Merge pull request #7914 from rmcilroy/fix_raf
Change callback-timeout-with-raf to use setTimeout.
diff --git a/background-fetch/mixed-content-and-allowed-schemes.https.window.js b/background-fetch/mixed-content-and-allowed-schemes.https.window.js
index 50614a3..f9ebafc 100644
--- a/background-fetch/mixed-content-and-allowed-schemes.https.window.js
+++ b/background-fetch/mixed-content-and-allowed-schemes.https.window.js
@@ -26,10 +26,9 @@
return bgFetch.fetch(uniqueTag(), 'http://[::1]');
}, 'loopback IPv6 http: fetch should register ok');
-// http://localhost is not tested here since the correct behavior from
-// https://w3c.github.io/webappsec-secure-contexts/#is-origin-trustworthy
-// depends on whether the UA conforms to the name resolution rules in
-// https://tools.ietf.org/html/draft-west-let-localhost-be-localhost
+backgroundFetchTest((t, bgFetch) => {
+ return bgFetch.fetch(uniqueTag(), 'http://localhost');
+}, 'localhost http: fetch should register ok');
backgroundFetchTest((t, bgFetch) => {
return promise_rejects(t, new TypeError(),
diff --git a/content-security-policy/blink-contrib-2/base-uri-allow.sub.html b/content-security-policy/blink-contrib-2/base-uri-allow.sub.html
deleted file mode 100644
index 1437774..0000000
--- a/content-security-policy/blink-contrib-2/base-uri-allow.sub.html
+++ /dev/null
@@ -1,36 +0,0 @@
-<!DOCTYPE html>
-<html>
-
-<head>
- <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
- <title>base-uri-allow</title>
- <script src="/resources/testharness.js"></script>
- <script src="/resources/testharnessreport.js"></script>
- <script src='../support/logTest.sub.js?logs=["TEST COMPLETE"]'></script>
- <script src="../support/alertAssert.sub.js?alerts=[]"></script>
- <!-- enforcing policy:
-base-uri http://www1.{{host}}:{{ports[http][0]}}; script-src 'self' 'unsafe-inline' http://www1.{{host}}:{{ports[http][0]}}; connect-src 'self';
--->
- <base href="http://www1.{{host}}:{{ports[http][0]}}/">
- <script>
- test(function() {
- if ('{{ports[http][0]}}' == '80' ||
- '{{ports[http][0]}}' == '443') {
- assert_equals(document.baseURI, 'http://www1.{{host}}/');
- } else {
- assert_equals(document.baseURI, 'http://www1.{{host}}' + ':{{ports[http][0]}}/');
- }
-
- log("TEST COMPLETE")
- });
-
- </script>
-</head>
-
-<body>
- <p>Check that base URIs can be set if they do not violate the page's policy.</p>
- <div id="log"></div>
- <script async defer src="./content-security-policy/support/checkReport.sub.js?reportExists=false"></script>
-</body>
-
-</html>
diff --git a/content-security-policy/blink-contrib-2/base-uri-allow.sub.html.sub.headers b/content-security-policy/blink-contrib-2/base-uri-allow.sub.html.sub.headers
deleted file mode 100644
index e749d72..0000000
--- a/content-security-policy/blink-contrib-2/base-uri-allow.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: base-uri-allow={{$id:uuid()}}; Path=/content-security-policy/blink-contrib-2
-Content-Security-Policy: base-uri http://www1.{{host}}:{{ports[http][0]}}; script-src 'self' 'unsafe-inline' http://www1.{{host}}:{{ports[http][0]}}; connect-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib-2/base-uri-deny.sub.html b/content-security-policy/blink-contrib-2/base-uri-deny.sub.html
deleted file mode 100644
index f2b7c59..0000000
--- a/content-security-policy/blink-contrib-2/base-uri-deny.sub.html
+++ /dev/null
@@ -1,33 +0,0 @@
-<!DOCTYPE html>
-<html>
-
-<head>
- <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
- <title>base-uri-deny</title>
- <base href="http://www1.{{host}}:{{ports[http][0]}}/">
- <script src="/resources/testharness.js"></script>
- <script src="/resources/testharnessreport.js"></script>
- <script src='../support/logTest.sub.js?logs=["PASS document.baseURI is document.location.href","TEST COMPLETE"]'></script>
- <script src="../support/alertAssert.sub.js?alerts=[]"></script>
- <!-- enforcing policy:
-base-uri 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
--->
- <script>
- var base = document.createElement('base');
- base.href = 'http://www1.{{host}}:{{ports[http][0]}}/';
- document.head.appendChild(base);
- if (document.baseURI == document.location.href) {
- log("PASS document.baseURI is document.location.href");
- log("TEST COMPLETE");
- }
-
- </script>
-</head>
-
-<body>
- <p>Check that base URIs cannot be set if they violate the page's policy.</p>
- <div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=true&reportField=violated-directive&reportValue=base-uri%20'self'"></script>
-</body>
-
-</html>
diff --git a/content-security-policy/blink-contrib-2/base-uri-deny.sub.html.sub.headers b/content-security-policy/blink-contrib-2/base-uri-deny.sub.html.sub.headers
deleted file mode 100644
index 0312c46..0000000
--- a/content-security-policy/blink-contrib-2/base-uri-deny.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: base-uri-deny={{$id:uuid()}}; Path=/content-security-policy/blink-contrib-2
-Content-Security-Policy: base-uri 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib-2/form-action-src-allowed.sub.html.sub.headers b/content-security-policy/blink-contrib-2/form-action-src-allowed.sub.html.sub.headers
deleted file mode 100644
index 88cbfda..0000000
--- a/content-security-policy/blink-contrib-2/form-action-src-allowed.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: form-action-src-allowed={{$id:uuid()}}; Path=/content-security-policy/blink-contrib-2
-Content-Security-Policy: form-action 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib-2/form-action-src-blocked.sub.html.sub.headers b/content-security-policy/blink-contrib-2/form-action-src-blocked.sub.html.sub.headers
deleted file mode 100644
index 29351c0..0000000
--- a/content-security-policy/blink-contrib-2/form-action-src-blocked.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: form-action-src-blocked={{$id:uuid()}}; Path=/content-security-policy/blink-contrib-2
-Content-Security-Policy: form-action 'none'; script-src 'self' 'unsafe-inline'; connect-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib-2/form-action-src-default-ignored.sub.html.sub.headers b/content-security-policy/blink-contrib-2/form-action-src-default-ignored.sub.html.sub.headers
deleted file mode 100644
index 1abbcf5..0000000
--- a/content-security-policy/blink-contrib-2/form-action-src-default-ignored.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: form-action-src-default-ignored={{$id:uuid()}}; Path=/content-security-policy/blink-contrib-2
-Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline'; connect-src 'self'; style-src 'self'; frame-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib-2/form-action-src-get-allowed.sub.html.sub.headers b/content-security-policy/blink-contrib-2/form-action-src-get-allowed.sub.html.sub.headers
deleted file mode 100644
index ac87615..0000000
--- a/content-security-policy/blink-contrib-2/form-action-src-get-allowed.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: form-action-src-get-allowed={{$id:uuid()}}; Path=/content-security-policy/blink-contrib-2
-Content-Security-Policy: form-action 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib-2/form-action-src-get-blocked.sub.html.sub.headers b/content-security-policy/blink-contrib-2/form-action-src-get-blocked.sub.html.sub.headers
deleted file mode 100644
index e7a044d..0000000
--- a/content-security-policy/blink-contrib-2/form-action-src-get-blocked.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: form-action-src-get-blocked={{$id:uuid()}}; Path=/content-security-policy/blink-contrib-2
-Content-Security-Policy: form-action 'none'; script-src 'self' 'unsafe-inline'; connect-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib-2/form-action-src-javascript-blocked.sub.html.sub.headers b/content-security-policy/blink-contrib-2/form-action-src-javascript-blocked.sub.html.sub.headers
deleted file mode 100644
index ffa2288..0000000
--- a/content-security-policy/blink-contrib-2/form-action-src-javascript-blocked.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: form-action-src-javascript-blocked={{$id:uuid()}}; Path=/content-security-policy/blink-contrib-2
-Content-Security-Policy: form-action 'none'; script-src 'self' 'nonce-noncynonce'; connect-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib-2/form-action-src-redirect-blocked.sub.html.sub.headers b/content-security-policy/blink-contrib-2/form-action-src-redirect-blocked.sub.html.sub.headers
deleted file mode 100644
index ee767f4..0000000
--- a/content-security-policy/blink-contrib-2/form-action-src-redirect-blocked.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: form-action-src-redirect-blocked={{$id:uuid()}}; Path=/content-security-policy/blink-contrib-2
-Content-Security-Policy: form-action 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib-2/securitypolicyviolation-block-cross-origin-image-from-script.sub.html b/content-security-policy/blink-contrib-2/securitypolicyviolation-block-cross-origin-image-from-script.sub.html
deleted file mode 100644
index 82cad03..0000000
--- a/content-security-policy/blink-contrib-2/securitypolicyviolation-block-cross-origin-image-from-script.sub.html
+++ /dev/null
@@ -1,27 +0,0 @@
-<!DOCTYPE html>
-<html>
-
-<head>
- <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
- <title>securitypolicyviolation-block-cross-origin-image-from-script</title>
- <script src="/resources/testharness.js"></script>
- <script src="/resources/testharnessreport.js"></script>
- <script src='../support/logTest.sub.js?logs=["TEST COMPLETE"]'></script>
- <script src="../support/alertAssert.sub.js?alerts=[]"></script>
- <!-- enforcing policy:
-img-src 'none'; script-src 'self' 'unsafe-inline'; connect-src 'self';
--->
-</head>
-
-<body>
- <script>
- var x = document.createElement('script');
- x.src = 'http://{{host}}:{{ports[http][0]}}/content-security-policy/support/inject-image.js';
- document.body.appendChild(x);
-
- </script>
- <div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=true&reportField=violated-directive&reportValue=img-src%20'none'"></script>
-</body>
-
-</html>
diff --git a/content-security-policy/blink-contrib-2/securitypolicyviolation-block-cross-origin-image-from-script.sub.html.sub.headers b/content-security-policy/blink-contrib-2/securitypolicyviolation-block-cross-origin-image-from-script.sub.html.sub.headers
deleted file mode 100644
index 723ed28..0000000
--- a/content-security-policy/blink-contrib-2/securitypolicyviolation-block-cross-origin-image-from-script.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: securitypolicyviolation-block-cross-origin-image-from-script={{$id:uuid()}}; Path=/content-security-policy/blink-contrib-2
-Content-Security-Policy: img-src 'none'; script-src 'self' 'unsafe-inline'; connect-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib-2/securitypolicyviolation-block-cross-origin-image.sub.html b/content-security-policy/blink-contrib-2/securitypolicyviolation-block-cross-origin-image.sub.html
deleted file mode 100644
index 9b7dc32..0000000
--- a/content-security-policy/blink-contrib-2/securitypolicyviolation-block-cross-origin-image.sub.html
+++ /dev/null
@@ -1,29 +0,0 @@
-<!DOCTYPE html>
-<html>
-
-<head>
- <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
- <title>securitypolicyviolation-block-cross-origin-image</title>
- <script src="/resources/testharness.js"></script>
- <script src="/resources/testharnessreport.js"></script>
- <script src='../support/logTest.sub.js?logs=["TEST COMPLETE"]'></script>
- <script src="../support/alertAssert.sub.js?alerts=[]"></script>
- <!-- enforcing policy:
-img-src 'none'; script-src 'self' 'unsafe-inline'; connect-src 'self';
--->
-</head>
-
-<body>
- <script>
- var img = document.createElement('img');
- img.src = 'http://{{host}}:{{ports[http][0]}}/security/resources/abe.png';
- document.body.appendChild(img);
- log("TEST COMPLETE");
-
- </script>
- <p>Check that a SecurityPolicyViolationEvent strips detail from cross-origin blocked URLs.</p>
- <div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=true&reportField=violated-directive&reportValue=img-src%20'none'"></script>
-</body>
-
-</html>
diff --git a/content-security-policy/blink-contrib-2/securitypolicyviolation-block-cross-origin-image.sub.html.sub.headers b/content-security-policy/blink-contrib-2/securitypolicyviolation-block-cross-origin-image.sub.html.sub.headers
deleted file mode 100644
index d701a47..0000000
--- a/content-security-policy/blink-contrib-2/securitypolicyviolation-block-cross-origin-image.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: securitypolicyviolation-block-cross-origin-image={{$id:uuid()}}; Path=/content-security-policy/blink-contrib-2
-Content-Security-Policy: img-src 'none'; script-src 'self' 'unsafe-inline'; connect-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib-2/securitypolicyviolation-block-image-from-script.sub.html b/content-security-policy/blink-contrib-2/securitypolicyviolation-block-image-from-script.sub.html
deleted file mode 100644
index 33facfb..0000000
--- a/content-security-policy/blink-contrib-2/securitypolicyviolation-block-image-from-script.sub.html
+++ /dev/null
@@ -1,29 +0,0 @@
-<!DOCTYPE html>
-<html>
-
-<head>
- <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
- <title>securitypolicyviolation-block-image-from-script</title>
- <script src="/resources/testharness.js"></script>
- <script src="/resources/testharnessreport.js"></script>
- <script src='../support/logTest.sub.js?logs=["TEST COMPLETE"]'></script>
- <script src="../support/alertAssert.sub.js?alerts=[]"></script>
- <!-- enforcing policy:
-img-src 'none'; script-src 'self' 'unsafe-inline'; connect-src 'self';
--->
-</head>
-
-<body>
- <script>
- var script = document.createElement('script');
- script.src = '../support/inject-image.js';
- document.body.appendChild(script);
- log("TEST COMPLETE");
-
- </script>
- <p>Check that a SecurityPolicyViolationEvent is fired upon blocking an image injected via script.</p>
- <div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=true&reportField=violated-directive&reportValue=img-src%20'none'"></script>
-</body>
-
-</html>
diff --git a/content-security-policy/blink-contrib-2/securitypolicyviolation-block-image-from-script.sub.html.sub.headers b/content-security-policy/blink-contrib-2/securitypolicyviolation-block-image-from-script.sub.html.sub.headers
deleted file mode 100644
index 6b6084d..0000000
--- a/content-security-policy/blink-contrib-2/securitypolicyviolation-block-image-from-script.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: securitypolicyviolation-block-image-from-script={{$id:uuid()}}; Path=/content-security-policy/blink-contrib-2
-Content-Security-Policy: img-src 'none'; script-src 'self' 'unsafe-inline'; connect-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib-2/securitypolicyviolation-block-image.sub.html b/content-security-policy/blink-contrib-2/securitypolicyviolation-block-image.sub.html
deleted file mode 100644
index 3e62e2d..0000000
--- a/content-security-policy/blink-contrib-2/securitypolicyviolation-block-image.sub.html
+++ /dev/null
@@ -1,34 +0,0 @@
-<!DOCTYPE html>
-<html>
-
-<head>
- <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
- <title>securitypolicyviolation-block-image</title>
- <script src="/resources/testharness.js"></script>
- <script src="/resources/testharnessreport.js"></script>
- <script src='../support/logTest.sub.js?logs=["TEST COMPLETE"]'></script>
- <script src="../support/alertAssert.sub.js?alerts=[]"></script>
- <!-- enforcing policy:
-img-src 'none'; script-src 'self' 'unsafe-inline'; connect-src 'self';
--->
-</head>
-
-<body>
- <script>
- var img = document.createElement('img');
- img.src = '../support/fail.png';
- img.onerror = function() {
- log("TEST COMPLETE");
- };
- img.onload = function() {
- log("FAIL");
- };
- document.body.appendChild(img);
-
- </script>
- <p>Check that a SecurityPolicyViolationEvent is fired upon blocking an image.</p>
- <div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=true&reportField=violated-directive&reportValue=img-src%20'none'"></script>
-</body>
-
-</html>
diff --git a/content-security-policy/blink-contrib-2/securitypolicyviolation-block-image.sub.html.sub.headers b/content-security-policy/blink-contrib-2/securitypolicyviolation-block-image.sub.html.sub.headers
deleted file mode 100644
index 1f4f845..0000000
--- a/content-security-policy/blink-contrib-2/securitypolicyviolation-block-image.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: securitypolicyviolation-block-image={{$id:uuid()}}; Path=/content-security-policy/blink-contrib-2
-Content-Security-Policy: img-src 'none'; script-src 'self' 'unsafe-inline'; connect-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/blob-urls-do-not-match-self.sub.html.sub.headers b/content-security-policy/blink-contrib/blob-urls-do-not-match-self.sub.html.sub.headers
deleted file mode 100644
index cbfc8d4..0000000
--- a/content-security-policy/blink-contrib/blob-urls-do-not-match-self.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: blob-urls-do-not-match-self={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: script-src 'self' 'unsafe-inline'; connect-src 'self'; child-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/blob-urls-match-blob.sub.html.sub.headers b/content-security-policy/blink-contrib/blob-urls-match-blob.sub.html.sub.headers
deleted file mode 100644
index be74e61..0000000
--- a/content-security-policy/blink-contrib/blob-urls-match-blob.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: blob-urls-match-blob={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: script-src 'self' 'unsafe-inline' blob:; connect-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/combine-header-and-meta-policies.sub.html.sub.headers b/content-security-policy/blink-contrib/combine-header-and-meta-policies.sub.html.sub.headers
deleted file mode 100644
index b1f0e7f..0000000
--- a/content-security-policy/blink-contrib/combine-header-and-meta-policies.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: combine-header-and-meta-policies={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: script-src 'self' 'unsafe-inline'; connect-src 'self'; style-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/connect-src-beacon-allowed.sub.html.sub.headers b/content-security-policy/blink-contrib/connect-src-beacon-allowed.sub.html.sub.headers
deleted file mode 100644
index bd3eda4..0000000
--- a/content-security-policy/blink-contrib/connect-src-beacon-allowed.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: connect-src-beacon-allowed={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: connect-src 'self' http://{{host}}:{{ports[http][0]}}; script-src 'self' 'unsafe-inline'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/connect-src-beacon-blocked.sub.html b/content-security-policy/blink-contrib/connect-src-beacon-blocked.sub.html
deleted file mode 100644
index f68d3c3..0000000
--- a/content-security-policy/blink-contrib/connect-src-beacon-blocked.sub.html
+++ /dev/null
@@ -1,40 +0,0 @@
-<!DOCTYPE html>
-<html>
-
-<head>
- <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
- <title>connect-src-beacon-blocked</title>
- <script src="/resources/testharness.js"></script>
- <script src="/resources/testharnessreport.js"></script>
- <script src='../support/logTest.sub.js?logs=["Pass"]'></script>
- <script src="../support/alertAssert.sub.js?alerts=[]"></script>
- <!-- enforcing policy:
-connect-src 'self' http://{{host}}:{{ports[http][0]}}; script-src 'self' 'unsafe-inline';
--->
-</head>
-
-<body>
- <script>
- if (typeof navigator.sendBeacon != 'function') {
- t_log.set_status(t_log.NOTRUN, "No navigator.sendBeacon, cannot run test.");
- t_log.phase = t_log.phases.HAS_RESULT;
- t_log.done();
- } else {
- try {
- var es = navigator.sendBeacon("http://www1.{{host}}:{{ports[http][0]}}/security/contentSecurityPolicy/echo-report.php");
- log("Pass");
- } catch (e) {
- log("Fail");
- }
- var report = document.createElement("script");
- report.src = "../support/checkReport.sub.js?reportExists=true&reportField=violated-directive&reportValue=connect-src%20'self'";
- report.async = true;
- report.defer = true;
- document.body.appendChild(report);
- }
-
- </script>
- <div id="log"></div>
-</body>
-
-</html>
diff --git a/content-security-policy/blink-contrib/connect-src-beacon-blocked.sub.html.sub.headers b/content-security-policy/blink-contrib/connect-src-beacon-blocked.sub.html.sub.headers
deleted file mode 100644
index 69ded8d..0000000
--- a/content-security-policy/blink-contrib/connect-src-beacon-blocked.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: connect-src-beacon-blocked={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: connect-src 'self'; script-src 'self' 'unsafe-inline'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/connect-src-beacon-redirect-to-blocked.sub.html.sub.headers b/content-security-policy/blink-contrib/connect-src-beacon-redirect-to-blocked.sub.html.sub.headers
deleted file mode 100644
index 2c69d0d..0000000
--- a/content-security-policy/blink-contrib/connect-src-beacon-redirect-to-blocked.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: connect-src-beacon-redirect-to-blocked={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: connect-src 'self'; script-src 'self' 'unsafe-inline'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/connect-src-eventsource-allowed.sub.html.sub.headers b/content-security-policy/blink-contrib/connect-src-eventsource-allowed.sub.html.sub.headers
deleted file mode 100644
index eff5c54..0000000
