mixed-content-cors.https.sub.html (3761B)
1 <!DOCTYPE html> 2 <html> 3 <head> 4 <title>Test mixed content autoupgrade behavior for CORS request</title> 5 <script src="/resources/testharness.js"></script> 6 <script src="/resources/testharnessreport.js"></script> 7 <script src="/common/get-host-info.sub.js"></script> 8 </head> 9 <body> 10 <script> 11 // Test that request with CORS get upgraded for audio elements 12 async_test( 13 (t) => assert_other_host_audio_loads(t), 14 "Cross-Origin audio should get upgraded even if CORS is set" 15 ); 16 17 function assert_other_host_audio_loads(test) { 18 // Since autoupgrades don't upgrade custom ports, we use the https port with an HTTP scheme. A successful autoupgrade will result in the right URL loading (and no autoupgrade will result in failure). 19 var otherHost = get_host_info().HTTP_NOTSAMESITE_ORIGIN.slice(0, -4); // cut of http port 20 var url = 21 otherHost + 22 "{{ports[https][0]}}/mixed-content/tentative/resources/test.wav?pipe=header(Access-Control-Allow-Origin,*)"; 23 var i = document.createElement("audio"); 24 i.oncanplaythrough = test.step_func_done((_) => { 25 assert_equals(i.duration, 1, "Length of other host audio is correct"); 26 }); 27 i.onerror = test.unreached_func( 28 "Audio of other host should load successfully from " + url 29 ); 30 i.crossOrigin = "anonymous"; 31 i.src = url; 32 } 33 34 // Test that request with CORS get upgraded for image elements 35 async_test( 36 (t) => assert_other_host_image_loads(t), 37 "Cross-Origin image should get upgraded even if CORS is set" 38 ); 39 40 function assert_other_host_image_loads(test) { 41 // Since autoupgrades don't upgrade custom ports, we use the https port with an HTTP scheme. A successful autoupgrade will result in the right URL loading (and no autoupgrade will result in failure). 42 var otherHost = get_host_info().HTTP_NOTSAMESITE_ORIGIN.slice(0, -4); // cut of http port 43 var url = new URL( 44 otherHost + 45 "{{ports[https][0]}}/mixed-content/tentative/resources/pass.png?pipe=header(Access-Control-Allow-Origin,*)" 46 ); 47 var i = document.createElement("img"); 48 i.onload = test.step_func_done((_) => { 49 assert_equals(i.naturalHeight, 64, "Height."); 50 assert_equals(i.naturalWidth, 168, "Width."); 51 }); 52 i.crossOrigin = "anonymous"; 53 i.onerror = test.unreached_func( 54 "image of other host should load successfully from " + url 55 ); 56 i.src = url; 57 } 58 59 // Test that request with CORS get upgraded for video elements 60 async_test( 61 (t) => assert_other_host_video_loads(t), 62 "Cross-Origin video should get upgraded even if CORS is set" 63 ); 64 65 function assert_other_host_video_loads(test) { 66 // Since autoupgrades don't upgrade custom ports, we use the https port with an HTTP scheme. A successful autoupgrade will result in the right URL loading (and no autoupgrade will result in failure). 67 var otherHost = get_host_info().HTTP_NOTSAMESITE_ORIGIN.slice(0, -4); // cut of http port 68 var url = new URL( 69 otherHost + 70 "{{ports[https][0]}}/mixed-content/tentative/resources/test.webm?pipe=header(Access-Control-Allow-Origin,*)" 71 ); 72 var i = document.createElement("video"); 73 i.oncanplaythrough = test.step_func_done((_) => { 74 assert_equals(Math.floor(i.duration), 1, "Length. Other host"); 75 }); 76 i.crossOrigin = "anonymous"; 77 i.onerror = test.unreached_func( 78 "Video of other host should load successfully from " + url 79 ); 80 i.src = url; 81 } 82 </script> 83 </body> 84 </html>