fallback.sub.html]
+  [Same-origin dedicated worker allowed by 'self'.]
+    expected: FAIL
+
+  [blob: dedicated worker allowed by 'blob:'.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/worker-src/shared-list.sub.html.ini b/tests/wpt/meta/content-security-policy/worker-src/shared-list.sub.html.ini
new file mode 100644
index 00000000000..a88259b9801
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/worker-src/shared-list.sub.html.ini
@@ -0,0 +1,6 @@
+[shared-list.sub.html]
+  [Same-origin dedicated worker allowed by 'self'.]
+    expected: FAIL
+
+  [blob: dedicated worker allowed by 'blob:'.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/worker-src/shared-none.sub.html.ini b/tests/wpt/meta/content-security-policy/worker-src/shared-none.sub.html.ini
new file mode 100644
index 00000000000..dd44f6df2ff
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/worker-src/shared-none.sub.html.ini
@@ -0,0 +1,6 @@
+[shared-none.sub.html]
+  [Same-origin shared worker blocked by 'none'.]
+    expected: FAIL
+
+  [blob: shared worker blocked by 'none'.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/worker-src/shared-self.sub.html.ini b/tests/wpt/meta/content-security-policy/worker-src/shared-self.sub.html.ini
new file mode 100644
index 00000000000..9b929e77ef7
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/worker-src/shared-self.sub.html.ini
@@ -0,0 +1,3 @@
+[shared-self.sub.html]
+  [Same-origin dedicated worker allowed by 'self'.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/worker-src/shared-worker-src-child-fallback-blocked.sub.html.ini b/tests/wpt/meta/content-security-policy/worker-src/shared-worker-src-child-fallback-blocked.sub.html.ini
new file mode 100644
index 00000000000..999f7606838
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/worker-src/shared-worker-src-child-fallback-blocked.sub.html.ini
@@ -0,0 +1,3 @@
+[shared-worker-src-child-fallback-blocked.sub.html]
+  [Same-origin shared worker allowed by child-src 'self'.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/worker-src/shared-worker-src-child-fallback.sub.html.ini b/tests/wpt/meta/content-security-policy/worker-src/shared-worker-src-child-fallback.sub.html.ini
new file mode 100644
index 00000000000..e1fc9f7f652
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/worker-src/shared-worker-src-child-fallback.sub.html.ini
@@ -0,0 +1,3 @@
+[shared-worker-src-child-fallback.sub.html]
+  [Same-origin shared worker allowed by child-src 'self'.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/worker-src/shared-worker-src-default-fallback.sub.html.ini b/tests/wpt/meta/content-security-policy/worker-src/shared-worker-src-default-fallback.sub.html.ini
new file mode 100644
index 00000000000..901cce76a88
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/worker-src/shared-worker-src-default-fallback.sub.html.ini
@@ -0,0 +1,3 @@
+[shared-worker-src-default-fallback.sub.html]
+  [Same-origin shared worker allowed by default-src 'self'.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/worker-src/shared-worker-src-script-fallback.sub.html.ini b/tests/wpt/meta/content-security-policy/worker-src/shared-worker-src-script-fallback.sub.html.ini
new file mode 100644
index 00000000000..4225fd25173
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/worker-src/shared-worker-src-script-fallback.sub.html.ini
@@ -0,0 +1,3 @@
+[shared-worker-src-script-fallback.sub.html]
+  [Same-origin shared worker allowed by script-src 'self'.]
+    expected: FAIL
diff --git a/tests/wpt/meta/content-security-policy/worker-src/shared-worker-src-self-fallback.sub.html.ini b/tests/wpt/meta/content-security-policy/worker-src/shared-worker-src-self-fallback.sub.html.ini
new file mode 100644
index 00000000000..427dbde5fe5
--- /dev/null
+++ b/tests/wpt/meta/content-security-policy/worker-src/shared-worker-src-self-fallback.sub.html.ini
@@ -0,0 +1,3 @@
+[shared-worker-src-self-fallback.sub.html]
+  [Same-origin shared worker allowed by worker-src 'self'.]
+    expected: FAIL