--- a/content-security-policy/blink-contrib/connect-src-eventsource-allowed.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: connect-src-eventsource-allowed={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: connect-src 'self' http://{{host}}:{{ports[http][0]}}; script-src 'self' 'unsafe-inline'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/connect-src-eventsource-blocked.sub.html b/content-security-policy/blink-contrib/connect-src-eventsource-blocked.sub.html
deleted file mode 100644
index 5be570c..0000000
--- a/content-security-policy/blink-contrib/connect-src-eventsource-blocked.sub.html
+++ /dev/null
@@ -1,40 +0,0 @@
-<!DOCTYPE html>
-<html>
-
-<head>
- <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
- <title>connect-src-eventsource-blocked</title>
- <script src="/resources/testharness.js"></script>
- <script src="/resources/testharnessreport.js"></script>
- <script src='../support/logTest.sub.js?logs=["Pass"]'></script>
- <script src="../support/alertAssert.sub.js?alerts=[]"></script>
- <!-- enforcing policy:
-connect-src 'self'; script-src 'self' 'unsafe-inline';
--->
-</head>
-
-<body>
- <script>
- try {
- var es = new EventSource("http://www1.{{host}}:{{ports[http][0]}}/content-security-policy/blink-contrib/resources/simple-event-stream");
- // Firefox doesn't throw an exception and takes some time to close async
- if (es.readyState == EventSource.CONNECTING) {
- setTimeout( function() {
- es.readyState != EventSource.CLOSED ? log("Fail") : log("Pass");
- }, 2);
- } else if (es.readyState == EventSource.CLOSED) {
- log("Pass");
- } else {
- log("Fail");
- }
-
- } catch (e) {
- log("Pass");
- }
-
- </script>
- <div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=true&reportField=violated-directive&reportValue=connect-src%20'self'"></script>
-</body>
-
-</html>
diff --git a/content-security-policy/blink-contrib/connect-src-eventsource-blocked.sub.html.sub.headers b/content-security-policy/blink-contrib/connect-src-eventsource-blocked.sub.html.sub.headers
deleted file mode 100644
index ac37816..0000000
--- a/content-security-policy/blink-contrib/connect-src-eventsource-blocked.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: connect-src-eventsource-blocked={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: connect-src 'self'; script-src 'self' 'unsafe-inline'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/connect-src-eventsource-redirect-to-blocked.sub.html.sub.headers b/content-security-policy/blink-contrib/connect-src-eventsource-redirect-to-blocked.sub.html.sub.headers
deleted file mode 100644
index c63c8a9..0000000
--- a/content-security-policy/blink-contrib/connect-src-eventsource-redirect-to-blocked.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: connect-src-eventsource-redirect-to-blocked={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: connect-src 'self' http://{{host}}:{{ports[http][0]}}/security/contentSecurityPolicy/resources/redir.php; script-src 'self' 'unsafe-inline'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/connect-src-websocket-allowed.sub.html.sub.headers b/content-security-policy/blink-contrib/connect-src-websocket-allowed.sub.html.sub.headers
deleted file mode 100644
index 7074351..0000000
--- a/content-security-policy/blink-contrib/connect-src-websocket-allowed.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: connect-src-websocket-allowed={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: connect-src 'self' ws://127.0.0.1:8880; script-src 'self' 'unsafe-inline'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/connect-src-websocket-blocked.sub.html b/content-security-policy/blink-contrib/connect-src-websocket-blocked.sub.html
deleted file mode 100644
index 68f86de..0000000
--- a/content-security-policy/blink-contrib/connect-src-websocket-blocked.sub.html
+++ /dev/null
@@ -1,30 +0,0 @@
-<!DOCTYPE html>
-<html>
-
-<head>
- <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
- <title>connect-src-websocket-blocked</title>
- <script src="/resources/testharness.js"></script>
- <script src="/resources/testharnessreport.js"></script>
- <script src='../support/logTest.sub.js?logs=["Pass"]'></script>
- <script src="../support/alertAssert.sub.js?alerts=[]"></script>
- <!-- enforcing policy:
-connect-src 'self' ws://127.0.0.1:8880; script-src 'self' 'unsafe-inline';
--->
-</head>
-
-<body>
- <script>
- try {
- var ws = new WebSocket("ws://localhost:8880/echo");
- log("Fail");
- } catch (e) {
- log("Pass");
- }
-
- </script>
- <div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=true&reportField=violated-directive&reportValue=connect-src%20ws://127.0.0.1:8880"></script>
-</body>
-
-</html>
diff --git a/content-security-policy/blink-contrib/connect-src-websocket-blocked.sub.html.sub.headers b/content-security-policy/blink-contrib/connect-src-websocket-blocked.sub.html.sub.headers
deleted file mode 100644
index 69036f5..0000000
--- a/content-security-policy/blink-contrib/connect-src-websocket-blocked.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: connect-src-websocket-blocked={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: connect-src 'self' ws://127.0.0.1:8880; script-src 'self' 'unsafe-inline'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/connect-src-xmlhttprequest-allowed.sub.html.sub.headers b/content-security-policy/blink-contrib/connect-src-xmlhttprequest-allowed.sub.html.sub.headers
deleted file mode 100644
index dbabcad..0000000
--- a/content-security-policy/blink-contrib/connect-src-xmlhttprequest-allowed.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: connect-src-xmlhttprequest-allowed={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: connect-src 'self' http://{{host}}:{{ports[http][0]}}; script-src 'self' 'unsafe-inline'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/connect-src-xmlhttprequest-blocked.sub.html b/content-security-policy/blink-contrib/connect-src-xmlhttprequest-blocked.sub.html
deleted file mode 100644
index 014bb21..0000000
--- a/content-security-policy/blink-contrib/connect-src-xmlhttprequest-blocked.sub.html
+++ /dev/null
@@ -1,37 +0,0 @@
-<!DOCTYPE html>
-<html>
-
-<head>
- <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
- <title>connect-src-xmlhttprequest-blocked</title>
- <script src="/resources/testharness.js"></script>
- <script src="/resources/testharnessreport.js"></script>
- <script src='../support/logTest.sub.js?logs=["Pass"]'></script>
- <script src="../support/alertAssert.sub.js?alerts=[]"></script>
- <!-- enforcing policy:
-connect-src 'self'; script-src 'self' 'unsafe-inline';
--->
-</head>
-
-<body>
- <script>
- try {
- var xhr = new XMLHttpRequest;
- xhr.open("GET", "http://www1.{{host}}:{{ports[http][0]}}/content-security-policy/support/fail.png", true);
- xhr.send();
- xhr.onload = function() {
- log("Fail");
- }
- xhr.onerror = function() {
- log("Pass");
- }
- } catch (e) {
- log("Pass");
- }
-
- </script>
- <div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=true&reportField=violated-directive&reportValue=connect-src%20'self'"></script>
-</body>
-
-</html>
diff --git a/content-security-policy/blink-contrib/connect-src-xmlhttprequest-blocked.sub.html.sub.headers b/content-security-policy/blink-contrib/connect-src-xmlhttprequest-blocked.sub.html.sub.headers
deleted file mode 100644
index d338034..0000000
--- a/content-security-policy/blink-contrib/connect-src-xmlhttprequest-blocked.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: connect-src-xmlhttprequest-blocked={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: connect-src 'self'; script-src 'self' 'unsafe-inline'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/connect-src-xmlhttprequest-redirect-to-blocked.sub.html.sub.headers b/content-security-policy/blink-contrib/connect-src-xmlhttprequest-redirect-to-blocked.sub.html.sub.headers
deleted file mode 100644
index 452104e..0000000
--- a/content-security-policy/blink-contrib/connect-src-xmlhttprequest-redirect-to-blocked.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: connect-src-xmlhttprequest-redirect-to-blocked={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: connect-src 'self'; script-src 'self' 'unsafe-inline'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/default-src-inline-allowed.sub.html.sub.headers b/content-security-policy/blink-contrib/default-src-inline-allowed.sub.html.sub.headers
deleted file mode 100644
index f223f06..0000000
--- a/content-security-policy/blink-contrib/default-src-inline-allowed.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: default-src-inline-allowed={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: default-src 'self' about: 'unsafe-inline'; connect-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/default-src-inline-blocked.sub.html b/content-security-policy/blink-contrib/default-src-inline-blocked.sub.html
deleted file mode 100644
index ad66a9d..0000000
--- a/content-security-policy/blink-contrib/default-src-inline-blocked.sub.html
+++ /dev/null
@@ -1,27 +0,0 @@
-<!DOCTYPE html>
-<html>
-
-<head>
- <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
- <title>default-src-inline-blocked</title>
- <script src="/resources/testharness.js"></script>
- <script src="/resources/testharnessreport.js"></script>
- <!-- enforcing policy:
-default-src 'self'; connect-src 'self';
--->
-</head>
-
-<body>
- This test passes if the inline scripts don't create failing tests and a CSP report is sent.
- <script>
- test(function() {
- assert_unreached('FAIL inline script ran')
- });
-
- </script>
- <script src="resources/document-write-alert-fail.js"></script>
- <div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=true&reportField=violated-directive&reportValue=default-src%20'self'"></script>
-</body>
-
-</html>
diff --git a/content-security-policy/blink-contrib/default-src-inline-blocked.sub.html.sub.headers b/content-security-policy/blink-contrib/default-src-inline-blocked.sub.html.sub.headers
deleted file mode 100644
index 63ea706..0000000
--- a/content-security-policy/blink-contrib/default-src-inline-blocked.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: default-src-inline-blocked={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: default-src 'self'; connect-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/duplicate-directive.sub.html.sub.headers b/content-security-policy/blink-contrib/duplicate-directive.sub.html.sub.headers
deleted file mode 100644
index eefd719..0000000
--- a/content-security-policy/blink-contrib/duplicate-directive.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: duplicate-directive={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-inline'; script-src 'none'; connect-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/eval-allowed.sub.html.sub.headers b/content-security-policy/blink-contrib/eval-allowed.sub.html.sub.headers
deleted file mode 100644
index 6bf55a1..0000000
--- a/content-security-policy/blink-contrib/eval-allowed.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: eval-allowed={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/eval-blocked-and-sends-report.sub.html.sub.headers b/content-security-policy/blink-contrib/eval-blocked-and-sends-report.sub.html.sub.headers
deleted file mode 100644
index f197e41..0000000
--- a/content-security-policy/blink-contrib/eval-blocked-and-sends-report.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: eval-blocked-and-sends-report={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: script-src 'self' 'unsafe-inline'; connect-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/eval-blocked-in-about-blank-iframe.sub.html b/content-security-policy/blink-contrib/eval-blocked-in-about-blank-iframe.sub.html
deleted file mode 100644
index 449f9d1..0000000
--- a/content-security-policy/blink-contrib/eval-blocked-in-about-blank-iframe.sub.html
+++ /dev/null
@@ -1,10 +0,0 @@
-
-<iframe src="about:blank"></iframe>
-Eval should be blocked in the iframe, but inline script should be allowed.
-<script>
- window.onload = function() {
- frames[0].log("<script>alert_assert(/PASS/); eval('alert_assert(/FAIL/);');<\/script>");
- frames[0].document.close();
- }
-
-</script>
diff --git a/content-security-policy/blink-contrib/eval-blocked-in-about-blank-iframe.sub.html.sub.headers b/content-security-policy/blink-contrib/eval-blocked-in-about-blank-iframe.sub.html.sub.headers
deleted file mode 100644
index 224f25b..0000000
--- a/content-security-policy/blink-contrib/eval-blocked-in-about-blank-iframe.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: eval-blocked-in-about-blank-iframe={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-inline'; connect-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/eval-blocked.sub.html.sub.headers b/content-security-policy/blink-contrib/eval-blocked.sub.html.sub.headers
deleted file mode 100644
index 124f56b..0000000
--- a/content-security-policy/blink-contrib/eval-blocked.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: eval-blocked={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-inline'; connect-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/eval-scripts-setInterval-allowed.sub.html b/content-security-policy/blink-contrib/eval-scripts-setInterval-allowed.sub.html
deleted file mode 100644
index 66fa95d..0000000
--- a/content-security-policy/blink-contrib/eval-scripts-setInterval-allowed.sub.html
+++ /dev/null
@@ -1,31 +0,0 @@
-<!DOCTYPE html>
-<html>
-
-<head>
- <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
- <title>eval-scripts-setInterval-allowed</title>
- <script src="/resources/testharness.js"></script>
- <script src="/resources/testharnessreport.js"></script>
- <script src="../support/logTest.sub.js?logs=[]"></script>
- <script src='../support/alertAssert.sub.js?alerts=["PASS 1 of 2","PASS 2 of 2"]'></script>
- <!-- enforcing policy:
-script-src 'self' 'unsafe-inline' 'unsafe-inline' 'unsafe-eval'; connect-src 'self';
--->
-</head>
-<pre>
-<script>
- {
-}
-var id_string = setInterval("clearInterval(id_string); alert_assert('PASS 1 of 2')", 0);
-if (id_string == 0)
- log('FAIL: Return value for string (should not be 0): ' + id_string);
-var id_function = setInterval(function() {
- clearInterval(id_function);
- alert_assert('PASS 2 of 2');
-}, 0);
-if (id_function == 0)
- document.write('FAIL: Return value for function (should not be 0): ' + id_function);
-</script>
-</pre>
-
-</html>
diff --git a/content-security-policy/blink-contrib/eval-scripts-setInterval-allowed.sub.html.sub.headers b/content-security-policy/blink-contrib/eval-scripts-setInterval-allowed.sub.html.sub.headers
deleted file mode 100644
index f13ba4c..0000000
--- a/content-security-policy/blink-contrib/eval-scripts-setInterval-allowed.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: eval-scripts-setInterval-allowed={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/eval-scripts-setInterval-blocked.sub.html b/content-security-policy/blink-contrib/eval-scripts-setInterval-blocked.sub.html
deleted file mode 100644
index 45d873c..0000000
--- a/content-security-policy/blink-contrib/eval-scripts-setInterval-blocked.sub.html
+++ /dev/null
@@ -1,31 +0,0 @@
-<!DOCTYPE html>
-<html>
-
-<head>
- <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
- <title>eval-scripts-setInterval-blocked</title>
- <script src="/resources/testharness.js"></script>
- <script src="/resources/testharnessreport.js"></script>
- <script src="../support/logTest.sub.js?logs=[]"></script>
- <script src='../support/alertAssert.sub.js?alerts=["PASS"]'></script>
- <!-- enforcing policy:
-script-src 'self' 'unsafe-inline' 'unsafe-inline'; connect-src 'self';
--->
-</head>
-<pre>
-<script>
- {
-}
-var id = setInterval("alert_assert('FAIL')", 0);
-if (id != 0)
- log('FAIL: Return value for string (should be 0): ' + id);
-var id = setInterval(function() {
- clearInterval(id);
- alert_assert('PASS');
-}, 0);
-if (id == 0)
- document.write('FAIL: Return value for function (should not be 0): ' + id);
-</script>
-</pre>
-
-</html>
diff --git a/content-security-policy/blink-contrib/eval-scripts-setInterval-blocked.sub.html.sub.headers b/content-security-policy/blink-contrib/eval-scripts-setInterval-blocked.sub.html.sub.headers
deleted file mode 100644
index 1bd6b63..0000000
--- a/content-security-policy/blink-contrib/eval-scripts-setInterval-blocked.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: eval-scripts-setInterval-blocked={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-inline'; connect-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/eval-scripts-setTimeout-allowed.sub.html b/content-security-policy/blink-contrib/eval-scripts-setTimeout-allowed.sub.html
deleted file mode 100644
index 9b2e595..0000000
--- a/content-security-policy/blink-contrib/eval-scripts-setTimeout-allowed.sub.html
+++ /dev/null
@@ -1,30 +0,0 @@
-<!DOCTYPE html>
-<html>
-
-<head>
- <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
- <title>eval-scripts-setTimeout-allowed</title>
- <script src="/resources/testharness.js"></script>
- <script src="/resources/testharnessreport.js"></script>
- <script src="../support/logTest.sub.js?logs=[]"></script>
- <script src='../support/alertAssert.sub.js?alerts=["PASS 1 of 2","PASS 2 of 2"]'></script>
- <!-- enforcing policy:
-script-src 'self' 'unsafe-inline' 'unsafe-inline' 'unsafe-eval'; connect-src 'self';
--->
-</head>
-<pre>
-<script>
- {
-}
-var id = setTimeout("alert_assert('PASS 1 of 2')", 0);
-if (id == 0)
- log('FAIL: Return value for string (should not be 0): ' + id);
-var id = setTimeout(function() {
- alert_assert('PASS 2 of 2');
-}, 0);
-if (id == 0)
- document.write('FAIL: Return value for function (should not be 0): ' + id);
-</script>
-</pre>
-
-</html>
diff --git a/content-security-policy/blink-contrib/eval-scripts-setTimeout-allowed.sub.html.sub.headers b/content-security-policy/blink-contrib/eval-scripts-setTimeout-allowed.sub.html.sub.headers
deleted file mode 100644
index 4d664d6..0000000
--- a/content-security-policy/blink-contrib/eval-scripts-setTimeout-allowed.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: eval-scripts-setTimeout-allowed={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/eval-scripts-setTimeout-blocked.sub.html b/content-security-policy/blink-contrib/eval-scripts-setTimeout-blocked.sub.html
deleted file mode 100644
index 72ed2ce..0000000
--- a/content-security-policy/blink-contrib/eval-scripts-setTimeout-blocked.sub.html
+++ /dev/null
@@ -1,30 +0,0 @@
-<!DOCTYPE html>
-<html>
-
-<head>
- <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
- <title>eval-scripts-setTimeout-blocked</title>
- <script src="/resources/testharness.js"></script>
- <script src="/resources/testharnessreport.js"></script>
- <script src="../support/logTest.sub.js?logs=[]"></script>
- <script src='../support/alertAssert.sub.js?alerts=["PASS"]'></script>
- <!-- enforcing policy:
-script-src 'self' 'unsafe-inline' 'unsafe-inline'; connect-src 'self';
--->
-</head>
-<pre>
-<script>
- {
-}
-var id = setTimeout("alert_assert('FAIL')", 0);
-if (id != 0)
- log('FAIL: Return value for string (should be 0): ' + id);
-var id = setTimeout(function() {
- alert_assert('PASS');
-}, 0);
-if (id == 0)
- document.write('FAIL: Return value for function (should not be 0): ' + id);
-</script>
-</pre>
-
-</html>
diff --git a/content-security-policy/blink-contrib/eval-scripts-setTimeout-blocked.sub.html.sub.headers b/content-security-policy/blink-contrib/eval-scripts-setTimeout-blocked.sub.html.sub.headers
deleted file mode 100644
index 81537fe..0000000
--- a/content-security-policy/blink-contrib/eval-scripts-setTimeout-blocked.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: eval-scripts-setTimeout-blocked={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-inline'; connect-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/filesystem-urls-do-not-match-self.sub.html.sub.headers b/content-security-policy/blink-contrib/filesystem-urls-do-not-match-self.sub.html.sub.headers
deleted file mode 100644
index a68e2a3..0000000
--- a/content-security-policy/blink-contrib/filesystem-urls-do-not-match-self.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: filesystem-urls-do-not-match-self={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: script-src 'self' 'unsafe-inline'; connect-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/filesystem-urls-match-filesystem.sub.html.sub.headers b/content-security-policy/blink-contrib/filesystem-urls-match-filesystem.sub.html.sub.headers
deleted file mode 100644
index f9956ed..0000000
--- a/content-security-policy/blink-contrib/filesystem-urls-match-filesystem.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: filesystem-urls-match-filesystem={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: script-src 'self' 'unsafe-inline' filesystem:; connect-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/frame-src-about-blank-allowed-by-default.sub.html b/content-security-policy/blink-contrib/frame-src-about-blank-allowed-by-default.sub.html
deleted file mode 100644
index a363ce9..0000000
--- a/content-security-policy/blink-contrib/frame-src-about-blank-allowed-by-default.sub.html
+++ /dev/null
@@ -1,24 +0,0 @@
-<!DOCTYPE html>
-<html>
-
-<head>
- <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
- <title>frame-src-about-blank-allowed-by-default</title>
- <script src="/resources/testharness.js"></script>
- <script src="/resources/testharnessreport.js"></script>
-
- <!-- enforcing policy:
-frame-src 'none'; object-src 'none'; script-src 'self' 'unsafe-inline'; connect-src 'self';
--->
- <p>These frames should not be blocked by Content-Security-Policy.
- It's pointless to block about:blank iframes because
- blocking a frame just results in displaying about:blank anyway!
