non-secure.http.html (1815B)
1 <html> 2 <body> 3 <script src="/resources/testharness.js"></script> 4 <script src="/resources/testharnessreport.js"></script> 5 6 <script> 7 8 // When the response for the HTML file contains "Accept-CH" in the response 9 // headers, then the browser should not attach the specified client hints in 10 // the HTTP request headers if the response was delivered by an insecure HTTP 11 // server. Test this functionality by fetching an XHR from this page hosted on 12 // an insecure HTTP server. The response headers for this page include 13 // "Accept-CH: device-memory, dpr, viewport-width, rtt, downlink, ect". 14 // 15 // resources/echo-client-hints-received.py sets the response headers depending on the set 16 // of client hints it receives in the request headers. 17 18 promise_test(t => { 19 return fetch("/client-hints/resources/echo-client-hints-received.py").then(r => { 20 assert_equals(r.status, 200) 21 // Verify that the browser does not include client hints in the headers 22 // when fetching the XHR from an insecure HTTP server. 23 assert_false(r.headers.has("device-memory-received"), "device-memory-received"); 24 assert_false(r.headers.has("device-memory-deprecated-received"), "device-memory-deprecated-received"); 25 assert_false(r.headers.has("dpr-received"), "dpr-received"); 26 assert_false(r.headers.has("dpr-deprecated-received"), "dpr-deprecated-received"); 27 assert_false(r.headers.has("viewport-width-received"), "viewport-width-received"); 28 assert_false(r.headers.has("viewport-width-deprecated-received"), "viewport-width-deprecated-received"); 29 assert_false(r.headers.has("rtt-received"), "rtt-received"); 30 assert_false(r.headers.has("downlink-received"), "downlink-received"); 31 assert_false(r.headers.has("ect-received"), "ect-received"); 32 }); 33 }, "Accept-CH header test"); 34 35 </script> 36 37 </body> 38 </html>