csp.https.window.js (1440B)
1 // META: script=/common/dispatcher/dispatcher.js 2 // META: script=/common/get-host-info.sub.js 3 // META: script=/common/utils.js 4 5 promise_test((t) => { 6 const url = `${get_host_info().HTTP_ORIGIN}/common/text-plain.txt`; 7 const promise = fetch(url, { mode: "no-cors" }); 8 return promise_rejects_js(t, TypeError, promise, "mixed content fetch"); 9 }, "Mixed content checks apply to fetches in sandboxed documents"); 10 11 promise_test(async (t) => { 12 const uuid = token(); 13 const context = new RemoteContext(uuid); 14 15 const iframe = document.body.appendChild(document.createElement("iframe")); 16 iframe.src = remoteExecutorUrl(uuid, { protocol: "http:" }); 17 18 const result = await Promise.race([ 19 context.execute_script(() => "loaded"), 20 new Promise((resolve) => t.step_timeout(() => { 21 resolve("timed out"); 22 }, 1000 /* ms */)), 23 ]); 24 assert_equals(result, "timed out"); 25 }, "Mixed content checks apply to iframes in sandboxed documents"); 26 27 28 promise_test(async (t) => { 29 const uuid = token(); 30 31 const popup = window.open(remoteExecutorUrl(uuid, { protocol: "http:" })); 32 33 const context = new RemoteContext(uuid); 34 const result = await Promise.race([ 35 context.execute_script(() => "loaded"), 36 new Promise((resolve) => t.step_timeout(() => { 37 resolve("timed out"); 38 }, 1000 /* ms */)), 39 ]); 40 assert_equals(result, "timed out"); 41 }, "Mixed content checks apply to popups in sandboxed documents");