- </p>
- <iframe src="about:blank"></iframe>
- <object type="text/html" data="about:blank"></object>
-
- <div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=false"></script>
-</body>
-
-</html>
\ No newline at end of file
diff --git a/content-security-policy/blink-contrib/frame-src-about-blank-allowed-by-default.sub.html.sub.headers b/content-security-policy/blink-contrib/frame-src-about-blank-allowed-by-default.sub.html.sub.headers
deleted file mode 100644
index ba11699..0000000
--- a/content-security-policy/blink-contrib/frame-src-about-blank-allowed-by-default.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: frame-src-about-blank-allowed-by-default={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: frame-src 'none'; object-src 'none'; script-src 'self' 'unsafe-inline'; connect-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/frame-src-about-blank-allowed-by-scheme.sub.html b/content-security-policy/blink-contrib/frame-src-about-blank-allowed-by-scheme.sub.html
deleted file mode 100644
index e4c4739..0000000
--- a/content-security-policy/blink-contrib/frame-src-about-blank-allowed-by-scheme.sub.html
+++ /dev/null
@@ -1,20 +0,0 @@
-<!DOCTYPE html>
-<html>
-
-<head>
- <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
- <title>frame-src-about-blank-allowed-by-scheme</title>
- <script src="/resources/testharness.js"></script>
- <script src="/resources/testharnessreport.js"></script>
-
- <!-- enforcing policy:
-frame-src about:; script-src 'self' 'unsafe-inline'; connect-src 'self';
--->
- <p>This frame should not be blocked by Content-Security-Policy.
- </p>
- <iframe src="about:blank"></iframe>
- <div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=false"></script>
-</body>
-
-</html>
\ No newline at end of file
diff --git a/content-security-policy/blink-contrib/frame-src-about-blank-allowed-by-scheme.sub.html.sub.headers b/content-security-policy/blink-contrib/frame-src-about-blank-allowed-by-scheme.sub.html.sub.headers
deleted file mode 100644
index e23b82a..0000000
--- a/content-security-policy/blink-contrib/frame-src-about-blank-allowed-by-scheme.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: frame-src-about-blank-allowed-by-scheme={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: frame-src about:; script-src 'self' 'unsafe-inline'; connect-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/frame-src-allowed.sub.html.sub.headers b/content-security-policy/blink-contrib/frame-src-allowed.sub.html.sub.headers
deleted file mode 100644
index 05247b4..0000000
--- a/content-security-policy/blink-contrib/frame-src-allowed.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: frame-src-allowed={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: frame-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/frame-src-blocked.sub.html.sub.headers b/content-security-policy/blink-contrib/frame-src-blocked.sub.html.sub.headers
deleted file mode 100644
index bd0e6d1..0000000
--- a/content-security-policy/blink-contrib/frame-src-blocked.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: frame-src-blocked={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: frame-src 'none'; script-src 'self' 'unsafe-inline'; connect-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/frame-src-cross-origin-load.sub.html.sub.headers b/content-security-policy/blink-contrib/frame-src-cross-origin-load.sub.html.sub.headers
deleted file mode 100644
index 0970bbe..0000000
--- a/content-security-policy/blink-contrib/frame-src-cross-origin-load.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: frame-src-cross-origin-load={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: frame-src 'self' http://www1.{{host}}:{{ports[http][0]}}; script-src 'self' 'unsafe-inline'; connect-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/function-constructor-allowed.sub.html b/content-security-policy/blink-contrib/function-constructor-allowed.sub.html
deleted file mode 100644
index 92cd088..0000000
--- a/content-security-policy/blink-contrib/function-constructor-allowed.sub.html
+++ /dev/null
@@ -1,25 +0,0 @@
-<!DOCTYPE html>
-<html>
-
-<head>
- <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
- <title>function-constructor-allowed</title>
- <script src="/resources/testharness.js"></script>
- <script src="/resources/testharnessreport.js"></script>
- <script src="../support/logTest.sub.js?logs=[]"></script>
- <script src='../support/alertAssert.sub.js?alerts=["PASS"]'></script>
- <!-- enforcing policy:
-script-src 'self' 'unsafe-inline' 'unsafe-inline' 'unsafe-eval'; connect-src 'self';
--->
-</head>
-
-<body>
- <script>
- (new Function("alert_assert('PASS')"))();
-
- </script>
- <div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=false"></script>
-</body>
-
-</html>
diff --git a/content-security-policy/blink-contrib/function-constructor-allowed.sub.html.sub.headers b/content-security-policy/blink-contrib/function-constructor-allowed.sub.html.sub.headers
deleted file mode 100644
index dd80eba..0000000
--- a/content-security-policy/blink-contrib/function-constructor-allowed.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: function-constructor-allowed={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/function-constructor-blocked.sub.html.sub.headers b/content-security-policy/blink-contrib/function-constructor-blocked.sub.html.sub.headers
deleted file mode 100644
index eb7da39..0000000
--- a/content-security-policy/blink-contrib/function-constructor-blocked.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: function-constructor-blocked={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-inline'; connect-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/icon-allowed.sub.html b/content-security-policy/blink-contrib/icon-allowed.sub.html
deleted file mode 100644
index 8bacdd3..0000000
--- a/content-security-policy/blink-contrib/icon-allowed.sub.html
+++ /dev/null
@@ -1,19 +0,0 @@
-<!DOCTYPE html>
-<html>
-<script>
- {}
-
- function createLink(rel, src) {
- var link = document.createElement('link');
- link.rel = rel;
- link.href = src;
- document.head.appendChild(link);
- }
- window.addEventListener('DOMContentLoaded', function() {
- createLink('icon', 'http://localhost/foo?q=from_icon'); {}
- });
-
-</script>
-<p>Use callbacks to show that favicons are loaded as allowed by CSP when link tags are dynamically added to the page.</p>
-
-</html>
diff --git a/content-security-policy/blink-contrib/icon-allowed.sub.html.sub.headers b/content-security-policy/blink-contrib/icon-allowed.sub.html.sub.headers
deleted file mode 100644
index b7d557b..0000000
--- a/content-security-policy/blink-contrib/icon-allowed.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: icon-allowed={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: img-src http://localhost; script-src 'self' 'unsafe-inline'; connect-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/icon-blocked.sub.html b/content-security-policy/blink-contrib/icon-blocked.sub.html
deleted file mode 100644
index 978f25f..0000000
--- a/content-security-policy/blink-contrib/icon-blocked.sub.html
+++ /dev/null
@@ -1,17 +0,0 @@
-<!DOCTYPE html>
-<html>
-<script>
- function createLink(rel, src) {
- var link = document.createElement('link');
- link.rel = rel;
- link.href = src;
- document.head.appendChild(link);
- }
- window.addEventListener('DOMContentLoaded', function() {
- createLink('icon', 'http://localhost/foo?q=from_icon'); {}
- });
-
-</script>
-<p>Use callbacks to show that favicons are not loaded in violation of CSP when link tags are dynamically added to the page.</p>
-
-</html>
diff --git a/content-security-policy/blink-contrib/icon-blocked.sub.html.sub.headers b/content-security-policy/blink-contrib/icon-blocked.sub.html.sub.headers
deleted file mode 100644
index c4dc699..0000000
--- a/content-security-policy/blink-contrib/icon-blocked.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: icon-blocked={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: img-src 'none'; script-src 'self' 'unsafe-inline'; connect-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/iframe-inside-csp.sub.html b/content-security-policy/blink-contrib/iframe-inside-csp.sub.html
deleted file mode 100644
index f3d1e14..0000000
--- a/content-security-policy/blink-contrib/iframe-inside-csp.sub.html
+++ /dev/null
@@ -1 +0,0 @@
-<iframe src="resources/sandboxed-eval.php"></iframe>
diff --git a/content-security-policy/blink-contrib/image-allowed.sub.html b/content-security-policy/blink-contrib/image-allowed.sub.html
deleted file mode 100644
index c087692..0000000
--- a/content-security-policy/blink-contrib/image-allowed.sub.html
+++ /dev/null
@@ -1,22 +0,0 @@
-<!DOCTYPE html>
-<html>
-
-<head>
- <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
- <title>image-allowed</title>
- <script src="/resources/testharness.js"></script>
- <script src="/resources/testharnessreport.js"></script>
- <script src="../support/logTest.sub.js?logs=[]"></script>
- <script src='../support/alertAssert.sub.js?alerts=["PASS"]'></script>
- <!-- enforcing policy:
-img-src *; script-src 'self' 'unsafe-inline' 'unsafe-inline'; connect-src 'self';
--->
-</head>
-
-<body>
- <img src="../support/pass.png" onload="alert_assert(this.width == 168 ? 'PASS' : 'FAIL')">
- <div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=false"></script>
-</body>
-
-</html>
diff --git a/content-security-policy/blink-contrib/image-allowed.sub.html.sub.headers b/content-security-policy/blink-contrib/image-allowed.sub.html.sub.headers
deleted file mode 100644
index 3b85fc6..0000000
--- a/content-security-policy/blink-contrib/image-allowed.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: image-allowed={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: img-src *; script-src 'self' 'unsafe-inline' 'unsafe-inline'; connect-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/image-blocked.sub.html b/content-security-policy/blink-contrib/image-blocked.sub.html
deleted file mode 100644
index e572070..0000000
--- a/content-security-policy/blink-contrib/image-blocked.sub.html
+++ /dev/null
@@ -1,23 +0,0 @@
-<!DOCTYPE html>
-<html>
-
-<head>
- <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
- <title>image-blocked</title>
- <script src="/resources/testharness.js"></script>
- <script src="/resources/testharnessreport.js"></script>
- <script src="../support/logTest.sub.js?logs=[]"></script>
- <script src='../support/alertAssert.sub.js?alerts=["PASS"]'></script>
- <!-- enforcing policy:
-img-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-inline'; connect-src 'self';
--->
-</head>
-
-<body>
- This test passes if it doesn't alert FAIL and does alert PASS.
- <img src="../support/pass.png" onload='alert_assert("FAIL")' onerror='alert_assert("PASS")'>
- <div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=true&reportField=violated-directive&reportValue=img-src%20'none'"></script>
-</body>
-
-</html>
diff --git a/content-security-policy/blink-contrib/image-blocked.sub.html.sub.headers b/content-security-policy/blink-contrib/image-blocked.sub.html.sub.headers
deleted file mode 100644
index c58bb88..0000000
--- a/content-security-policy/blink-contrib/image-blocked.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: image-blocked={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: img-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-inline'; connect-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/image-full-host-wildcard-allowed.sub.html b/content-security-policy/blink-contrib/image-full-host-wildcard-allowed.sub.html
deleted file mode 100644
index 6482654..0000000
--- a/content-security-policy/blink-contrib/image-full-host-wildcard-allowed.sub.html
+++ /dev/null
@@ -1,22 +0,0 @@
-<!DOCTYPE html>
-<html>
-
-<head>
- <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
- <title>image-full-host-wildcard-allowed</title>
- <script src="/resources/testharness.js"></script>
- <script src="/resources/testharnessreport.js"></script>
- <script src="../support/logTest.sub.js?logs=[]"></script>
- <script src='../support/alertAssert.sub.js?alerts=["PASS"]'></script>
- <!-- enforcing policy:
-img-src http://*.{{host}}:{{ports[http][0]}}; script-src 'self' 'unsafe-inline' 'unsafe-inline'; connect-src 'self';
--->
-</head>
-
-<body>
- <img src="http://www1.{{host}}:{{ports[http][0]}}/content-security-policy/support/pass.png" onload="alert_assert(this.width == 168 ? 'PASS' : 'FAIL')">
- <div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=false"></script>
-</body>
-
-</html>
diff --git a/content-security-policy/blink-contrib/image-full-host-wildcard-allowed.sub.html.sub.headers b/content-security-policy/blink-contrib/image-full-host-wildcard-allowed.sub.html.sub.headers
deleted file mode 100644
index 0f384f0..0000000
--- a/content-security-policy/blink-contrib/image-full-host-wildcard-allowed.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: image-full-host-wildcard-allowed={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: img-src http://*.{{host}}:{{ports[http][0]}}; script-src 'self' 'unsafe-inline' 'unsafe-inline'; connect-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/injected-inline-script-allowed.sub.html b/content-security-policy/blink-contrib/injected-inline-script-allowed.sub.html
deleted file mode 100644
index 8ec6fe4..0000000
--- a/content-security-policy/blink-contrib/injected-inline-script-allowed.sub.html
+++ /dev/null
@@ -1,22 +0,0 @@
-<!DOCTYPE html>
-<html>
-
-<head>
- <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
- <title>injected-inline-script-allowed</title>
- <script src="/resources/testharness.js"></script>
- <script src="/resources/testharnessreport.js"></script>
- <script src="../support/logTest.sub.js?logs=[]"></script>
- <script src='../support/alertAssert.sub.js?alerts=["Pass 1 of 2","Pass 2 of 2"]'></script>
- <!-- enforcing policy:
- script-src 'self' 'unsafe-inline'; connect-src 'self';
- -->
-</head>
-
-<body>
- <script src="resources/inject-script.js"></script>
- <div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=false"></script>
-</body>
-
-</html>
diff --git a/content-security-policy/blink-contrib/injected-inline-script-allowed.sub.html.sub.headers b/content-security-policy/blink-contrib/injected-inline-script-allowed.sub.html.sub.headers
deleted file mode 100644
index 7f34539..0000000
--- a/content-security-policy/blink-contrib/injected-inline-script-allowed.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: injected-inline-script-allowed={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: script-src 'self' 'unsafe-inline'; connect-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/injected-inline-script-blocked.sub.html b/content-security-policy/blink-contrib/injected-inline-script-blocked.sub.html
deleted file mode 100644
index bee3f9a..0000000
--- a/content-security-policy/blink-contrib/injected-inline-script-blocked.sub.html
+++ /dev/null
@@ -1,20 +0,0 @@
-<!DOCTYPE html>
-<html>
-
-<head>
- <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
- <title>injected-inline-script-blocked</title>
- <script src="/resources/testharness.js"></script>
- <script src="/resources/testharnessreport.js"></script>
- <!-- enforcing policy:
-script-src 'self'; connect-src 'self';
--->
-</head>
-
-<body>
- <script src="resources/inject-script.js"></script>
- <div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=true&reportField=violated-directive&reportValue=script-src%20'self'"></script>
-</body>
-
-</html>
diff --git a/content-security-policy/blink-contrib/injected-inline-script-blocked.sub.html.sub.headers b/content-security-policy/blink-contrib/injected-inline-script-blocked.sub.html.sub.headers
deleted file mode 100644
index e90dec6..0000000
--- a/content-security-policy/blink-contrib/injected-inline-script-blocked.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: injected-inline-script-blocked={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: script-src 'self'; connect-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/injected-inline-style-allowed.sub.html.sub.headers b/content-security-policy/blink-contrib/injected-inline-style-allowed.sub.html.sub.headers
deleted file mode 100644
index 8a48dc2..0000000
--- a/content-security-policy/blink-contrib/injected-inline-style-allowed.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: injected-inline-style-allowed={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: style-src 'unsafe-inline'; script-src 'self' 'unsafe-inline'; connect-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/injected-inline-style-blocked.sub.html b/content-security-policy/blink-contrib/injected-inline-style-blocked.sub.html
deleted file mode 100644
index 1ed46cb..0000000
--- a/content-security-policy/blink-contrib/injected-inline-style-blocked.sub.html
+++ /dev/null
@@ -1,32 +0,0 @@
-<!DOCTYPE html>
-<html>
-
-<head>
- <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
- <title>injected-inline-style-blocked</title>
- <script src="/resources/testharness.js"></script>
- <script src="/resources/testharnessreport.js"></script>
- <script src='../support/logTest.sub.js?logs=["PASS"]'></script>
- <script src="../support/alertAssert.sub.js?alerts=[]"></script>
- <!-- enforcing policy:
-style-src 'none'; script-src 'self' 'unsafe-inline'; connect-src 'self';
--->
-</head>
-
-<body>
- <div id="test1">
- PASS 1/2
- </div>
- <div id="test2">
- PASS 2/2
- </div>
- <script src="resources/inject-style.js"></script>
- <script>
- log(document.styleSheets.length == 0 ? "PASS" : "FAIL");
-
- </script>
- <div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=true&reportField=violated-directive&reportValue=style-src%20'none'"></script>
-</body>
-
-</html>
diff --git a/content-security-policy/blink-contrib/injected-inline-style-blocked.sub.html.sub.headers b/content-security-policy/blink-contrib/injected-inline-style-blocked.sub.html.sub.headers
deleted file mode 100644
index d3f0a5e..0000000
--- a/content-security-policy/blink-contrib/injected-inline-style-blocked.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: injected-inline-style-blocked={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: style-src 'none'; script-src 'self' 'unsafe-inline'; connect-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/inline-style-allowed-while-cloning-objects.sub.html.sub.headers b/content-security-policy/blink-contrib/inline-style-allowed-while-cloning-objects.sub.html.sub.headers
deleted file mode 100644
index 963fa17..0000000
--- a/content-security-policy/blink-contrib/inline-style-allowed-while-cloning-objects.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: inline-style-allowed-while-cloning-objects={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: style-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/inline-style-allowed.sub.html.sub.headers b/content-security-policy/blink-contrib/inline-style-allowed.sub.html.sub.headers
deleted file mode 100644
index 8ff58f5..0000000
--- a/content-security-policy/blink-contrib/inline-style-allowed.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: inline-style-allowed={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: style-src 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-inline'; connect-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/inline-style-attribute-allowed.sub.html.sub.headers b/content-security-policy/blink-contrib/inline-style-attribute-allowed.sub.html.sub.headers
deleted file mode 100644
index 7d765e2..0000000
--- a/content-security-policy/blink-contrib/inline-style-attribute-allowed.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: inline-style-attribute-allowed={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: style-src 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-inline'; connect-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/inline-style-attribute-blocked.sub.html b/content-security-policy/blink-contrib/inline-style-attribute-blocked.sub.html
deleted file mode 100644
index 90efe9f..0000000
--- a/content-security-policy/blink-contrib/inline-style-attribute-blocked.sub.html
+++ /dev/null
@@ -1,25 +0,0 @@
-<!DOCTYPE html>
-<html>
-
-<head>
- <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
- <title>inline-style-attribute-blocked</title>
- <script src="/resources/testharness.js"></script>
- <script src="/resources/testharnessreport.js"></script>
- <script src='../support/logTest.sub.js?logs=["PASS"]'></script>
- <script src="../support/alertAssert.sub.js?alerts=[]"></script>
- <!-- enforcing policy:
-style-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-inline'; connect-src 'self';
--->
-</head>
-
-<body style="background-color: blue;">
- <script>
- log(document.body.style.length > 0 ? 'FAIL' : 'PASS');
-
- </script>
- <div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=true&reportField=violated-directive&reportValue=style-src%20'none'"></script>
-</body>
-
-</html>
diff --git a/content-security-policy/blink-contrib/inline-style-attribute-blocked.sub.html.sub.headers b/content-security-policy/blink-contrib/inline-style-attribute-blocked.sub.html.sub.headers
deleted file mode 100644
index 0b1ec14..0000000
--- a/content-security-policy/blink-contrib/inline-style-attribute-blocked.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: inline-style-attribute-blocked={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: style-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-inline'; connect-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/inline-style-attribute-on-html.sub.html.sub.headers b/content-security-policy/blink-contrib/inline-style-attribute-on-html.sub.html.sub.headers
deleted file mode 100644
index 66bf93f..0000000
--- a/content-security-policy/blink-contrib/inline-style-attribute-on-html.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: inline-style-attribute-on-html={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: script-src 'self' 'unsafe-inline'; connect-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/inline-style-blocked.sub.html.sub.headers b/content-security-policy/blink-contrib/inline-style-blocked.sub.html.sub.headers
deleted file mode 100644
index 0b83063..0000000
--- a/content-security-policy/blink-contrib/inline-style-blocked.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: inline-style-blocked={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: style-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-inline'; connect-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/resources/inject-script.js b/content-security-policy/blink-contrib/resources/inject-script.js
deleted file mode 100644
index 1553719..0000000
--- a/content-security-policy/blink-contrib/resources/inject-script.js
+++ /dev/null
@@ -1,5 +0,0 @@
-document.write("<script>alert_assert('Pass 1 of 2');</script>");
-
-var s = document.createElement('script');
-s.textContent = "alert_assert('Pass 2 of 2');";
-document.body.appendChild(s);
diff --git a/content-security-policy/blink-contrib/resources/postmessage-fail.html b/content-security-policy/blink-contrib/resources/postmessage-fail.html
deleted file mode 100644
index a0308ad..0000000
--- a/content-security-policy/blink-contrib/resources/postmessage-fail.html
+++ /dev/null
@@ -1,4 +0,0 @@
-<script>
- window.parent.postMessage('FAIL', '*');
-
-</script>
diff --git a/content-security-policy/blink-contrib/resources/postmessage-pass.html b/content-security-policy/blink-contrib/resources/postmessage-pass.html
deleted file mode 100644
index 700167b..0000000
--- a/content-security-policy/blink-contrib/resources/postmessage-pass.html
+++ /dev/null
@@ -1,4 +0,0 @@
-<script>
- window.parent.postMessage('PASS', '*');
-
-</script>
diff --git a/content-security-policy/blink-contrib/worker-connect-src-allowed.sub.html b/content-security-policy/blink-contrib/worker-connect-src-allowed.sub.html
deleted file mode 100644
index 9231491..0000000
--- a/content-security-policy/blink-contrib/worker-connect-src-allowed.sub.html
+++ /dev/null
@@ -1,33 +0,0 @@
-<!DOCTYPE html>
-<html>
-
-<head>
- <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
- <title>worker-connect-src-allowed</title>
- <script src="/resources/testharness.js"></script>
- <script src="/resources/testharnessreport.js"></script>
- <script src="../support/logTest.sub.js?logs=[]"></script>
- <script src='../support/alertAssert.sub.js?alerts=["xhr allowed"]'></script>
- <!-- enforcing policy:
-connect-src 'self' http://{{host}}:{{ports[http][0]}}; script-src 'self' 'unsafe-inline';
--->
-
-</head>
-
-<body>
- <script>
- try {
- var worker = new Worker('http://{{host}}:{{ports[http][0]}}/content-security-policy/blink-contrib/resources/worker-make-xhr.sub.js');
- worker.onmessage = function(event) {
- alert_assert(event.data);
- };
- } catch (e) {
- alert_assert(e);
- }
-
- </script>
- <div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=false"></script>
-</body>
-
-</html>
diff --git a/content-security-policy/blink-contrib/worker-connect-src-allowed.sub.html.sub.headers b/content-security-policy/blink-contrib/worker-connect-src-allowed.sub.html.sub.headers
deleted file mode 100644
index 92ef91f..0000000
--- a/content-security-policy/blink-contrib/worker-connect-src-allowed.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: worker-connect-src-allowed={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: connect-src 'self'; script-src 'self' 'unsafe-inline'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/worker-connect-src-blocked.sub.html b/content-security-policy/blink-contrib/worker-connect-src-blocked.sub.html
deleted file mode 100644
index 0541322..0000000
--- a/content-security-policy/blink-contrib/worker-connect-src-blocked.sub.html
+++ /dev/null
@@ -1,38 +0,0 @@
-<!DOCTYPE html>
-<html>
-
-<head>
- <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
- <title>worker-connect-src-blocked</title>
- <script src="/resources/testharness.js"></script>
- <script src="/resources/testharnessreport.js"></script>
- <script src="../support/logTest.sub.js?logs=[]"></script>
- <script src='../support/alertAssert.sub.js?alerts=["xhr blocked","TEST COMPLETE"]'></script>
- <!-- enforcing policy:
-connect-src *; script-src 'self' 'unsafe-inline';
--->
-
-</head>
-<p>This test loads a worker, which is delivered with its own
- policy. The worker should be blocked from making an XHR
- as that policy specifies a connect-src 'none', though
- this resource's policy is connect-src *. No report
- should be sent since the worker's policy doesn't specify
- a report-uri.</p>
-<body>
- <script>
- try {
- var worker = new Worker('http://{{host}}:{{ports[http][0]}}/content-security-policy/blink-contrib/resources/worker-make-xhr-blocked.sub.js');
- worker.onmessage = function(event) {
- alert_assert(event.data);
- };
- } catch (e) {
- alert_assert(e);
- }
-
- </script>
- <div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=false"></script>
-</body>
-
-</html>
diff --git a/content-security-policy/blink-contrib/worker-connect-src-blocked.sub.html.sub.headers b/content-security-policy/blink-contrib/worker-connect-src-blocked.sub.html.sub.headers
deleted file mode 100644
index e302aa8..0000000
--- a/content-security-policy/blink-contrib/worker-connect-src-blocked.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: worker-connect-src-blocked={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: connect-src *; script-src 'self' 'unsafe-inline'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/worker-eval-blocked.sub.html b/content-security-policy/blink-contrib/worker-eval-blocked.sub.html
deleted file mode 100644
index ac96e0f..0000000
--- a/content-security-policy/blink-contrib/worker-eval-blocked.sub.html
+++ /dev/null
@@ -1,37 +0,0 @@
-<!DOCTYPE html>
-<html>
-
-<head>
- <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
- <title>worker-eval-blocked</title>
- <script src="/resources/testharness.js"></script>
- <script src="/resources/testharnessreport.js"></script>
- <script src="../support/logTest.sub.js?logs=[]"></script>
- <script src='../support/alertAssert.sub.js?alerts=["eval blocked"]'></script>
- <!-- enforcing policy:
-script-src 'self' 'unsafe-inline' 'self'; connect-src 'self';
--->
-</head>
-
-<body>
- <p>This test loads a worker, delivered with its own policy.
