mirror of
https://github.com/servo/servo.git
synced 2025-08-05 21:50:18 +01:00
37 lines
1.2 KiB
HTML
37 lines
1.2 KiB
HTML
<!DOCTYPE html>
|
|
<script src=/resources/testharness.js></script>
|
|
<script src=/resources/testharnessreport.js></script>
|
|
<script src=/fetch/sec-metadata/resources/helper.js></script>
|
|
<script>
|
|
// http -> https should see `Sec-Fetch-Site: cross-site`.
|
|
// This is a regression test for
|
|
// https://github.com/w3c/webappsec-fetch-metadata/issues/34
|
|
promise_test(t => {
|
|
assert_equals(location.protocol, "http:");
|
|
return fetch("https://{{host}}:{{ports[https][0]}}/fetch/sec-metadata/resources/echo-as-json.py")
|
|
.then(r => r.json())
|
|
.then(j => {
|
|
assert_header_equals(j, {
|
|
"dest": "empty",
|
|
"site": "cross-site",
|
|
"user": "",
|
|
"mode": "cors",
|
|
});
|
|
});
|
|
}, "http->https fetch (cross-scheme => cross-site)");
|
|
|
|
// http -> http should see no `Sec-Fetch-Site`.
|
|
promise_test(t => {
|
|
assert_equals(location.protocol, "http:");
|
|
return fetch("resources/echo-as-json.py")
|
|
.then(r => r.json())
|
|
.then(j => {
|
|
assert_header_equals(j, {
|
|
"dest": "",
|
|
"site": "",
|
|
"user": "",
|
|
"mode": "",
|
|
});
|
|
});
|
|
}, "http->http fetch (non-trustworthy destination => no sec-metadata)");
|
|
</script>
|