element-audio.sub.html (7795B)
1 <!DOCTYPE html> 2 <!-- 3 This test was procedurally generated. Please do not modify it directly. 4 Sources: 5 - fetch/metadata/tools/fetch-metadata.conf.yml 6 - fetch/metadata/tools/templates/element-audio.sub.html 7 --> 8 <html lang="en"> 9 <meta charset="utf-8"> 10 <title>HTTP headers on request for HTML "audio" element source</title> 11 <script src="/resources/testharness.js"></script> 12 <script src="/resources/testharnessreport.js"></script> 13 <script src="/fetch/metadata/resources/helper.sub.js"></script> 14 <body> 15 <script> 16 'use strict'; 17 18 function induceRequest(url, attributes) { 19 const audio = document.createElement('audio'); 20 21 for (const [ name, value ] of Object.entries(attributes)) { 22 audio.setAttribute(name, value); 23 } 24 25 return new Promise((resolve) => { 26 audio.setAttribute('src', url); 27 audio.onload = audio.onerror = resolve; 28 }); 29 } 30 31 promise_test(() => { 32 const key = '{{uuid()}}'; 33 34 return induceRequest( 35 makeRequestURL(key, ['httpOrigin']), 36 {} 37 ) 38 .then(() => retrieve(key)) 39 .then((headers) => { 40 assert_not_own_property(headers, 'sec-fetch-site'); 41 }); 42 }, 'sec-fetch-site - Not sent to non-trustworthy same-origin destination, no attributes'); 43 44 promise_test(() => { 45 const key = '{{uuid()}}'; 46 47 return induceRequest( 48 makeRequestURL(key, ['httpSameSite']), 49 {} 50 ) 51 .then(() => retrieve(key)) 52 .then((headers) => { 53 assert_not_own_property(headers, 'sec-fetch-site'); 54 }); 55 }, 'sec-fetch-site - Not sent to non-trustworthy same-site destination, no attributes'); 56 57 promise_test(() => { 58 const key = '{{uuid()}}'; 59 60 return induceRequest( 61 makeRequestURL(key, ['httpCrossSite']), 62 {} 63 ) 64 .then(() => retrieve(key)) 65 .then((headers) => { 66 assert_not_own_property(headers, 'sec-fetch-site'); 67 }); 68 }, 'sec-fetch-site - Not sent to non-trustworthy cross-site destination, no attributes'); 69 70 promise_test(() => { 71 const key = '{{uuid()}}'; 72 73 return induceRequest( 74 makeRequestURL(key, ['httpOrigin']), 75 {} 76 ) 77 .then(() => retrieve(key)) 78 .then((headers) => { 79 assert_not_own_property(headers, 'sec-fetch-mode'); 80 }); 81 }, 'sec-fetch-mode - Not sent to non-trustworthy same-origin destination, no attributes'); 82 83 promise_test(() => { 84 const key = '{{uuid()}}'; 85 86 return induceRequest( 87 makeRequestURL(key, ['httpSameSite']), 88 {} 89 ) 90 .then(() => retrieve(key)) 91 .then((headers) => { 92 assert_not_own_property(headers, 'sec-fetch-mode'); 93 }); 94 }, 'sec-fetch-mode - Not sent to non-trustworthy same-site destination, no attributes'); 95 96 promise_test(() => { 97 const key = '{{uuid()}}'; 98 99 return induceRequest( 100 makeRequestURL(key, ['httpCrossSite']), 101 {} 102 ) 103 .then(() => retrieve(key)) 104 .then((headers) => { 105 assert_not_own_property(headers, 'sec-fetch-mode'); 106 }); 107 }, 'sec-fetch-mode - Not sent to non-trustworthy cross-site destination, no attributes'); 108 109 promise_test(() => { 110 const key = '{{uuid()}}'; 111 112 return induceRequest( 113 makeRequestURL(key, ['httpOrigin']), 114 {} 115 ) 116 .then(() => retrieve(key)) 117 .then((headers) => { 118 assert_not_own_property(headers, 'sec-fetch-dest'); 119 }); 120 }, 'sec-fetch-dest - Not sent to non-trustworthy same-origin destination, no attributes'); 121 122 promise_test(() => { 123 const key = '{{uuid()}}'; 124 125 return induceRequest( 126 makeRequestURL(key, ['httpSameSite']), 127 {} 128 ) 129 .then(() => retrieve(key)) 130 .then((headers) => { 131 assert_not_own_property(headers, 'sec-fetch-dest'); 132 }); 133 }, 'sec-fetch-dest - Not sent to non-trustworthy same-site destination, no attributes'); 134 135 promise_test(() => { 136 