- The eval() call in the worker should be forbidden by that
- policy. No report should be generated because the worker
- policy does not set a report-uri (although this parent
- resource does).</p>
- <script>
- try {
- var worker = new Worker('http://{{host}}:{{ports[http][0]}}/content-security-policy/blink-contrib/resources/worker-eval.js');
- worker.onmessage = function(event) {
- alert_assert(event.data);
- };
- } catch (e) {
- alert_assert(e);
- }
-
- </script>
- <div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=false"></script>
-</body>
-
-</html>
diff --git a/content-security-policy/blink-contrib/worker-eval-blocked.sub.html.sub.headers b/content-security-policy/blink-contrib/worker-eval-blocked.sub.html.sub.headers
deleted file mode 100644
index 8964f80..0000000
--- a/content-security-policy/blink-contrib/worker-eval-blocked.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: worker-eval-blocked={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: script-src 'self' 'unsafe-inline'; connect-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/worker-from-guid.sub.html.sub.headers b/content-security-policy/blink-contrib/worker-from-guid.sub.html.sub.headers
deleted file mode 100644
index d94d31a..0000000
--- a/content-security-policy/blink-contrib/worker-from-guid.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: worker-from-guid={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: connect-src 'self'; script-src 'self' 'unsafe-inline' blob:; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/worker-function-function-blocked.sub.html b/content-security-policy/blink-contrib/worker-function-function-blocked.sub.html
deleted file mode 100644
index 1db5747..0000000
--- a/content-security-policy/blink-contrib/worker-function-function-blocked.sub.html
+++ /dev/null
@@ -1,38 +0,0 @@
-<!DOCTYPE html>
-<html>
-
-<head>
- <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
- <title>worker-function-function-blocked</title>
- <script src="/resources/testharness.js"></script>
- <script src="/resources/testharnessreport.js"></script>
- <script src="../support/logTest.sub.js?logs=[]"></script>
- <script src='../support/alertAssert.sub.js?alerts=["Function() function blocked"]'></script>
- <!-- enforcing policy:
-script-src 'self' 'unsafe-inline' 'self' 'unsafe-inline'; connect-src 'self';
--->
-
-</head>
-
-<body>
- <p>This test loads a worker, delivered with its own policy.
- The Function constructor should be forbidden by that
- policy. No report should be generated because the worker
- policy does not set a report-uri (although this parent
- resource does).</p>
- <script>
- try {
- var worker = new Worker('http://{{host}}:{{ports[http][0]}}/content-security-policy/blink-contrib/resources/worker-function-function.js');
- worker.onmessage = function(event) {
- alert_assert(event.data);
- };
- } catch (e) {
- alert_assert(e);
- }
-
- </script>
- <div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=false"></script>
-</body>
-
-</html>
diff --git a/content-security-policy/blink-contrib/worker-function-function-blocked.sub.html.sub.headers b/content-security-policy/blink-contrib/worker-function-function-blocked.sub.html.sub.headers
deleted file mode 100644
index b012518..0000000
--- a/content-security-policy/blink-contrib/worker-function-function-blocked.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: worker-function-function-blocked={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: script-src 'self' 'unsafe-inline'; connect-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/worker-importscripts-blocked.sub.html.sub.headers b/content-security-policy/blink-contrib/worker-importscripts-blocked.sub.html.sub.headers
deleted file mode 100644
index 04de51d..0000000
--- a/content-security-policy/blink-contrib/worker-importscripts-blocked.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: worker-importscripts-blocked={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/worker-script-src.sub.html b/content-security-policy/blink-contrib/worker-script-src.sub.html
deleted file mode 100644
index 9caf772..0000000
--- a/content-security-policy/blink-contrib/worker-script-src.sub.html
+++ /dev/null
@@ -1,33 +0,0 @@
-<!DOCTYPE html>
-<html>
-
-<head>
- <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
- <title>worker-script-src</title>
- <script src="/resources/testharness.js"></script>
- <script src="/resources/testharnessreport.js"></script>
- <script src="../support/logTest.sub.js?logs=[]"></script>
- <script src='../support/alertAssert.sub.js?alerts=["PASS"]'></script>
- <!-- enforcing policy:
-script-src 'self' 'unsafe-inline'; connect-src 'self';
--->
-
-</head>
-
-<body>
- <script>
- try {
- var foo = new Worker('http://{{host}}:{{ports[http][0]}}/content-security-policy/blink-contrib/resources/post-message.js');
- foo.onmessage = function(event) {
- alert_assert("PASS");
- };
- } catch (e) {
- alert_assert(e);
- }
-
- </script>
- <div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=false"></script>
-</body>
-
-</html>
diff --git a/content-security-policy/blink-contrib/worker-script-src.sub.html.sub.headers b/content-security-policy/blink-contrib/worker-script-src.sub.html.sub.headers
deleted file mode 100644
index 76e5a3b..0000000
--- a/content-security-policy/blink-contrib/worker-script-src.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: worker-script-src={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: script-src 'self' 'unsafe-inline'; connect-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/worker-set-timeout-blocked.sub.html.sub.headers b/content-security-policy/blink-contrib/worker-set-timeout-blocked.sub.html.sub.headers
deleted file mode 100644
index fb6b3d0..0000000
--- a/content-security-policy/blink-contrib/worker-set-timeout-blocked.sub.html.sub.headers
+++ /dev/null
@@ -1,6 +0,0 @@
-Expires: Mon, 26 Jul 1997 05:00:00 GMT
-Cache-Control: no-store, no-cache, must-revalidate
-Cache-Control: post-check=0, pre-check=0, false
-Pragma: no-cache
-Set-Cookie: worker-set-timeout-blocked={{$id:uuid()}}; Path=/content-security-policy/blink-contrib
-Content-Security-Policy: script-src 'self' 'unsafe-inline' 'self' 'unsafe-eval'; connect-src 'self'; report-uri /content-security-policy/support/report.py?op=put&reportID={{$id}}
diff --git a/content-security-policy/blink-contrib/blob-urls-do-not-match-self.sub.html b/content-security-policy/blob/blob-urls-do-not-match-self.sub.html
similarity index 67%
rename from content-security-policy/blink-contrib/blob-urls-do-not-match-self.sub.html
rename to content-security-policy/blob/blob-urls-do-not-match-self.sub.html
index 912a29e..1bf96df 100644
--- a/content-security-policy/blink-contrib/blob-urls-do-not-match-self.sub.html
+++ b/content-security-policy/blob/blob-urls-do-not-match-self.sub.html
@@ -3,14 +3,12 @@
<head>
<!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="script-src 'self' 'unsafe-inline'; connect-src 'self'; child-src 'self';">
<title>blob-urls-do-not-match-self</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
- <script src="../support/logTest.sub.js?logs=[]"></script>
- <script src="../support/alertAssert.sub.js?alerts=[]"></script>
- <!-- enforcing policy:
-script-src 'self' 'unsafe-inline'; connect-src 'self'; child-src 'self';
--->
+ <script src='../support/logTest.sub.js?logs=["violated-directive=script-src"]'></script>
+ <script src='../support/alertAssert.sub.js?alerts=[]'></script>
</head>
<body>
@@ -18,6 +16,9 @@
blob: URLs are same-origin with the page in which they were created, but explicitly do not match the 'self' or '*' source in CSP directives because they are more akin to 'unsafe-inline' content.
</p>
<script>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log("violated-directive=" + e.violatedDirective);
+ });
function fail() {
alert_assert("FAIL!");
}
@@ -30,7 +31,6 @@
</script>
<div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=true&reportField=violated-directive&reportValue=script-src%20'self'%20'unsafe-inline'%20''"></script>
</body>
</html>
diff --git a/content-security-policy/blink-contrib/blob-urls-match-blob.sub.html b/content-security-policy/blob/blob-urls-match-blob.sub.html
similarity index 80%
rename from content-security-policy/blink-contrib/blob-urls-match-blob.sub.html
rename to content-security-policy/blob/blob-urls-match-blob.sub.html
index 819c1a6..41b06b3 100644
--- a/content-security-policy/blink-contrib/blob-urls-match-blob.sub.html
+++ b/content-security-policy/blob/blob-urls-match-blob.sub.html
@@ -3,14 +3,12 @@
<head>
<!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="script-src 'self' 'unsafe-inline' blob:; connect-src 'self';">
<title>blob-urls-match-blob</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src='../support/logTest.sub.js?logs=["PASS (1/1)"]'></script>
<script src="../support/alertAssert.sub.js?alerts=[]"></script>
- <!-- enforcing policy:
-script-src 'self' 'unsafe-inline' blob:; connect-src 'self';
--->
</head>
<body>
@@ -18,6 +16,10 @@
blob: URLs are same-origin with the page in which they were created, but match only if the blob: scheme is specified.
</p>
<script>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log("FAIL");
+ });
+
function pass() {
log("PASS (1/1)");
}
@@ -30,7 +32,6 @@
</script>
<div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=false"></script>
</body>
</html>
diff --git a/content-security-policy/blink-contrib/connect-src-beacon-allowed.sub.html b/content-security-policy/connect-src/connect-src-beacon-allowed.sub.html
similarity index 73%
rename from content-security-policy/blink-contrib/connect-src-beacon-allowed.sub.html
rename to content-security-policy/connect-src/connect-src-beacon-allowed.sub.html
index 2beb00d..a60c120 100644
--- a/content-security-policy/blink-contrib/connect-src-beacon-allowed.sub.html
+++ b/content-security-policy/connect-src/connect-src-beacon-allowed.sub.html
@@ -3,6 +3,7 @@
<head>
<!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="connect-src 'self' http://{{host}}:{{ports[http][0]}}; script-src 'self' 'unsafe-inline';">
<title>connect-src-beacon-allowed</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
@@ -15,25 +16,23 @@
<body>
<script>
- if (typeof navigator.sendBeacon != 'function') {
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log("FAIL");
+ });
+
+ if (typeof navigator.sendBeacon != 'function') {
t_log.set_status(t_log.NOTRUN, "No navigator.sendBeacon, cannot run test.");
t_log.phase = t_log.phases.HAS_RESULT;
t_log.done();
+ log("Pass");
} else {
- try {
+ try {
var es = navigator.sendBeacon("http://{{host}}:{{ports[http][0]}}/cors/resources/status.py");
log("Pass");
} catch (e) {
log("Fail");
}
- var report = document.createElement("script");
- report.src = "../support/checkReport.sub.js?reportExists=false";
- report.async = true;
- report.defer = true;
- document.body.appendChild(report);
-
- }
-
+ }
</script>
<div id="log"></div>
</body>
diff --git a/content-security-policy/connect-src/connect-src-beacon-blocked.sub.html b/content-security-policy/connect-src/connect-src-beacon-blocked.sub.html
index c7f7e38..b4e4e54 100644
--- a/content-security-policy/connect-src/connect-src-beacon-blocked.sub.html
+++ b/content-security-policy/connect-src/connect-src-beacon-blocked.sub.html
@@ -1,27 +1,40 @@
<!DOCTYPE html>
-<meta http-equiv="Content-Security-Policy" content="connect-src 'self'">
-<script src="/resources/testharness.js"></script>
-<script src="/resources/testharnessreport.js"></script>
-<script>
- async_test(t => {
- document.addEventListener("securitypolicyviolation", t.step_func_done(e => {
- if (e.blockedURI != "http://{{domains[www]}}:{{ports[http][0]}}/common/text-plain.txt")
- return;
+<html>
- assert_equals(e.violatedDirective, "connect-src");
- }));
+<head>
+ <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="connect-src 'self'; script-src 'self' 'unsafe-inline';">
+ <title>connect-src-beacon-blocked</title>
+ <script src="/resources/testharness.js"></script>
+ <script src="/resources/testharnessreport.js"></script>
+ <script src='../support/logTest.sub.js?logs=["Pass", "violated-directive=connect-src"]'></script>
+ <script src="../support/alertAssert.sub.js?alerts=[]"></script>
+ <!-- enforcing policy:
+connect-src 'self' http://{{host}}:{{ports[http][0]}}; script-src 'self' 'unsafe-inline';
+-->
+</head>
- assert_true(navigator.sendBeacon("http://{{domains[www]}}:{{ports[http][0]}}/common/text-plain.txt"));
- }, "sendBeacon should not throw.");
+<body>
+ <script>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log("violated-directive=" + e.violatedDirective);
+ });
+
+ if (typeof navigator.sendBeacon != 'function') {
+ t_log.set_status(t_log.NOTRUN, "No navigator.sendBeacon, cannot run test.");
+ t_log.phase = t_log.phases.HAS_RESULT;
+ t_log.done();
+ log("Pass");
+ } else {
+ try {
+ var es = navigator.sendBeacon("http://www1.{{host}}:{{ports[http][0]}}/security/contentSecurityPolicy/echo-report.php");
+ log("Pass");
+ } catch (e) {
+ log("Fail");
+ }
+ }
+ </script>
+ <div id="log"></div>
+</body>
- async_test(t => {
- document.addEventListener("securitypolicyviolation", t.step_func_done(e => {
- if (e.blockedURI != "http://{{domains[www]}}:{{ports[http][0]}}/common/text-plain.txt")
- return;
-
- assert_equals(e.violatedDirective, "connect-src");
- }));
-
- assert_true(navigator.sendBeacon("common/redirect-opt-in.py?status=307&location=http://{{domains[www]}}:{{ports[http][0]}}/common/text-plain.txt"));
- }, "redirect case");
-</script>
+</html>
diff --git a/content-security-policy/blink-contrib/connect-src-beacon-redirect-to-blocked.sub.html b/content-security-policy/connect-src/connect-src-beacon-redirect-to-blocked.sub.html
similarity index 65%
rename from content-security-policy/blink-contrib/connect-src-beacon-redirect-to-blocked.sub.html
rename to content-security-policy/connect-src/connect-src-beacon-redirect-to-blocked.sub.html
index 3d03100..e2ce20b 100644
--- a/content-security-policy/blink-contrib/connect-src-beacon-redirect-to-blocked.sub.html
+++ b/content-security-policy/connect-src/connect-src-beacon-redirect-to-blocked.sub.html
@@ -3,14 +3,12 @@
<head>
<!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="connect-src 'self'; script-src 'self' 'unsafe-inline';">
<title>connect-src-beacon-redirect-to-blocked</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
- <script src="../support/logTest.sub.js?logs=[]"></script>
+ <script src='../support/logTest.sub.js?logs=["violated-directive=connect-src"]'></script>
<script src="../support/alertAssert.sub.js?alerts=[]"></script>
- <!-- enforcing policy:
-connect-src 'self'; script-src 'self' 'unsafe-inline';
--->
<script></script>
</head>
@@ -18,8 +16,12 @@
<p>The beacon should not follow the redirect to http://www1.{{host}}:{{ports[http][0]}}/content-security-policy/support/fail.png and send a CSP violation report.</p>
<p>Verify that a CSP connect-src directive blocks redirects.</p>
<script>
- if (typeof navigator.sendBeacon != 'function') {
- var t = async_test();
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log("violated-directive=" + e.violatedDirective);
+ });
+
+ if (typeof navigator.sendBeacon != 'function') {
+ var t = async_test();
t.set_status(t.NOTRUN, "No navigator.sendBeacon, cannot run test.");
t.phase = t.phases.HAS_RESULT;
t.done();
@@ -27,13 +29,7 @@
navigator.sendBeacon(
"/common/redirect.py?location=http://www1.{{host}}:{{ports[http][0]}}/content-security-policy/support/fail.png",
"ping");
- var report = document.createElement("script");
- report.src = "../support/checkReport.sub.js?reportExists=true&reportField=violated-directive&reportValue=connect-src%20'self'";
- report.async = true;
- report.defer = true;
- document.body.appendChild(report);
}
-
</script>
<div id="log"></div>
</body>
diff --git a/content-security-policy/blink-contrib/connect-src-eventsource-allowed.sub.html b/content-security-policy/connect-src/connect-src-eventsource-allowed.sub.html
similarity index 74%
rename from content-security-policy/blink-contrib/connect-src-eventsource-allowed.sub.html
rename to content-security-policy/connect-src/connect-src-eventsource-allowed.sub.html
index b3a65f1..247689c 100644
--- a/content-security-policy/blink-contrib/connect-src-eventsource-allowed.sub.html
+++ b/content-security-policy/connect-src/connect-src-eventsource-allowed.sub.html
@@ -3,18 +3,20 @@
<head>
<!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="connect-src 'self' http://{{host}}:{{ports[http][0]}}; script-src 'self' 'unsafe-inline';">
<title>connect-src-eventsource-allowed</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src='../support/logTest.sub.js?logs=["Pass"]'></script>
<script src="../support/alertAssert.sub.js?alerts=[]"></script>
- <!-- enforcing policy:
-connect-src 'self' http://{{host}}:{{ports[http][0]}}; script-src 'self' 'unsafe-inline';
--->
</head>
<body>
<script>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log("FAIL");
+ });
+
try {
var es = new EventSource("http://{{host}}:{{ports[http][0]}}/content-security-policy/blink-contrib/resources/simple-event-stream");
log("Pass");
@@ -24,7 +26,6 @@
</script>
<div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=false"></script>
</body>
</html>
diff --git a/content-security-policy/connect-src/connect-src-eventsource-blocked.sub.html b/content-security-policy/connect-src/connect-src-eventsource-blocked.sub.html
index 4e74f05..35ee3a8 100644
--- a/content-security-policy/connect-src/connect-src-eventsource-blocked.sub.html
+++ b/content-security-policy/connect-src/connect-src-eventsource-blocked.sub.html
@@ -1,61 +1,39 @@
<!DOCTYPE html>
-<meta http-equiv="Content-Security-Policy" content="connect-src 'self'">
-<script src="/resources/testharness.js"></script>
-<script src="/resources/testharnessreport.js"></script>
-<script>
- async_test(t => {
- var errorEvent = false;
- var cspEvent = false;
+<html>
- var es = new EventSource("http://{{domains[www]}}:{{ports[http][0]}}/common/text-plain.txt");
- es.onerror = t.step_func(e => {
- assert_equals(es.readyState, EventSource.CLOSED);
+<head>
+ <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="connect-src 'self'; script-src 'self' 'unsafe-inline';">
+ <title>connect-src-eventsource-blocked</title>
+ <script src="/resources/testharness.js"></script>
+ <script src="/resources/testharnessreport.js"></script>
+ <script src='../support/logTest.sub.js?logs=["Pass","violated-directive=connect-src"]'></script>
+ <script src="../support/alertAssert.sub.js?alerts=[]"></script>
+</head>
- assert_false(errorEvent);
- errorEvent = true;
- if (cspEvent)
- t.done();
- });
+<body>
+ <script>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log("violated-directive=" + e.violatedDirective);
