set-from-http.https.sub.html (1205B)
1 <!doctype html> 2 <html> 3 <head> 4 <meta charset=utf-8> 5 <title>Set 'secure' cookie from `Set-Cookie` HTTP header on a secure page</title> 6 <meta name=help href="https://tools.ietf.org/html/draft-west-leave-secure-cookies-alone"> 7 <script src="/resources/testharness.js"></script> 8 <script src="/resources/testharnessreport.js"></script> 9 <script src="/cookies/resources/testharness-helpers.js"></script> 10 </head> 11 <body> 12 <div id=log></div> 13 <script> 14 function clearKnownCookie() { 15 document.cookie = "secure_from_secure_http=0; Secure; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/"; 16 } 17 18 test(function () { 19 assert_not_equals(document.cookie.match(/secure_from_secure_http=1/), null); 20 }, "'secure' cookie present in `document.cookie`"); 21 22 promise_test(function (t) { 23 t.add_cleanup(clearKnownCookie); 24 return fetch("https://{{host}}:{{ports[https][0]}}/cookies/resources/echo-json.py", 25 { "credentials": "include" }) 26 .then(function (r) { 27 return r.json(); 28 }) 29 .then(function (j) { 30 assert_equals(j["secure_from_secure_http"], "secure_from_secure_http=1"); 31 }); 32 }, "'secure' cookie sent in HTTP request"); 33 </script> 34 </body> 35 </html>