const key = '{{uuid()}}'; 137 138 return induceRequest( 139 makeRequestURL(key, ['httpCrossSite']), 140 {} 141 ) 142 .then(() => retrieve(key)) 143 .then((headers) => { 144 assert_not_own_property(headers, 'sec-fetch-dest'); 145 }); 146 }, 'sec-fetch-dest - Not sent to non-trustworthy cross-site destination, no attributes'); 147 148 promise_test(() => { 149 const key = '{{uuid()}}'; 150 151 return induceRequest( 152 makeRequestURL(key, ['httpOrigin']), 153 {} 154 ) 155 .then(() => retrieve(key)) 156 .then((headers) => { 157 assert_not_own_property(headers, 'sec-fetch-user'); 158 }); 159 }, 'sec-fetch-user - Not sent to non-trustworthy same-origin destination, no attributes'); 160 161 promise_test(() => { 162 const key = '{{uuid()}}'; 163 164 return induceRequest( 165 makeRequestURL(key, ['httpSameSite']), 166 {} 167 ) 168 .then(() => retrieve(key)) 169 .then((headers) => { 170 assert_not_own_property(headers, 'sec-fetch-user'); 171 }); 172 }, 'sec-fetch-user - Not sent to non-trustworthy same-site destination, no attributes'); 173 174 promise_test(() => { 175 const key = '{{uuid()}}'; 176 177 return induceRequest( 178 makeRequestURL(key, ['httpCrossSite']), 179 {} 180 ) 181 .then(() => retrieve(key)) 182 .then((headers) => { 183 assert_not_own_property(headers, 'sec-fetch-user'); 184 }); 185 }, 'sec-fetch-user - Not sent to non-trustworthy cross-site destination, no attributes'); 186 187 promise_test(() => { 188 const key = '{{uuid()}}'; 189 190 return induceRequest( 191 makeRequestURL(key, ['httpOrigin']), 192 {} 193 ) 194 .then(() => retrieve(key)) 195 .then((headers) => { 196 assert_not_own_property(headers, 'sec-fetch-storage-access'); 197 }); 198 }, 'sec-fetch-storage-access - Not sent to non-trustworthy same-origin destination, no attributes'); 199 200 promise_test(() => { 201 const key = '{{uuid()}}'; 202 203 return induceRequest( 204 makeRequestURL(key, ['httpSameSite']), 205 {} 206 ) 207 .then(() => retrieve(key)) 208 .then((headers) => { 209 assert_not_own_property(headers, 'sec-fetch-storage-access'); 210 }); 211 }, 'sec-fetch-storage-access - Not sent to non-trustworthy same-site destination, no attributes'); 212 213 promise_test(() => { 214 const key = '{{uuid()}}'; 215 216 return induceRequest( 217 makeRequestURL(key, ['httpCrossSite']), 218 {} 219 ) 220 .then(() => retrieve(key)) 221 .then((headers) => { 222 assert_not_own_property(headers, 'sec-fetch-storage-access'); 223 }); 224 }, 'sec-fetch-storage-access - Not sent to non-trustworthy cross-site destination, no attributes'); 225 226 promise_test(() => { 227 const key = '{{uuid()}}'; 228 229 return induceRequest( 230 makeRequestURL(key, ['httpsOrigin', 'httpOrigin']), 231 {} 232 ) 233 .then(() => retrieve(key)) 234 .then((headers) => { 235 assert_not_own_property(headers, 'sec-fetch-site'); 236 }); 237 }, 'sec-fetch-site - HTTPS downgrade (header not sent), no attributes'); 238 239 promise_test(() => { 240 const key = '{{uuid()}}'; 241 242 return induceRequest( 243 makeRequestURL(key, ['httpOrigin', 'httpsOrigin']), 244 {} 245 ) 246 .then(() => retrieve(key)) 247 .then((headers) => { 248 assert_own_property(headers, 'sec-fetch-site'); 249 assert_array_equals(headers['sec-fetch-site'], ['cross-site']); 250 }); 251 }, 'sec-fetch-site - HTTPS upgrade, no attributes'); 252 253 promise_test(() => { 254 const key = '{{uuid()}}'; 255 256 return induceRequest( 257 makeRequestURL(key, ['httpsOrigin', 'httpOrigin', 'httpsOrigin']), 258 {} 259 ) 260 .then(() => retrieve(key)) 261 .then((headers) => { 262 assert_own_property(headers, 'sec-fetch-site'); 263 assert_array_equals(headers['sec-fetch-site'], ['cross-site']); 264 }); 265 }, 'sec-fetch-site - HTTPS downgrade-upgrade, no attributes'); 266 </script> 267 </body> 268 </html>