+ });
+
+ try {
+ var es = new EventSource("http://www1.{{host}}:{{ports[http][0]}}/content-security-policy/blink-contrib/resources/simple-event-stream");
+ // Firefox doesn't throw an exception and takes some time to close async
+ if (es.readyState == EventSource.CONNECTING) {
+ setTimeout( function() {
+ es.readyState != EventSource.CLOSED ? log("Fail") : log("Pass");
+ }, 2);
+ } else if (es.readyState == EventSource.CLOSED) {
+ log("Pass");
+ } else {
+ log("Fail");
+ }
+ } catch (e) {
+ log("Pass");
+ }
+ </script>
+ <div id="log"></div>
+</body>
- document.addEventListener("securitypolicyviolation", t.step_func(e => {
- if (e.blockedURI != "http://{{domains[www]}}:{{ports[http][0]}}/common/text-plain.txt")
- return;
-
- assert_equals(es.readyState, EventSource.CLOSED);
- assert_equals(e.violatedDirective, "connect-src");
-
- assert_false(cspEvent);
- cspEvent = true;
- if (errorEvent)
- t.done();
- }));
- }, "EventSource should fire onerror.");
-
- async_test(t => {
- var errorEvent = false;
- var cspEvent = false;
-
- var es = new EventSource("http://{{domains[www]}}:{{ports[http][0]}}/common/text-plain.txt");
- es.onerror = t.step_func(e => {
- assert_equals(es.readyState, EventSource.CLOSED);
-
- assert_false(errorEvent);
- errorEvent = true;
- if (cspEvent)
- t.done();
- });
-
- document.addEventListener("securitypolicyviolation", t.step_func(e => {
- if (e.blockedURI != "http://{{domains[www]}}:{{ports[http][0]}}/common/text-plain.txt")
- return;
-
- assert_equals(es.readyState, EventSource.CLOSED);
- assert_equals(e.violatedDirective, "connect-src");
-
- assert_false(cspEvent);
- cspEvent = true;
- if (errorEvent)
- t.done();
- }));
- }, "EventSource should fire onerror.");
-
+</html>
diff --git a/content-security-policy/blink-contrib/connect-src-eventsource-redirect-to-blocked.sub.html b/content-security-policy/connect-src/connect-src-eventsource-redirect-to-blocked.sub.html
similarity index 72%
rename from content-security-policy/blink-contrib/connect-src-eventsource-redirect-to-blocked.sub.html
rename to content-security-policy/connect-src/connect-src-eventsource-redirect-to-blocked.sub.html
index a3ba4ba..92960a9 100644
--- a/content-security-policy/blink-contrib/connect-src-eventsource-redirect-to-blocked.sub.html
+++ b/content-security-policy/connect-src/connect-src-eventsource-redirect-to-blocked.sub.html
@@ -3,19 +3,21 @@
<head>
<!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="connect-src 'self' http://{{host}}:{{ports[http][0]}}/security/contentSecurityPolicy/resources/redir.php; script-src 'self' 'unsafe-inline';">
<title>connect-src-eventsource-redirect-to-blocked</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
- <script src='../support/logTest.sub.js?logs=["PASS EventSource() did not follow the disallowed redirect.","TEST COMPLETE"]'></script>
+ <script src='../support/logTest.sub.js?logs=["PASS EventSource() did not follow the disallowed redirect.","TEST COMPLETE", "violated-directive=connect-src"]'></script>
<script src="../support/alertAssert.sub.js?alerts=[]"></script>
- <!-- enforcing policy:
-connect-src 'self'; script-src 'self' 'unsafe-inline';
--->
<script></script>
</head>
<body>
<script>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log("violated-directive=" + e.violatedDirective);
+ });
+
var es;
try {
es = new EventSource("/common/redirect.py?location= http://www.{{host}}:{{ports[http][0]}}/content-security-policy/blink-contrib/resources/simple-event-stream");
@@ -33,7 +35,6 @@
</script>
<div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=true&reportField=violated-directive&reportValue=connect-src%20'self'/security/contentSecurityPolicy/resources/redir.php"></script>
</body>
</html>
diff --git a/content-security-policy/blink-contrib/connect-src-websocket-allowed.sub.html b/content-security-policy/connect-src/connect-src-websocket-allowed.sub.html
similarity index 72%
rename from content-security-policy/blink-contrib/connect-src-websocket-allowed.sub.html
rename to content-security-policy/connect-src/connect-src-websocket-allowed.sub.html
index 4e8499b..6216444 100644
--- a/content-security-policy/blink-contrib/connect-src-websocket-allowed.sub.html
+++ b/content-security-policy/connect-src/connect-src-websocket-allowed.sub.html
@@ -3,18 +3,20 @@
<head>
<!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="connect-src 'self' ws://127.0.0.1:8880; script-src 'self' 'unsafe-inline';">
<title>connect-src-websocket-allowed</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src='../support/logTest.sub.js?logs=["Pass"]'></script>
<script src="../support/alertAssert.sub.js?alerts=[]"></script>
- <!-- enforcing policy:
-connect-src 'self' ws://127.0.0.1:8880; script-src 'self' 'unsafe-inline';
--->
</head>
<body>
<script>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log("Fail");
+ });
+
try {
var ws = new WebSocket("ws://127.0.0.1:8880/echo");
log("Pass");
@@ -24,7 +26,6 @@
</script>
<div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=false"></script>
</body>
</html>
diff --git a/content-security-policy/connect-src/connect-src-websocket-blocked.sub.html b/content-security-policy/connect-src/connect-src-websocket-blocked.sub.html
index cb8e0ec..249c7a3 100644
--- a/content-security-policy/connect-src/connect-src-websocket-blocked.sub.html
+++ b/content-security-policy/connect-src/connect-src-websocket-blocked.sub.html
@@ -1,34 +1,31 @@
<!DOCTYPE html>
-<meta http-equiv="Content-Security-Policy" content="connect-src 'self'">
-<script src="/resources/testharness.js"></script>
-<script src="/resources/testharnessreport.js"></script>
-<script>
- async_test(t => {
- var errorEvent = false;
- var cspEvent = false;
+<html>
- var ws = new WebSocket("ws://{{domains[www]}}:{{ports[ws][0]}}/echo");
- ws.onopen = t.unreached_func("open should not fire.");
- ws.onerror = t.step_func(e => {
- assert_equals(ws.readyState, WebSocket.CLOSED);
+<head>
+ <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="connect-src 'self' ws://127.0.0.1:8880; script-src 'self' 'unsafe-inline';">
+ <title>connect-src-websocket-blocked</title>
+ <script src="/resources/testharness.js"></script>
+ <script src="/resources/testharnessreport.js"></script>
+ <script src='../support/logTest.sub.js?logs=["Pass","violated-directive=connect-src"]'></script>
+ <script src="../support/alertAssert.sub.js?alerts=[]"></script>
+</head>
- assert_false(errorEvent);
- errorEvent = true;
- if (cspEvent)
- t.done();
- });
+<body>
+ <script>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log("violated-directive=" + e.violatedDirective);
+ });
- document.addEventListener("securitypolicyviolation", t.step_func(e => {
- if (e.blockedURI != "ws://{{domains[www]}}:{{ports[ws][0]}}")
- return;
+ try {
+ var ws = new WebSocket("ws://localhost:8880/echo");
+ log("Fail");
+ } catch (e) {
+ log("Pass");
+ }
- assert_equals(ws.readyState, WebSocket.CLOSED);
- assert_equals(e.violatedDirective, "connect-src");
+ </script>
+ <div id="log"></div>
+</body>
- assert_false(cspEvent);
- cspEvent = true;
- if (errorEvent)
- t.done();
- }));
- }, "WebSocket should fire error event.");
-</script>
+</html>
diff --git a/content-security-policy/blink-contrib/connect-src-xmlhttprequest-allowed.sub.html b/content-security-policy/connect-src/connect-src-xmlhttprequest-allowed.sub.html
similarity index 74%
rename from content-security-policy/blink-contrib/connect-src-xmlhttprequest-allowed.sub.html
rename to content-security-policy/connect-src/connect-src-xmlhttprequest-allowed.sub.html
index a2ad121..bde5eee 100644
--- a/content-security-policy/blink-contrib/connect-src-xmlhttprequest-allowed.sub.html
+++ b/content-security-policy/connect-src/connect-src-xmlhttprequest-allowed.sub.html
@@ -3,18 +3,20 @@
<head>
<!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="connect-src 'self' http://{{host}}:{{ports[http][0]}}; script-src 'self' 'unsafe-inline';">
<title>connect-src-xmlhttprequest-allowed</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src='../support/logTest.sub.js?logs=["Pass"]'></script>
<script src="../support/alertAssert.sub.js?alerts=[]"></script>
- <!-- enforcing policy:
-connect-src 'self' http://{{host}}:{{ports[http][0]}}; script-src 'self' 'unsafe-inline';
--->
</head>
<body>
<script>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log("Fail");
+ });
+
try {
var xhr = new XMLHttpRequest;
xhr.open("GET", "http://{{host}}:{{ports[http][0]}}/xmlhttprequest/resources/get.txt", true);
@@ -25,7 +27,6 @@
</script>
<div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=false"></script>
</body>
</html>
diff --git a/content-security-policy/connect-src/connect-src-xmlhttprequest-blocked.sub.html b/content-security-policy/connect-src/connect-src-xmlhttprequest-blocked.sub.html
index 3e8f66c..f421590 100644
--- a/content-security-policy/connect-src/connect-src-xmlhttprequest-blocked.sub.html
+++ b/content-security-policy/connect-src/connect-src-xmlhttprequest-blocked.sub.html
@@ -1,69 +1,38 @@
<!DOCTYPE html>
-<meta http-equiv="Content-Security-Policy" content="connect-src 'self'">
-<script src="/resources/testharness.js"></script>
-<script src="/resources/testharnessreport.js"></script>
-<script>
- async_test(t => {
- var errorEvent = false;
- var cspEvent = false;
+<html>
- var xhr = new XMLHttpRequest;
- xhr.open("GET", "http://{{domains[www]}}:{{ports[http][0]}}/common/text-plain.txt");
- xhr.onload = t.unreached_func("Load should not fire.");
- xhr.onerror = t.step_func(e => {
- assert_equals(xhr.readyState, XMLHttpRequest.DONE);
+<head>
+ <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="connect-src 'self'; script-src 'self' 'unsafe-inline';">
+ <title>connect-src-xmlhttprequest-blocked</title>
+ <script src="/resources/testharness.js"></script>
+ <script src="/resources/testharnessreport.js"></script>
+ <script src='../support/logTest.sub.js?logs=["Pass","violated-directive=connect-src"]'></script>
+ <script src="../support/alertAssert.sub.js?alerts=[]"></script>
+</head>
- assert_false(errorEvent);
- errorEvent = true;
- if (cspEvent)
- t.done();
- });
+<body>
+ <script>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log("violated-directive=" + e.violatedDirective);
+ });
- document.addEventListener("securitypolicyviolation", t.step_func(e => {
- if (e.blockedURI != "http://{{domains[www]}}:{{ports[http][0]}}/common/text-plain.txt")
- return;
+ try {
+ var xhr = new XMLHttpRequest;
+ xhr.open("GET", "http://www1.{{host}}:{{ports[http][0]}}/content-security-policy/support/fail.png", true);
+ xhr.send();
+ xhr.onload = function() {
+ log("Fail");
+ }
+ xhr.onerror = function() {
+ log("Pass");
+ }
+ } catch (e) {
+ log("Pass");
+ }
- assert_equals(xhr.readyState, XMLHttpRequest.DONE);
- assert_equals(e.violatedDirective, "connect-src");
+ </script>
+ <div id="log"></div>
+</body>
- assert_false(cspEvent);
- cspEvent = true;
- if (errorEvent)
- t.done();
- }));
-
- xhr.send();
- }, "XHR should fire onerror.");
-
- async_test(t => {
- var errorEvent = false;
- var cspEvent = false;
-
- var xhr = new XMLHttpRequest;
- xhr.open("GET", "/common/redirect-opt-in.py?status=307&location=http://{{domains[www]}}:{{ports[http][0]}}/common/text-plain.txt");
- xhr.onload = t.unreached_func("Load should not fire.");
- xhr.onerror = t.step_func(e => {
- assert_equals(xhr.readyState, XMLHttpRequest.DONE);
-
- assert_false(errorEvent);
- errorEvent = true;
- if (cspEvent)
- t.done();
- });
-
- document.addEventListener("securitypolicyviolation", t.step_func(e => {
- if (e.blockedURI != "http://{{domains[www]}}:{{ports[http][0]}}")
- return;
-
- assert_equals(xhr.readyState, XMLHttpRequest.DONE);
- assert_equals(e.violatedDirective, "connect-src");
-
- assert_false(cspEvent);
- cspEvent = true;
- if (errorEvent)
- t.done();
- }));
-
- xhr.send();
- }, "XHR should fire onerror after a redirect.");
-</script>
+</html>
diff --git a/content-security-policy/blink-contrib/connect-src-xmlhttprequest-redirect-to-blocked.sub.html b/content-security-policy/connect-src/connect-src-xmlhttprequest-redirect-to-blocked.sub.html
similarity index 82%
rename from content-security-policy/blink-contrib/connect-src-xmlhttprequest-redirect-to-blocked.sub.html
rename to content-security-policy/connect-src/connect-src-xmlhttprequest-redirect-to-blocked.sub.html
index 6fc0769..429e463 100644
--- a/content-security-policy/blink-contrib/connect-src-xmlhttprequest-redirect-to-blocked.sub.html
+++ b/content-security-policy/connect-src/connect-src-xmlhttprequest-redirect-to-blocked.sub.html
@@ -3,19 +3,21 @@
<head>
<!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="connect-src 'self'; script-src 'self' 'unsafe-inline';">
<title>connect-src-xmlhttprequest-redirect-to-blocked</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
- <script src='../support/logTest.sub.js?logs=["PASS XMLHttpRequest.send() did not follow the disallowed redirect.","TEST COMPLETE"]'></script>
+ <script src='../support/logTest.sub.js?logs=["PASS XMLHttpRequest.send() did not follow the disallowed redirect.","TEST COMPLETE","violated-directive=connect-src"]'></script>
<script src="../support/alertAssert.sub.js?alerts=[]"></script>
- <!-- enforcing policy:
-connect-src 'self'; script-src 'self' 'unsafe-inline';
--->
<script id="inject_here"></script>
</head>
<body>
<script>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log("violated-directive=" + e.violatedDirective);
+ });
+
var xhr = new XMLHttpRequest;
try {
xhr.open("GET", "/common/redirect.py?location=http://www1.{{host}}:{{ports[http][0]}}/content-security-policy/support/fail.asis", true);
@@ -39,7 +41,6 @@
</script>
<div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=true&reportField=violated-directive&reportValue=connect-src%20'self'/security/contentSecurityPolicy/resources/redir.php"></script>
</body>
</html>
diff --git a/content-security-policy/blink-contrib/resources/worker-make-xhr-blocked.sub.js b/content-security-policy/connect-src/support/worker-make-xhr-blocked.sub.js
similarity index 100%
rename from content-security-policy/blink-contrib/resources/worker-make-xhr-blocked.sub.js
rename to content-security-policy/connect-src/support/worker-make-xhr-blocked.sub.js
diff --git a/content-security-policy/blink-contrib/resources/worker-make-xhr-blocked.sub.js.sub.headers b/content-security-policy/connect-src/support/worker-make-xhr-blocked.sub.js.sub.headers
similarity index 100%
rename from content-security-policy/blink-contrib/resources/worker-make-xhr-blocked.sub.js.sub.headers
rename to content-security-policy/connect-src/support/worker-make-xhr-blocked.sub.js.sub.headers
diff --git a/content-security-policy/blink-contrib/resources/worker-make-xhr.sub.js b/content-security-policy/connect-src/support/worker-make-xhr.sub.js
similarity index 100%
rename from content-security-policy/blink-contrib/resources/worker-make-xhr.sub.js
rename to content-security-policy/connect-src/support/worker-make-xhr.sub.js
diff --git a/content-security-policy/connect-src/worker-connect-src-allowed.sub.html b/content-security-policy/connect-src/worker-connect-src-allowed.sub.html
new file mode 100644
index 0000000..5a5e29f
--- /dev/null
+++ b/content-security-policy/connect-src/worker-connect-src-allowed.sub.html
@@ -0,0 +1,34 @@
+<!DOCTYPE html>
+<html>
+
+<head>
+ <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="connect-src 'self'; script-src 'self' 'unsafe-inline';">
+ <title>worker-connect-src-allowed</title>
+ <script src="/resources/testharness.js"></script>
+ <script src="/resources/testharnessreport.js"></script>
+ <script src='../support/logTest.sub.js?logs=["xhr allowed"]'></script>
+ <script src='../support/alertAssert.sub.js?alerts=[]'></script>
+
+</head>
+
+<body>
+ <script>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log('Fail');
+ });
+
+ try {
+ var worker = new Worker('/content-security-policy/connect-src/support/worker-make-xhr.sub.js');
+ worker.onmessage = function(event) {
+ log(event.data);
+ };
+ } catch (e) {
+ log(e);
+ }
+
+ </script>
+ <div id="log"></div>
+</body>
+
+</html>
diff --git a/content-security-policy/connect-src/worker-connect-src-blocked.sub.html b/content-security-policy/connect-src/worker-connect-src-blocked.sub.html
new file mode 100644
index 0000000..a0ff32b
--- /dev/null
+++ b/content-security-policy/connect-src/worker-connect-src-blocked.sub.html
@@ -0,0 +1,38 @@
+<!DOCTYPE html>
+<html>
+
+<head>
+ <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="connect-src *; script-src 'self' 'unsafe-inline';">
+ <title>worker-connect-src-blocked</title>
+ <script src="/resources/testharness.js"></script>
+ <script src="/resources/testharnessreport.js"></script>
+ <script src='../support/logTest.sub.js?logs=["xhr blocked","TEST COMPLETE"]'></script>
+ <script src='../support/alertAssert.sub.js?alerts=[]'></script>
+</head>
+<p>This test loads a worker, which is delivered with its own
+ policy. The worker should be blocked from making an XHR
+ as that policy specifies a connect-src 'none', though
+ this resource's policy is connect-src *. No report
+ should be sent since the worker's policy doesn't specify
+ a report-uri.</p>
+<body>
+ <script>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log('Fail');
+ });
+
+ try {
+ var worker = new Worker('/content-security-policy/connect-src/support/worker-make-xhr-blocked.sub.js');
+ worker.onmessage = function(event) {
+ log(event.data);
+ };
+ } catch (e) {
+ log(e);
+ }
+
+ </script>
+ <div id="log"></div>
+</body>
+
+</html>
diff --git a/content-security-policy/blink-contrib/worker-from-guid.sub.html b/content-security-policy/connect-src/worker-from-guid.sub.html
similarity index 75%
rename from content-security-policy/blink-contrib/worker-from-guid.sub.html
rename to content-security-policy/connect-src/worker-from-guid.sub.html
index b290b82..6f74e4f 100644
--- a/content-security-policy/blink-contrib/worker-from-guid.sub.html
+++ b/content-security-policy/connect-src/worker-from-guid.sub.html
@@ -3,15 +3,12 @@
<head>
<!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="connect-src 'self'; script-src 'self' 'unsafe-inline' blob:;">
<title>worker-connect-src-blocked</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
- <script src="../support/logTest.sub.js?logs=[]"></script>
- <script src='../support/alertAssert.sub.js?alerts=["xhr blocked","TEST COMPLETE"]'></script>
- <!-- enforcing policy:
-connect-src 'self'; script-src 'self' 'unsafe-inline' blob:;
--->
-
+ <script src='../support/logTest.sub.js?logs=["violated-directive=connect-src","xhr blocked","TEST COMPLETE"]'></script>
+ <script src='../support/alertAssert.sub.js?alerts=[]'></script>
</head>
<p>This test loads a worker, from a guid.
The worker should be blocked from making an XHR
@@ -21,6 +18,9 @@
with this resource.</p>
<body>
<script>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log("violated-directive=" + e.violatedDirective);
+ });
try {
var blob = new Blob([
"var xhr = new XMLHttpRequest;" +
@@ -39,7 +39,7 @@
"try { " +
" xhr.open(" +
" 'GET'," +
- " 'http://www1.{{host}}:{{ports[http][0]}}/content-security-policy/support/fail.asis'," +
+ " 'http:///content-security-policy/support/fail.asis'," +
" true" +
" );" +
" xhr.send();" +
@@ -51,15 +51,14 @@
var url = URL.createObjectURL(blob);
var worker = new Worker(url);
worker.onmessage = function(event) {
- alert_assert(event.data);
+ log(event.data);
};
} catch (e) {
- alert_assert(e);
+ log(e);
}
</script>
<div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=true&reportField=violated-directive&reportValue=connect-src%20'self'"></script>
</body>
</html>
diff --git a/content-security-policy/blink-contrib/default-src-inline-allowed.sub.html b/content-security-policy/default-src/default-src-inline-allowed.sub.html
similarity index 65%
rename from content-security-policy/blink-contrib/default-src-inline-allowed.sub.html
rename to content-security-policy/default-src/default-src-inline-allowed.sub.html
index f585908..8f9bd81 100644
--- a/content-security-policy/blink-contrib/default-src-inline-allowed.sub.html
+++ b/content-security-policy/default-src/default-src-inline-allowed.sub.html
@@ -3,14 +3,17 @@
<head>
<!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <script>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log("FAIL");
+ });
+ </script>
+ <meta http-equiv="Content-Security-Policy" content="default-src 'self' about: 'unsafe-inline'; connect-src 'self';">
<title>default-src-inline-allowed</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="../support/logTest.sub.js?logs=[]"></script>
<script src='../support/alertAssert.sub.js?alerts=["PASS 1 of 2","PASS 2 of 2"]'></script>
- <!-- enforcing policy:
-default-src 'self' about: 'unsafe-inline'; script-src 'self' 'unsafe-inline'; connect-src 'self';
--->
</head>
<body onload="alert_assert('PASS 2 of 2')">
@@ -18,9 +21,8 @@
alert_assert('PASS 1 of 2');
</script>
- <!--iframe src="javascript:alert_assert('PASS 2 of 3')"></iframe-->
+ <!--iframe src="javascript:alert_assert('Fail')"></iframe-->
<div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=false"></script>
</body>
</html>
diff --git a/content-security-policy/default-src/default-src-inline-blocked.sub.html b/content-security-policy/default-src/default-src-inline-blocked.sub.html
new file mode 100644
index 0000000..8687355
--- /dev/null
+++ b/content-security-policy/default-src/default-src-inline-blocked.sub.html
@@ -0,0 +1,31 @@
+<!DOCTYPE html>
+<html>
+
+<head>
+ <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <script>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log("violated-directive=" + e.violatedDirective);
+ });
+ </script>
+ <meta http-equiv="Content-Security-Policy" content="default-src 'self'; connect-src 'self';">
+ <title>default-src-inline-blocked</title>
+ <script src="/resources/testharness.js"></script>
+ <script src="/resources/testharnessreport.js"></script>
+ <script src='../support/logTest.sub.js?logs=["violated-directive=script-src","violated-directive=script-src"]'></script>
+ <script src='../support/alertAssert.sub.js?alerts=[]'></script>
+</head>
+
+<body>
+ <p>This test passes if the inline scripts don't create failing tests and a CSP report is sent.</p>
+ <script>
+ test(function() {
+ assert_unreached('FAIL inline script ran')
+ });
+
+ </script>
+ <script src="../support/document-write-alert-fail.js"></script>
+ <div id="log"></div>
+</body>
+
+</html>
diff --git a/content-security-policy/blink-contrib-2/form-action-src-allowed.sub.html b/content-security-policy/form-action/form-action-src-allowed.sub.html
similarity index 77%
rename from content-security-policy/blink-contrib-2/form-action-src-allowed.sub.html
rename to content-security-policy/form-action/form-action-src-allowed.sub.html
index 19cf681..418d6f5 100644
--- a/content-security-policy/blink-contrib-2/form-action-src-allowed.sub.html
+++ b/content-security-policy/form-action/form-action-src-allowed.sub.html
@@ -3,15 +3,16 @@
<head>
<!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="form-action 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';">
<title>form-action-src-allowed</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src='../support/logTest.sub.js?logs=["PASS","TEST COMPLETE"]'></script>
<script src="../support/alertAssert.sub.js?alerts=[]"></script>
- <!-- enforcing policy:
-form-action 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
--->
<script>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log('Fail');
+ });
window.addEventListener("message", function(event) {
log(event.data);
}, false);
@@ -28,13 +29,12 @@
<body>
<iframe name="test_target" id="test_iframe"></iframe>
- <form action="/common/redirect.py?location=/content-security-policy/blink-contrib/resources/postmessage-pass.html" id="theform" method="post" target="test_target">
+ <form action="/common/redirect.py?location=/content-security-policy/support/postmessage-pass.html" id="theform" method="post" target="test_target">
<input type="text" name="fieldname" value="fieldvalue">
<input type="submit" id="submit" value="submit">
</form>
<p>Tests that allowed form actions work correctly.</p>
<div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=false"></script>
</body>
</html>
diff --git a/content-security-policy/blink-contrib-2/form-action-src-blocked.sub.html b/content-security-policy/form-action/form-action-src-blocked.sub.html
similarity index 70%
rename from content-security-policy/blink-contrib-2/form-action-src-blocked.sub.html
rename to content-security-policy/form-action/form-action-src-blocked.sub.html
index 0960a8a..a113d9a 100644
--- a/content-security-policy/blink-contrib-2/form-action-src-blocked.sub.html
+++ b/content-security-policy/form-action/form-action-src-blocked.sub.html
@@ -3,15 +3,16 @@
<head>
<!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="form-action 'none'; script-src 'self' 'unsafe-inline'; connect-src 'self';">
<title>form-action-src-blocked</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
- <script src='../support/logTest.sub.js?logs=["TEST COMPLETE"]'></script>
+ <script src='../support/logTest.sub.js?logs=["violated-directive=form-action","TEST COMPLETE"]'></script>
<script src="../support/alertAssert.sub.js?alerts=[]"></script>
- <!-- enforcing policy:
-form-action 'none'; script-src 'self' 'unsafe-inline'; connect-src 'self';
--->
<script>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log('violated-directive=' + e.violatedDirective);
+ });
window.addEventListener("message", function(event) {
alert_assert(event.data);
}, false);
@@ -27,13 +28,12 @@
<body>
<iframe name="test_target" id="test_iframe"></iframe>
- <form action="/common/redirect.py?location=/content-security-policy/blink-contrib/resources/postmessage-fail.html" id="theform" method="post" target="test_target">
+ <form action="/common/redirect.py?location=/content-security-policy/support/postmessage-fail.html" id="theform" method="post" target="test_target">
<input type="text" name="fieldname" value="fieldvalue">
<input type="submit" id="submit" value="submit">
</form>
<p>Tests that blocking form actions works correctly.</p>
<div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=true&reportField=violated-directive&reportValue=form-action%20'none'"></script>
</body>
diff --git a/content-security-policy/blink-contrib-2/form-action-src-default-ignored.sub.html b/content-security-policy/form-action/form-action-src-default-ignored.sub.html
similarity index 76%
rename from content-security-policy/blink-contrib-2/form-action-src-default-ignored.sub.html
rename to content-security-policy/form-action/form-action-src-default-ignored.sub.html
index 32823d6..58db5bf 100644
--- a/content-security-policy/blink-contrib-2/form-action-src-default-ignored.sub.html
+++ b/content-security-policy/form-action/form-action-src-default-ignored.sub.html
@@ -3,15 +3,16 @@
<head>
<!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="default-src 'none'; script-src 'self' 'unsafe-inline'; connect-src 'self'; style-src 'self'; frame-src 'self';">
<title>form-action-src-default-ignored</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src='../support/logTest.sub.js?logs=["PASS","TEST COMPLETE"]'></script>
<script src="../support/alertAssert.sub.js?alerts=[]"></script>
- <!-- enforcing policy:
-default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-inline'; connect-src 'self'; frame-src 'self';
--->
<script>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log('Fail');
+ });
window.addEventListener("message", function(event) {
log(event.data);
}, false);
@@ -28,13 +29,12 @@
<body>
<iframe name="test_target" id="test_iframe"></iframe>
- <form action="/common/redirect.py?location=/content-security-policy/blink-contrib/resources/postmessage-pass.html" id="theform" method="post" target="test_target">
+ <form action="/common/redirect.py?location=/content-security-policy/support/postmessage-pass.html" id="theform" method="post" target="test_target">
<input type="text" name="fieldname" value="fieldvalue">
<input type="submit" id="submit" value="submit">
</form>
<p>Tests that default-src does not cascade to form-action.</p>
<div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=false"></script>
</body>
</html>
diff --git a/content-security-policy/blink-contrib-2/form-action-src-get-allowed.sub.html b/content-security-policy/form-action/form-action-src-get-allowed.sub.html
similarity index 73%
rename from content-security-policy/blink-contrib-2/form-action-src-get-allowed.sub.html
rename to content-security-policy/form-action/form-action-src-get-allowed.sub.html
index a7d3e58..1dd7fbc 100644
--- a/content-security-policy/blink-contrib-2/form-action-src-get-allowed.sub.html
+++ b/content-security-policy/form-action/form-action-src-get-allowed.sub.html
@@ -3,15 +3,16 @@
<head>
<!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="form-action 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';">
<title>form-action-src-allowed</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src='../support/logTest.sub.js?logs=["PASS","TEST COMPLETE"]'></script>
<script src="../support/alertAssert.sub.js?alerts=[]"></script>
- <!-- enforcing policy:
-form-action 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
--->
<script>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log('Fail');
+ });
window.addEventListener("message", function(event) {
log(event.data);
}, false);
@@ -28,15 +29,13 @@
<body>
<iframe name="test_target" id="test_iframe"></iframe>
- <form action="/common/redirect.py" id="theform" method="get" target="test_target">
- <input type="text" name="location" value="/content-security-policy/blink-contrib/resources/postmessage-pass.html">
+ <form action="/content-security-policy/support/postmessage-pass.html" id="theform" method="get" target="test_target">
<input type="text" name="fieldname" value="fieldvalue">
<input type="submit" id="submit" value="submit">
</form>
<p>Tests that allowed form actions work correctly
with GET and a redirect.</p>
<div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=false"></script>
</body>
</html>
\ No newline at end of file
diff --git a/content-security-policy/blink-contrib-2/form-action-src-get-blocked.sub.html b/content-security-policy/form-action/form-action-src-get-blocked.sub.html
similarity index 67%
rename from content-security-policy/blink-contrib-2/form-action-src-get-blocked.sub.html
rename to content-security-policy/form-action/form-action-src-get-blocked.sub.html
index 0910eb4..638badc 100644
--- a/content-security-policy/blink-contrib-2/form-action-src-get-blocked.sub.html
+++ b/content-security-policy/form-action/form-action-src-get-blocked.sub.html
@@ -3,15 +3,16 @@
<head>
<!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="form-action 'none'; script-src 'self' 'unsafe-inline'; connect-src 'self';">
<title>form-action-src-allowed</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
- <script src='../support/logTest.sub.js?logs=["TEST COMPLETE"]'></script>
+ <script src='../support/logTest.sub.js?logs=["violated-directive=form-action","TEST COMPLETE"]'></script>
<script src="../support/alertAssert.sub.js?alerts=[]"></script>
- <!-- enforcing policy:
-form-action 'none'; script-src 'self' 'unsafe-inline'; connect-src 'self';
--->
<script>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log('violated-directive=' + e.violatedDirective);
+ });
window.addEventListener("message", function(event) {
alert_assert(event.data);
}, false);
@@ -28,15 +29,13 @@
<body>
<iframe name="test_target" id="test_iframe"></iframe>
- <form action="/common/redirect.py" id="theform" method="get" target="test_target">
- <input type="text" name="location" value="/content-security-policy/blink-contrib/resources/postmessage-fail.html">
+ <form action="/common/redirect.py?location=/content-security-policy/support/postmessage-fail.html" id="theform" method="get" target="test_target">
<input type="text" name="fieldname" value="fieldvalue">
<input type="submit" id="submit" value="submit">
</form>
<p>Tests that disallowed form actions are blocked
with GET and redirects.</p>
<div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=true&reportField=violated-directive&reportValue=form-action%20'none'
"></script>
</body>
diff --git a/content-security-policy/blink-contrib-2/form-action-src-javascript-blocked.sub.html b/content-security-policy/form-action/form-action-src-javascript-blocked.sub.html
similarity index 67%
rename from content-security-policy/blink-contrib-2/form-action-src-javascript-blocked.sub.html
rename to content-security-policy/form-action/form-action-src-javascript-blocked.sub.html
index c362ea6..6997ef6 100644
--- a/content-security-policy/blink-contrib-2/form-action-src-javascript-blocked.sub.html
+++ b/content-security-policy/form-action/form-action-src-javascript-blocked.sub.html
@@ -3,15 +3,16 @@
<head>
<!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="form-action 'none'; script-src 'self' 'nonce-noncynonce'; connect-src 'self';">
<title>form-action-src-javascript-blocked</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
- <script src='../support/logTest.sub.js?logs=["TEST COMPLETE"]'></script>
+ <script src='../support/logTest.sub.js?logs=["violated-directive=form-action","TEST COMPLETE"]'></script>
<script src="../support/alertAssert.sub.js?alerts=[]"></script>
- <!-- enforcing policy:
-form-action 'none'; script-src 'self' 'nonce-noncynonce'; connect-src 'self';
--->
<script nonce='noncynonce'>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log('violated-directive=' + e.violatedDirective);
+ });
window.addEventListener('load', function() {
setTimeout(function() {
document.getElementById('submit').click();
@@ -22,13 +23,12 @@
</head>
<body>
- <form action="javascript:alert_assert("FAIL!")" id="theform" method="post">
+ <form action="javascript:log("FAIL!")" id="theform" method="post">
<input type="text" name="fieldname" value="fieldvalue">
<input type="submit" id="submit" value="submit">
</form>
<p>Tests that blocking form actions works correctly. If this test passes, a CSP violation will be generated, and will not see a JavaScript alert.</p>
<div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=true"></script>
</body>
</html>
diff --git a/content-security-policy/form-action/form-action-src-javascript-blocked.sub.html.sub.headers b/content-security-policy/form-action/form-action-src-javascript-blocked.sub.html.sub.headers
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/content-security-policy/form-action/form-action-src-javascript-blocked.sub.html.sub.headers
diff --git a/content-security-policy/blink-contrib-2/form-action-src-redirect-blocked.sub.html b/content-security-policy/form-action/form-action-src-redirect-blocked.sub.html
similarity index 70%
rename from content-security-policy/blink-contrib-2/form-action-src-redirect-blocked.sub.html
rename to content-security-policy/form-action/form-action-src-redirect-blocked.sub.html
index e311817..86dfe7a 100644
--- a/content-security-policy/blink-contrib-2/form-action-src-redirect-blocked.sub.html
+++ b/content-security-policy/form-action/form-action-src-redirect-blocked.sub.html
@@ -3,15 +3,16 @@
<head>
<!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="form-action 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';">
<title>form-action-src-redirect-blocked</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
- <script src='../support/logTest.sub.js?logs=["TEST COMPLETE"]'></script>
+ <script src='../support/logTest.sub.js?logs=["violated-directive=form-action","TEST COMPLETE"]'></script>
<script src="../support/alertAssert.sub.js?alerts=[]"></script>
- <!-- enforcing policy:
-form-action 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
--->
<script>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log('violated-directive=' + e.violatedDirective);
+ });
window.addEventListener("message", function(event) {
alert_assert(event.data);
}, false);
@@ -29,13 +30,12 @@
<body>
<iframe name="test_target" id="test_iframe"></iframe>
- <form id="form1" action="/common/redirect.py?location=http://www1.{{host}}:{{ports[http][0]}}/content-security-policy/blink-contrib/resources/postmessage-fail.html" method="post" target="test_target">
+ <form id="form1" action="/common/redirect.py?location=http://{{domains[www1]}}:{{ports[http][0]}}/content-security-policy/support/postmessage-fail.html" method="post" target="test_target">
<input type="text" name="fieldname" value="fieldvalue">
<input type="submit" id="submit" value="submit">
</form>
<p>Tests that blocking a POST form with a redirect works correctly. If this test passes, a CSP violation will be generated.</p>
<div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=true&reportField=violated-directive&reportValue=form-action%20'self'"></script>
</body>
</html>
diff --git a/content-security-policy/frame-src/frame-src-about-blank-allowed-by-default.sub.html b/content-security-policy/frame-src/frame-src-about-blank-allowed-by-default.sub.html
new file mode 100644
index 0000000..8211d08
--- /dev/null
+++ b/content-security-policy/frame-src/frame-src-about-blank-allowed-by-default.sub.html
@@ -0,0 +1,32 @@
+<!DOCTYPE html>
+<html>
+
+<head>
+ <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="frame-src 'none'; object-src 'none'; script-src 'self' 'unsafe-inline'; connect-src 'self';">
+ <title>frame-src-about-blank-allowed-by-default</title>
+ <script src="/resources/testharness.js"></script>
+ <script src="/resources/testharnessreport.js"></script>
+ <script src='../support/logTest.sub.js?logs=["PASS"]'></script>
+ <script src="../support/alertAssert.sub.js?alerts=[]"></script>
+
+ <p>These frames should not be blocked by Content-Security-Policy.
+ It's pointless to block about:blank iframes because
+ blocking a frame just results in displaying about:blank anyway!
+ </p>
+ <script>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log("Fail");
+ });
+ </script>
+
+ <iframe src="about:blank"></iframe>
+ <object type="text/html" data="about:blank"></object>
+
+ <div id="log"></div>
+ <script>
+ log("PASS");
+ </script>
+</body>
+
+</html>
\ No newline at end of file
diff --git a/content-security-policy/frame-src/frame-src-about-blank-allowed-by-scheme.sub.html b/content-security-policy/frame-src/frame-src-about-blank-allowed-by-scheme.sub.html
new file mode 100644
index 0000000..ffa8638
--- /dev/null
+++ b/content-security-policy/frame-src/frame-src-about-blank-allowed-by-scheme.sub.html
@@ -0,0 +1,28 @@
+<!DOCTYPE html>
+<html>
+
+<head>
+ <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="frame-src about:; script-src 'self' 'unsafe-inline'; connect-src 'self';">
+ <title>frame-src-about-blank-allowed-by-scheme</title>
+ <script src="/resources/testharness.js"></script>
+ <script src="/resources/testharnessreport.js"></script>
+ <script src='../support/logTest.sub.js?logs=["PASS"]'></script>
+ <script src="../support/alertAssert.sub.js?alerts=[]"></script>
+
+ <p>This frame should not be blocked by Content-Security-Policy.
+ </p>
+ <script>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log("Fail");
+ });
+ </script>
+
+ <iframe src="about:blank"></iframe>
+ <div id="log"></div>
+ <script>
+ log("PASS");
+ </script>
+</body>
+
+</html>
\ No newline at end of file
diff --git a/content-security-policy/blink-contrib/frame-src-allowed.sub.html b/content-security-policy/frame-src/frame-src-allowed.sub.html
similarity index 82%
rename from content-security-policy/blink-contrib/frame-src-allowed.sub.html
rename to content-security-policy/frame-src/frame-src-allowed.sub.html
index 1d34679..470850d 100644
--- a/content-security-policy/blink-contrib/frame-src-allowed.sub.html
+++ b/content-security-policy/frame-src/frame-src-allowed.sub.html
@@ -3,10 +3,15 @@
<head>
<title>frame-src-allowed</title>
+ <meta http-equiv="Content-Security-Policy" content="frame-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';">
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src='../support/logTest.sub.js?logs=["PASS IFrame %231 generated a load event."]'></script>
<script>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log("Fail");
+ });
+
window.addEventListener("message", function(event) {
alert_assert(event.data);
}, false);
@@ -36,9 +41,6 @@
}
</script>
- <!-- enforcing policy:
-Content-Security-Policy: frame-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
--->
<p>
This iframe should be allowed.
</p>
@@ -55,9 +57,8 @@
</head>
<body>
- <iframe src="/content-security-policy/blink-contrib/resources/postmessage-pass.html" onload="loadEvent()"></iframe>
+ <iframe src="/content-security-policy/support/postmessage-pass.html" onload="loadEvent()"></iframe>
<div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=false"></script>
</body>
</html>
diff --git a/content-security-policy/blink-contrib/frame-src-blocked.sub.html b/content-security-policy/frame-src/frame-src-blocked.sub.html
similarity index 78%
rename from content-security-policy/blink-contrib/frame-src-blocked.sub.html
rename to content-security-policy/frame-src/frame-src-blocked.sub.html
index fe7555a..7dbe87b 100644
--- a/content-security-policy/blink-contrib/frame-src-blocked.sub.html
+++ b/content-security-policy/frame-src/frame-src-blocked.sub.html
@@ -3,11 +3,16 @@
<head>
<!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="frame-src 'none'; script-src 'self' 'unsafe-inline'; connect-src 'self';">
<title>frame-src-blocked</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
- <script src='../support/logTest.sub.js?logs=["PASS IFrame %231 generated a load event."]'></script>
+ <script src='../support/logTest.sub.js?logs=["PASS IFrame %231 generated a load event.","violated-directive=frame-src"]'></script>
<script>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log("violated-directive=" + e.violatedDirective);
+ });
+
window.addEventListener("message", function(event) {
alert_assert(event.data);
}, false);
@@ -34,9 +39,6 @@
}
</script>
- <!-- enforcing policy:
-frame-src 'none'; script-src 'self' 'unsafe-inline'; connect-src 'self';
--->
<p>
IFrames blocked by CSP should generate a 'load', not 'error' event, regardless of blocked state. This means they appear to be normal cross-origin loads, thereby not leaking URL information directly to JS.
</p>
@@ -53,9 +55,8 @@
</head>
<body>
- <iframe src="/content-security-policy/blink-contrib/resources/postmessage-fail.html" onload="loadEvent()" onerror="log('FAIL')"></iframe>
+ <iframe src="/content-security-policy/support/postmessage-fail.html" onload="loadEvent()" onerror="log('FAIL')"></iframe>
<div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=true&reportField=violated-directive&reportValue=frame-src%20'none'"></script>
</body>
</html>
diff --git a/content-security-policy/blink-contrib/frame-src-cross-origin-load.sub.html b/content-security-policy/frame-src/frame-src-cross-origin-load.sub.html
similarity index 74%
rename from content-security-policy/blink-contrib/frame-src-cross-origin-load.sub.html
rename to content-security-policy/frame-src/frame-src-cross-origin-load.sub.html
index 5238e7c..341262d 100644
--- a/content-security-policy/blink-contrib/frame-src-cross-origin-load.sub.html
+++ b/content-security-policy/frame-src/frame-src-cross-origin-load.sub.html
@@ -3,11 +3,16 @@
<head>
<!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="frame-src 'self' http://www1.{{host}}:{{ports[http][0]}}; script-src 'self' 'unsafe-inline'; connect-src 'self';">
<title>frame-src-cross-origin-load</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
- <script src='../support/logTest.sub.js?logs=["PASS IFrame %231 generated a load event.","PASS IFrame %232 generated a load event.","PASS IFrame %233 generated a load event."]'></script>
+ <script src='../support/logTest.sub.js?logs=["PASS IFrame %231 generated a load event.","PASS IFrame %232 generated a load event.","PASS IFrame %233 generated a load event.","violated-directive=frame-src"]'></script>
<script>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log("violated-directive=" + e.violatedDirective);
+ });
+
window.addEventListener("message", function(event) {
alert_assert(event.data);
}, false);
@@ -37,9 +42,7 @@
}
</script>
- <!-- enforcing policy:
-frame-src 'self' http://www1.{{host}}:{{ports[http][0]}}; script-src 'self' 'unsafe-inline'; connect-src 'self';
--->
+
<p>
IFrames blocked by CSP should generate a 'load', not 'error' event, regardless of blocked state. This means they appear to be normal cross-origin loads, thereby not leaking URL information directly to JS.
</p>
@@ -56,11 +59,10 @@
</head>
<body>
- <iframe src="resources/postmessage-pass.html" onload="loadEvent()"></iframe>
- <iframe src="http://www1.{{host}}:{{ports[http][0]}}/content-security-policy/blink-contrib/resources/postmessage-pass.html" onload="loadEvent()"></iframe>
- <iframe src="http://www2.{{host}}:{{ports[http][0]}}/content-security-policy/blink-contrib/resources/postmessage-fail.html" onload="loadEvent()" onerror="log('FAIL')"></iframe>
+ <iframe src="../support/postmessage-pass.html" onload="loadEvent()"></iframe>
+ <iframe src="http://www1.{{host}}:{{ports[http][0]}}/content-security-policy/support/postmessage-pass.html" onload="loadEvent()"></iframe>
+ <iframe src="http://www2.{{host}}:{{ports[http][0]}}/content-security-policy/support/postmessage-fail.html" onload="loadEvent()" onerror="log('FAIL')"></iframe>
<div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=true&reportField=violated-directive&reportValue=frame-src%20'self'http://www1.{{host}}:{{ports[http][0]}}"></script>
</body>
</html>
diff --git a/content-security-policy/blink-contrib/duplicate-directive.sub.html b/content-security-policy/generic/duplicate-directive.sub.html
similarity index 71%
rename from content-security-policy/blink-contrib/duplicate-directive.sub.html
rename to content-security-policy/generic/duplicate-directive.sub.html
index 4336b72..7810533 100644
--- a/content-security-policy/blink-contrib/duplicate-directive.sub.html
+++ b/content-security-policy/generic/duplicate-directive.sub.html
@@ -3,18 +3,17 @@
<head>
<!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="script-src 'self' 'unsafe-inline' 'unsafe-inline'; script-src 'none'; connect-src 'self';">
<title>duplicate-directive</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="../support/logTest.sub.js?logs=[]"></script>
<script src='../support/alertAssert.sub.js?alerts=["PASS (1/1)"]'></script>
- <!-- enforcing policy:
-script-src 'self' 'unsafe-inline' 'unsafe-inline'; script-src 'none'; connect-src 'self';
--->
-
<script>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ alert_assert("FAIL");
+ });
alert_assert('PASS (1/1)');
-
</script>
</head>
@@ -23,7 +22,6 @@
This tests the effect of duplicated directives. It passes if the alert_assert() is executed.
</p>
<div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=false"></script>
</body>
</html>
diff --git a/content-security-policy/blink-contrib/filesystem-urls-do-not-match-self.sub.html b/content-security-policy/generic/filesystem-urls-do-not-match-self.sub.html
similarity index 80%
rename from content-security-policy/blink-contrib/filesystem-urls-do-not-match-self.sub.html
rename to content-security-policy/generic/filesystem-urls-do-not-match-self.sub.html
index f9e814a..401b65a 100644
--- a/content-security-policy/blink-contrib/filesystem-urls-do-not-match-self.sub.html
+++ b/content-security-policy/generic/filesystem-urls-do-not-match-self.sub.html
@@ -3,14 +3,12 @@
<head>
<!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="script-src 'self' 'unsafe-inline'; connect-src 'self';">
<title>filesystem-urls-do-not-match-self</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
- <script src="../support/logTest.sub.js?logs=[]"></script>
+ <script src='../support/logTest.sub.js?logs=["violated-directive=script-src"]'></script>
<script src="../support/alertAssert.sub.js?alerts=[]"></script>
- <!-- enforcing policy:
-script-src 'self' 'unsafe-inline' 'self'; connect-src 'self';
--->
</head>
<body>
@@ -18,11 +16,16 @@
filesystem: URLs are same-origin with the page in which they were created, but explicitly do not match the 'self' or '*' source in CSP directives because they are more akin to 'unsafe-inline' content..
</p>
<script>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log("violated-directive=" + e.violatedDirective);
+ });
+
if(!window.webkitRequestFileSystem) {
t_log = async_test();
t_log.set_status(t_log.NOTRUN, "No filesystem:// support, cannot run test.");
t_log.phase = t_log.phases.HAS_RESULT;
t_log.done();
+ log("violated-directive=script-src"); // simulate needed logs to pass test
} else {
function fail() {
alert_assert("FAIL!");
@@ -46,11 +49,6 @@
});
});
});
- var s = document.createElement('script');
- s.async = true;
- s.defer = true;
- s.src = "../support/checkReport.sub.js?reportExists=true&reportField=violated-directive&reportValue=script-src%20'self'%20'unsafe-inline'%20'*'"
- document.lastChild.appendChild(s);
}
diff --git a/content-security-policy/blink-contrib/filesystem-urls-match-filesystem.sub.html b/content-security-policy/generic/filesystem-urls-match-filesystem.sub.html
similarity index 86%
rename from content-security-policy/blink-contrib/filesystem-urls-match-filesystem.sub.html
rename to content-security-policy/generic/filesystem-urls-match-filesystem.sub.html
index 99e8592..28cad3a 100644
--- a/content-security-policy/blink-contrib/filesystem-urls-match-filesystem.sub.html
+++ b/content-security-policy/generic/filesystem-urls-match-filesystem.sub.html
@@ -3,14 +3,12 @@
<head>
<!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="script-src 'self' 'unsafe-inline' filesystem:; connect-src 'self';">
<title>filesystem-urls-match-filesystem</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src='../support/logTest.sub.js?logs=["PASS (1/1)"]'></script>
<script src="../support/alertAssert.sub.js?alerts=[]"></script>
- <!-- enforcing policy:
-script-src 'self' 'unsafe-inline' 'unsafe-inline' 'self'; connect-src 'self';
--->
</head>
<body>
@@ -18,10 +16,15 @@
filesystem: URLs are same-origin with the page in which they were created, but explicitly do not match the 'self' or '*' source in CSP directives because they are more akin to 'unsafe-inline' content, but should match filesystem: source.
</p>
<script>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log("Fail");
+ });
+
if(!window.webkitRequestFileSystem) {
t_log.set_status(t_log.NOTRUN, "No filesystem:// support, cannot run test.");
t_log.phase = t_log.phases.HAS_RESULT;
t_log.done();
+ log("PASS (1/1)"); // simulate needed logs to pass test
} else {
function pass() {
log("PASS (1/1)");
@@ -45,11 +48,6 @@
});
});
});
- var s = document.createElement('script');
- s.async = true;
- s.defer = true;
- s.src = "../support/checkReport.sub.js?reportExists=false"
- document.lastChild.appendChild(s);
}
</script>
diff --git a/content-security-policy/generic/iframe-inside-csp.sub.html b/content-security-policy/generic/iframe-inside-csp.sub.html
new file mode 100644
index 0000000..cd402bd
--- /dev/null
+++ b/content-security-policy/generic/iframe-inside-csp.sub.html
@@ -0,0 +1,18 @@
+<html>
+<head>
+ <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="script-src 'self' 'unsafe-inline' 'self'; connect-src 'self';">
+ <script src="/resources/testharness.js"></script>
+ <script src="/resources/testharnessreport.js"></script>
+ <script src='../support/logTest.sub.js?logs=["PASS (1/2): Script can execute","PASS (2/2): Eval works"]'></script>
+ <script src='../support/alertAssert.sub.js?alerts=[]'></script>
+</head>
+<body>
+ <script>
+ window.onmessage = function(e) {
+ log(e.data);
+ }
+ </script>
+ <iframe src="support/sandboxed-eval.sub.html"></iframe>
+</body>
+</html>
\ No newline at end of file
diff --git a/content-security-policy/blink-contrib/iframe-inside-csp.sub.html.sub.headers b/content-security-policy/generic/iframe-inside-csp.sub.html.sub.headers
similarity index 100%
rename from content-security-policy/blink-contrib/iframe-inside-csp.sub.html.sub.headers
rename to content-security-policy/generic/iframe-inside-csp.sub.html.sub.headers
diff --git a/content-security-policy/generic/support/sandboxed-eval.sub.html b/content-security-policy/generic/support/sandboxed-eval.sub.html
new file mode 100644
index 0000000..9480e52
--- /dev/null
+++ b/content-security-policy/generic/support/sandboxed-eval.sub.html
@@ -0,0 +1,4 @@
+<script>
+ window.parent.postMessage('PASS (1/2): Script can execute', '*');
+ eval("window.parent.postMessage('PASS (2/2): Eval works', '*')");
+</script>
\ No newline at end of file
diff --git a/content-security-policy/generic/support/sandboxed-eval.sub.html.sub.headers b/content-security-policy/generic/support/sandboxed-eval.sub.html.sub.headers
new file mode 100644
index 0000000..c7e4e7c
--- /dev/null
+++ b/content-security-policy/generic/support/sandboxed-eval.sub.html.sub.headers
@@ -0,0 +1 @@
+Content-Security-Policy: sandbox allow-scripts
\ No newline at end of file
diff --git a/content-security-policy/img-src/icon-allowed.sub.html b/content-security-policy/img-src/icon-allowed.sub.html
new file mode 100644
index 0000000..7358944
--- /dev/null
+++ b/content-security-policy/img-src/icon-allowed.sub.html
@@ -0,0 +1,28 @@
+<!DOCTYPE html>
+<html>
+<head>
+ <meta http-equiv="Content-Security-Policy" content="img-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';">
+ <script src='/resources/testharness.js'></script>
+ <script src='/resources/testharnessreport.js'></script>
+</head>
+<body>
+ <p>Use callbacks to show that favicons are loaded as allowed by CSP when link tags are dynamically added to the page.</p>
+ <script>
+ var t = async_test("Test that image loads");
+ window.addEventListener("securitypolicyviolation", t.unreached_func("Should not have triggered any violation events"));
+
+ function createLink(rel, src) {
+ var link = document.createElement('link');
+ link.rel = rel;
+ link.href = src;
+ link.onload = t.done();
+ link.onerror = t.unreached_func('The image should have loaded');
+ document.body.appendChild(link);
+ }
+ window.addEventListener('DOMContentLoaded', function() {
+ createLink('icon', '../support/pass.png');
+ });
+
+ </script>
+</body>
+</html>
diff --git a/content-security-policy/img-src/icon-blocked.sub.html b/content-security-policy/img-src/icon-blocked.sub.html
new file mode 100644
index 0000000..42500fc
--- /dev/null
+++ b/content-security-policy/img-src/icon-blocked.sub.html
@@ -0,0 +1,33 @@
+<!DOCTYPE html>
+<html>
+<head>
+ <meta http-equiv="Content-Security-Policy" content="img-src 'none'; script-src 'self' 'unsafe-inline'; connect-src 'self';">
+ <script src='/resources/testharness.js'></script>
+ <script src='/resources/testharnessreport.js'></script>
+</head>
+<body>
+<p>Use callbacks to show that favicons are not loaded in violation of CSP when link tags are dynamically added to the page.</p>
+ <script>
+ var t = async_test("Test that image does not load");
+ var t_spv = async_test("Test that spv event is fired");
+ window.addEventListener("securitypolicyviolation", t_spv.step_func_done(function(e) {
+ assert_equals(e.violatedDirective, 'img-src');
+ assert_true(e.blockedURI.endsWith('/support/fail.png'));
+ }));
+
+ function createLink(rel, src) {
+ var link = document.createElement('link');
+ link.rel = rel;
+ link.href = src;
+ link.onerror = t.done();
+ link.onload = t.unreached_func('The image should not have loaded');
+ document.head.appendChild(link);
+ }
+ window.addEventListener('DOMContentLoaded', function() {
+ createLink('icon', '../support/fail.png');
+ });
+
+ </script>
+</body>
+
+</html>
diff --git a/content-security-policy/blink-contrib/combine-header-and-meta-policies.sub.html b/content-security-policy/meta/combine-header-and-meta-policies.sub.html
similarity index 86%
rename from content-security-policy/blink-contrib/combine-header-and-meta-policies.sub.html
rename to content-security-policy/meta/combine-header-and-meta-policies.sub.html
index 66b86f1..6e9e71d 100644
--- a/content-security-policy/blink-contrib/combine-header-and-meta-policies.sub.html
+++ b/content-security-policy/meta/combine-header-and-meta-policies.sub.html
@@ -7,7 +7,7 @@
<title>combine-header-and-meta-policies</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
- <script src='../support/logTest.sub.js?logs=["TEST COMPLETE"]'></script>
+ <script src='../support/logTest.sub.js?logs=["TEST COMPLETE", "violated-directive=img-src", "violated-directive=style-src"]'></script>
<script src="../support/alertAssert.sub.js?alerts=[]"></script>
<!-- enforcing multiple policies:
Content-Security-Policy: script-src 'self' 'unsafe-inline'; connect-src 'self'; style-src 'self'
@@ -20,6 +20,10 @@
style block from the header-supplied policy.</p>
<script>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log("violated-directive=" + e.violatedDirective);
+ });
+
var img = document.createElement('img');
img.src = '../support/fail.png';
img.onerror = function() {
@@ -45,7 +49,6 @@
</script>
<div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=true&reportField=violated-directive&reportValue=style-src%20'self'"></script>
</body>
</html>
diff --git a/content-security-policy/meta/combine-header-and-meta-policies.sub.html.sub.headers b/content-security-policy/meta/combine-header-and-meta-policies.sub.html.sub.headers
new file mode 100644
index 0000000..062d823
--- /dev/null
+++ b/content-security-policy/meta/combine-header-and-meta-policies.sub.html.sub.headers
@@ -0,0 +1,5 @@
+Expires: Mon, 26 Jul 1997 05:00:00 GMT
+Cache-Control: no-store, no-cache, must-revalidate
+Cache-Control: post-check=0, pre-check=0, false
+Pragma: no-cache
+Content-Security-Policy: script-src 'self' 'unsafe-inline'; connect-src 'self'; style-src 'self';
diff --git a/content-security-policy/script-src/injected-inline-script-allowed.sub.html b/content-security-policy/script-src/injected-inline-script-allowed.sub.html
new file mode 100644
index 0000000..5a8cdec
--- /dev/null
+++ b/content-security-policy/script-src/injected-inline-script-allowed.sub.html
@@ -0,0 +1,24 @@
+<!DOCTYPE html>
+<html>
+
+<head>
+ <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="script-src 'self' 'unsafe-inline'; connect-src 'self'">
+ <title>injected-inline-script-allowed</title>
+ <script src="/resources/testharness.js"></script>
+ <script src="/resources/testharnessreport.js"></script>
+ <script src='../support/logTest.sub.js?logs=["Pass 1 of 2","Pass 2 of 2"]'></script>
+ <script src='../support/alertAssert.sub.js?alerts=[]'></script>
+</head>
+
+<body>
+ <script>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log("Fail");
+ });
+ </script>
+ <script src="support/inject-script.js"></script>
+ <div id="log"></div>
+</body>
+
+</html>
diff --git a/content-security-policy/script-src/injected-inline-script-blocked.sub.html b/content-security-policy/script-src/injected-inline-script-blocked.sub.html
new file mode 100644
index 0000000..07e2ae2
--- /dev/null
+++ b/content-security-policy/script-src/injected-inline-script-blocked.sub.html
@@ -0,0 +1,24 @@
+<!DOCTYPE html>
+<html>
+
+<head>
+ <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="script-src 'self' 'nonce-abc'; connect-src 'self';">
+ <title>injected-inline-script-blocked</title>
+ <script nonce='abc' src="/resources/testharness.js"></script>
+ <script nonce='abc' src="/resources/testharnessreport.js"></script>
+ <script nonce='abc' src='../support/logTest.sub.js?logs=["violated-directive=script-src",]'></script>
+ <script nonce='abc' src='../support/alertAssert.sub.js?alerts=[]'></script>
+</head>
+
+<body>
+ <script nonce='abc'>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log("violated-directive=" + e.violatedDirective);
+ });
+ </script>
+ <script src="support/inject-script.js"></script>
+ <div id="log"></div>
+</body>
+
+</html>
diff --git a/content-security-policy/script-src/support/inject-script.js b/content-security-policy/script-src/support/inject-script.js
new file mode 100644
index 0000000..c04033c
--- /dev/null
+++ b/content-security-policy/script-src/support/inject-script.js
@@ -0,0 +1,5 @@
+document.write("<script>log('Pass 1 of 2');</script>");
+
+var s = document.createElement('script');
+s.textContent = "log('Pass 2 of 2');";
+document.body.appendChild(s);
diff --git a/content-security-policy/blink-contrib/resources/post-message.js b/content-security-policy/script-src/support/post-message.js
similarity index 100%
rename from content-security-policy/blink-contrib/resources/post-message.js
rename to content-security-policy/script-src/support/post-message.js
diff --git a/content-security-policy/blink-contrib/resources/worker-eval.js b/content-security-policy/script-src/support/worker-eval.js
similarity index 100%
rename from content-security-policy/blink-contrib/resources/worker-eval.js
rename to content-security-policy/script-src/support/worker-eval.js
diff --git a/content-security-policy/blink-contrib/resources/worker-eval.js.sub.headers b/content-security-policy/script-src/support/worker-eval.js.sub.headers
similarity index 100%
rename from content-security-policy/blink-contrib/resources/worker-eval.js.sub.headers
rename to content-security-policy/script-src/support/worker-eval.js.sub.headers
diff --git a/content-security-policy/blink-contrib/resources/worker-function-function.js b/content-security-policy/script-src/support/worker-function-function.js
similarity index 100%
rename from content-security-policy/blink-contrib/resources/worker-function-function.js
rename to content-security-policy/script-src/support/worker-function-function.js
diff --git a/content-security-policy/blink-contrib/resources/worker-function-function.js.sub.headers b/content-security-policy/script-src/support/worker-function-function.js.sub.headers
similarity index 100%
rename from content-security-policy/blink-contrib/resources/worker-function-function.js.sub.headers
rename to content-security-policy/script-src/support/worker-function-function.js.sub.headers
diff --git a/content-security-policy/blink-contrib/resources/worker-importscripts.js b/content-security-policy/script-src/support/worker-importscripts.js
similarity index 100%
rename from content-security-policy/blink-contrib/resources/worker-importscripts.js
rename to content-security-policy/script-src/support/worker-importscripts.js
diff --git a/content-security-policy/blink-contrib/resources/worker-importscripts.js.sub.headers b/content-security-policy/script-src/support/worker-importscripts.js.sub.headers
similarity index 100%
rename from content-security-policy/blink-contrib/resources/worker-importscripts.js.sub.headers
rename to content-security-policy/script-src/support/worker-importscripts.js.sub.headers
diff --git a/content-security-policy/blink-contrib/resources/worker-set-timeout.js b/content-security-policy/script-src/support/worker-set-timeout.js
similarity index 100%
rename from content-security-policy/blink-contrib/resources/worker-set-timeout.js
rename to content-security-policy/script-src/support/worker-set-timeout.js
diff --git a/content-security-policy/blink-contrib/resources/worker-set-timeout.js.sub.headers b/content-security-policy/script-src/support/worker-set-timeout.js.sub.headers
similarity index 100%
rename from content-security-policy/blink-contrib/resources/worker-set-timeout.js.sub.headers
rename to content-security-policy/script-src/support/worker-set-timeout.js.sub.headers
diff --git a/content-security-policy/script-src/worker-eval-blocked.sub.html b/content-security-policy/script-src/worker-eval-blocked.sub.html
new file mode 100644
index 0000000..9a264f2
--- /dev/null
+++ b/content-security-policy/script-src/worker-eval-blocked.sub.html
@@ -0,0 +1,38 @@
+<!DOCTYPE html>
+<html>
+
+<head>
+ <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="script-src 'self' 'unsafe-inline'; connect-src 'self';">
+ <title>worker-eval-blocked</title>
+ <script src="/resources/testharness.js"></script>
+ <script src="/resources/testharnessreport.js"></script>
+ <script src='../support/logTest.sub.js?logs=["eval blocked"]'></script>
+ <script src='../support/alertAssert.sub.js?alerts=[]'></script>
+</head>
+
+<body>
+ <p>This test loads a worker, delivered with its own policy.
+ The eval() call in the worker should be forbidden by that
+ policy. No report should be generated because the worker
+ policy does not set a report-uri (although this parent
+ resource does).</p>
+ <script>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log('Fail');
+ });
+
+ try {
+ var worker = new Worker('/content-security-policy/script-src/support/worker-eval.js');
+ worker.onmessage = function(event) {
+ log(event.data);
+ };
+ } catch (e) {
+ log(e);
+ }
+
+ </script>
+ <div id="log"></div>
+</body>
+
+</html>
diff --git a/content-security-policy/script-src/worker-function-function-blocked.sub.html b/content-security-policy/script-src/worker-function-function-blocked.sub.html
new file mode 100644
index 0000000..8c1df9f
--- /dev/null
+++ b/content-security-policy/script-src/worker-function-function-blocked.sub.html
@@ -0,0 +1,37 @@
+<!DOCTYPE html>
+<html>
+
+<head>
+ <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="script-src 'self' 'unsafe-inline'; connect-src 'self';">
+ <title>worker-function-function-blocked</title>
+ <script src="/resources/testharness.js"></script>
+ <script src="/resources/testharnessreport.js"></script>
+ <script src='../support/logTest.sub.js?logs=["Function() function blocked"]'></script>
+ <script src='../support/alertAssert.sub.js?alerts=[]'></script>
+</head>
+
+<body>
+ <p>This test loads a worker, delivered with its own policy.
+ The Function constructor should be forbidden by that
+ policy. No report should be generated because the worker
+ policy does not set a report-uri (although this parent
+ resource does).</p>
+ <script>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log('Fail');
+ });
+ try {
+ var worker = new Worker('/content-security-policy/script-src/support/worker-function-function.js');
+ worker.onmessage = function(event) {
+ log(event.data);
+ };
+ } catch (e) {
+ log(e);
+ }
+
+ </script>
+ <div id="log"></div>
+</body>
+
+</html>
diff --git a/content-security-policy/blink-contrib/worker-importscripts-blocked.sub.html b/content-security-policy/script-src/worker-importscripts-blocked.sub.html
similarity index 70%
rename from content-security-policy/blink-contrib/worker-importscripts-blocked.sub.html
rename to content-security-policy/script-src/worker-importscripts-blocked.sub.html
index 9ec49c0..2890613 100644
--- a/content-security-policy/blink-contrib/worker-importscripts-blocked.sub.html
+++ b/content-security-policy/script-src/worker-importscripts-blocked.sub.html
@@ -3,23 +3,22 @@
<head>
<!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self';">
<title>worker-importscripts-blocked</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src='../support/logTest.sub.js?logs=["TEST COMPLETE"]'></script>
<script src="../support/alertAssert.sub.js?alerts=[]"></script>
- <!-- enforcing policy:
-script-src 'self' 'unsafe-inline' 'unsafe-eval' 'unsafe-inline' 127.0.0.1:8000; connect-src 'self';
--->
- <script></script>
</head>
<body>
<script>
- window.wasPostTestScriptParsed = true;
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log('Fail');
+ });
var result = '';
try {
- var worker = new Worker('http://{{host}}:{{ports[http][0]}}/content-security-policy/blink-contrib/resources/worker-importscripts.js');
+ var worker = new Worker('/content-security-policy/script-src/support/worker-importscripts.js');
worker.onmessage = function(event) {
result = event.data;
test(function() {
@@ -37,7 +36,6 @@
</script>
<div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=false"></script>
</body>
</html>
diff --git a/content-security-policy/script-src/worker-script-src.sub.html b/content-security-policy/script-src/worker-script-src.sub.html
new file mode 100644
index 0000000..da7771b
--- /dev/null
+++ b/content-security-policy/script-src/worker-script-src.sub.html
@@ -0,0 +1,32 @@
+<!DOCTYPE html>
+<html>
+
+<head>
+ <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="script-src 'self' 'unsafe-inline'; connect-src 'self';">
+ <title>worker-script-src</title>
+ <script src="/resources/testharness.js"></script>
+ <script src="/resources/testharnessreport.js"></script>
+ <script src='../support/logTest.sub.js?logs=["PASS"]'></script>
+ <script src='../support/alertAssert.sub.js?alerts=[]'></script>
+</head>
+
+<body>
+ <script>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log('Fail');
+ });
+ try {
+ var foo = new Worker('/content-security-policy/script-src/support/post-message.js');
+ foo.onmessage = function(event) {
+ log("PASS");
+ };
+ } catch (e) {
+ log(e);
+ }
+
+ </script>
+ <div id="log"></div>
+</body>
+
+</html>
diff --git a/content-security-policy/blink-contrib/worker-set-timeout-blocked.sub.html b/content-security-policy/script-src/worker-set-timeout-blocked.sub.html
similarity index 66%
rename from content-security-policy/blink-contrib/worker-set-timeout-blocked.sub.html
rename to content-security-policy/script-src/worker-set-timeout-blocked.sub.html
index 119121c..5f93433 100644
--- a/content-security-policy/blink-contrib/worker-set-timeout-blocked.sub.html
+++ b/content-security-policy/script-src/worker-set-timeout-blocked.sub.html
@@ -3,21 +3,21 @@
<head>
<!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="script-src 'self' 'unsafe-inline' 'self' 'unsafe-eval'; connect-src 'self';">
<title>worker-set-timeout-blocked</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="../support/logTest.sub.js?logs=[]"></script>
<script src='../support/alertAssert.sub.js?alerts=["setTimeout blocked"]'></script>
- <!-- enforcing policy:
-script-src 'self' 'unsafe-inline' 'self' 'unsafe-inline'; connect-src 'self';
--->
-
</head>
<body>
<script>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log('Fail');
+ });
try {
- var worker = new Worker('http://{{host}}:{{ports[http][0]}}/content-security-policy/blink-contrib/resources/worker-set-timeout.js');
+ var worker = new Worker('/content-security-policy/script-src/support/worker-set-timeout.js');
worker.onmessage = function(event) {
alert_assert(event.data);
};
@@ -27,7 +27,6 @@
</script>
<div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=false"></script>
</body>
</html>
diff --git a/content-security-policy/blink-contrib/injected-inline-style-allowed.sub.html b/content-security-policy/style-src/injected-inline-style-allowed.sub.html
similarity index 63%
rename from content-security-policy/blink-contrib/injected-inline-style-allowed.sub.html
rename to content-security-policy/style-src/injected-inline-style-allowed.sub.html
index f52289e..e91c4e4 100644
--- a/content-security-policy/blink-contrib/injected-inline-style-allowed.sub.html
+++ b/content-security-policy/style-src/injected-inline-style-allowed.sub.html
@@ -3,33 +3,38 @@
<head>
<!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="style-src 'unsafe-inline'; script-src 'self' 'unsafe-inline'; connect-src 'self';">
<title>injected-inline-style-allowed</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src='../support/logTest.sub.js?logs=["PASS: 2 stylesheets on the page."]'></script>
<script src="../support/alertAssert.sub.js?alerts=[]"></script>
- <!-- enforcing policy:
-style-src 'unsafe-inline'; script-src 'self' 'unsafe-inline'; connect-src 'self';
--->
</head>
<body>
+ <script>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log("Fail");
+ });
+ </script>
+
<div id="test1">
FAIL 1/2
</div>
+
<div id="test2">
FAIL 2/2
</div>
- <script src="resources/inject-style.js"></script>
+
+ <script src="support/inject-style.js"></script>
<script>
if (document.styleSheets.length === 2)
log("PASS: 2 stylesheets on the page.");
else
- document.write("FAIL: " + document.styleSheets.length + " stylesheets on the page (should be 2).");
+ log("FAIL: " + document.styleSheets.length + " stylesheets on the page (should be 2).");
</script>
<div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=false"></script>
</body>
</html>
diff --git a/content-security-policy/style-src/injected-inline-style-blocked.sub.html b/content-security-policy/style-src/injected-inline-style-blocked.sub.html
new file mode 100644
index 0000000..d7e7de2
--- /dev/null
+++ b/content-security-policy/style-src/injected-inline-style-blocked.sub.html
@@ -0,0 +1,36 @@
+<!DOCTYPE html>
+<html>
+
+<head>
+ <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="style-src 'none'; script-src 'self' 'unsafe-inline'; connect-src 'self';">
+ <title>injected-inline-style-blocked</title>
+ <script src="/resources/testharness.js"></script>
+ <script src="/resources/testharnessreport.js"></script>
+ <script src='../support/logTest.sub.js?logs=["violated-directive=style-src","PASS"]'></script>
+ <script src="../support/alertAssert.sub.js?alerts=[]"></script>
+</head>
+
+<body>
+ <script>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log("violated-directive=" + e.violatedDirective);
+ });
+ </script>
+
+ <div id="test1">
+ PASS 1/2
+ </div>
+ <div id="test2">
+ PASS 2/2
+ </div>
+
+ <script src="support/inject-style.js"></script>
+ <script>
+ log(document.styleSheets.length == 0 ? "PASS" : "FAIL");
+
+ </script>
+ <div id="log"></div>
+</body>
+
+</html>
diff --git a/content-security-policy/blink-contrib/inline-style-allowed-while-cloning-objects.sub.html b/content-security-policy/style-src/inline-style-allowed-while-cloning-objects.sub.html
similarity index 92%
rename from content-security-policy/blink-contrib/inline-style-allowed-while-cloning-objects.sub.html
rename to content-security-policy/style-src/inline-style-allowed-while-cloning-objects.sub.html
index efb5043..7fdd5f6 100644
--- a/content-security-policy/blink-contrib/inline-style-allowed-while-cloning-objects.sub.html
+++ b/content-security-policy/style-src/inline-style-allowed-while-cloning-objects.sub.html
@@ -3,15 +3,15 @@
<head>
<!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="style-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';">
<title>inline-style-allowed-while-cloning-objects</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
- <script src="../support/logTest.sub.js?logs=[]"></script>
- <script src="../support/alertAssert.sub.js?alerts=[]"></script>
- <!-- enforcing policy:
-style-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';
--->
<script>
+ var t = async_test("Test that violation report event was fired");
+ window.addEventListener("securitypolicyviolation", t.step_func_done(function(e) {
+ assert_equals(e.violatedDirective, "style-src");
+ }));
window.onload = function() {
window.nodes = document.getElementById('nodes');
window.node1 = document.getElementById('node1');
@@ -122,7 +122,6 @@
Yet another div.
</div>
<div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=true&reportField=violated-directive&reportValue=style-src%20'self'"></script>
</body>
</html>
diff --git a/content-security-policy/blink-contrib/inline-style-allowed.sub.html b/content-security-policy/style-src/inline-style-allowed.sub.html
similarity index 69%
rename from content-security-policy/blink-contrib/inline-style-allowed.sub.html
rename to content-security-policy/style-src/inline-style-allowed.sub.html
index bf5ac12..b0aa211 100644
--- a/content-security-policy/blink-contrib/inline-style-allowed.sub.html
+++ b/content-security-policy/style-src/inline-style-allowed.sub.html
@@ -3,14 +3,18 @@
<head>
<!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="style-src 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-inline'; connect-src 'self';">
<title>inline-style-allowed</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src='../support/logTest.sub.js?logs=["PASS"]'></script>
<script src="../support/alertAssert.sub.js?alerts=[]"></script>
- <!-- enforcing policy:
-style-src 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-inline'; connect-src 'self';
--->
+ <script>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log("Fail");
+ });
+ </script>
+
<style>
.target {
background-color: blue;
@@ -25,7 +29,6 @@
</script>
<div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=false"></script>
</body>
</html>
diff --git a/content-security-policy/blink-contrib/inline-style-attribute-allowed.sub.html b/content-security-policy/style-src/inline-style-attribute-allowed.sub.html
similarity index 67%
rename from content-security-policy/blink-contrib/inline-style-attribute-allowed.sub.html
rename to content-security-policy/style-src/inline-style-attribute-allowed.sub.html
index ab44604..048e406 100644
--- a/content-security-policy/blink-contrib/inline-style-attribute-allowed.sub.html
+++ b/content-security-policy/style-src/inline-style-attribute-allowed.sub.html
@@ -3,23 +3,26 @@
<head>
<!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="style-src 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-inline'; connect-src 'self';">
<title>inline-style-attribute-allowed</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src='../support/logTest.sub.js?logs=["PASS"]'></script>
<script src="../support/alertAssert.sub.js?alerts=[]"></script>
- <!-- enforcing policy:
-style-src 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-inline'; connect-src 'self';
--->
</head>
<body style="background-color: blue;">
<script>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log("Fail");
+ });
+ </script>
+
+ <script>
log(document.body.style.length > 0 ? 'PASS' : 'FAIL');
</script>
<div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=false"></script>
</body>
</html>
diff --git a/content-security-policy/style-src/inline-style-attribute-blocked.sub.html b/content-security-policy/style-src/inline-style-attribute-blocked.sub.html
new file mode 100644
index 0000000..e2d8491
--- /dev/null
+++ b/content-security-policy/style-src/inline-style-attribute-blocked.sub.html
@@ -0,0 +1,27 @@
+<!DOCTYPE html>
+<html>
+
+<head>
+ <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="style-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-inline'; connect-src 'self';">
+ <title>inline-style-attribute-blocked</title>
+ <script src="/resources/testharness.js"></script>
+ <script src="/resources/testharnessreport.js"></script>
+ <script src='../support/logTest.sub.js?logs=["violated-directive=style-src","PASS"]'></script>
+ <script src="../support/alertAssert.sub.js?alerts=[]"></script>
+ <script>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log("violated-directive=" + e.violatedDirective);
+ });
+ </script>
+</head>
+<body style="background-color: blue;">
+
+ <script>
+ log(document.body.style.length > 0 ? 'FAIL' : 'PASS');
+
+ </script>
+ <div id="log"></div>
+</body>
+
+</html>
diff --git a/content-security-policy/blink-contrib/inline-style-attribute-on-html.sub.html b/content-security-policy/style-src/inline-style-attribute-on-html.sub.html
similarity index 79%
rename from content-security-policy/blink-contrib/inline-style-attribute-on-html.sub.html
rename to content-security-policy/style-src/inline-style-attribute-on-html.sub.html
index b002af9..91faf09 100644
--- a/content-security-policy/blink-contrib/inline-style-attribute-on-html.sub.html
+++ b/content-security-policy/style-src/inline-style-attribute-on-html.sub.html
@@ -1,17 +1,18 @@
<!DOCTYPE html>
+<script>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log("Fail");
+ });
+</script>
<html style="background-color: blue;">
-
<head>
<!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
- <meta http-equiv="Content-Security-Policy" content="style-src 'self'">
+ <meta http-equiv="Content-Security-Policy" content="style-src 'none'; script-src 'self' 'unsafe-inline'; connect-src 'self'">
<title>inline-style-attribute-on-html</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src='../support/logTest.sub.js?logs=["PASS"]'></script>
<script src="../support/alertAssert.sub.js?alerts=[]"></script>
- <!-- enforcing policy:
-style-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-inline'; connect-src 'self';
--->
</head>
<body>
@@ -22,7 +23,6 @@
</script>
<div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=false"></script>
</body>
</html>
diff --git a/content-security-policy/blink-contrib/inline-style-blocked.sub.html b/content-security-policy/style-src/inline-style-blocked.sub.html
similarity index 68%
rename from content-security-policy/blink-contrib/inline-style-blocked.sub.html
rename to content-security-policy/style-src/inline-style-blocked.sub.html
index 3f7756e..3f34437 100644
--- a/content-security-policy/blink-contrib/inline-style-blocked.sub.html
+++ b/content-security-policy/style-src/inline-style-blocked.sub.html
@@ -3,14 +3,17 @@
<head>
<!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="style-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-inline'; connect-src 'self';">
<title>inline-style-blocked</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src='../support/logTest.sub.js?logs=["PASS"]'></script>
<script src="../support/alertAssert.sub.js?alerts=[]"></script>
- <!-- enforcing policy:
-style-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-inline'; connect-src 'self';
--->
+ <script>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log("violated-directive=" + e.violatedDirective);
+ });
+ </script>
<style>
.target {
background-color: blue;
@@ -25,7 +28,6 @@
</script>
<div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=true&reportField=violated-directive&reportValue=style-src%20'none'"></script>
</body>
</html>
diff --git a/content-security-policy/blink-contrib/resources/inject-style.js b/content-security-policy/style-src/support/inject-style.js
similarity index 100%
rename from content-security-policy/blink-contrib/resources/inject-style.js
rename to content-security-policy/style-src/support/inject-style.js
diff --git a/content-security-policy/blink-contrib/resources/document-write-alert-fail.js b/content-security-policy/support/document-write-alert-fail.js
similarity index 100%
rename from content-security-policy/blink-contrib/resources/document-write-alert-fail.js
rename to content-security-policy/support/document-write-alert-fail.js
diff --git a/content-security-policy/blink-contrib/eval-allowed.sub.html b/content-security-policy/unsafe-eval/eval-allowed.sub.html
similarity index 72%
rename from content-security-policy/blink-contrib/eval-allowed.sub.html
rename to content-security-policy/unsafe-eval/eval-allowed.sub.html
index 88da806..1869963 100644
--- a/content-security-policy/blink-contrib/eval-allowed.sub.html
+++ b/content-security-policy/unsafe-eval/eval-allowed.sub.html
@@ -2,28 +2,26 @@
<html>
<head>
+ <meta http-equiv="Content-Security-Policy" content="script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self';">
<!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
<title>eval-allowed</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="../support/logTest.sub.js?logs=[]"></script>
<script src='../support/alertAssert.sub.js?alerts=["PASS (1 of 2)","PASS (2 of 2)"]'></script>
- <!-- enforcing policy:
-script-src 'self' 'unsafe-inline' 'unsafe-inline' 'unsafe-eval'; connect-src 'self';
--->
</head>
<body>
<script>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log("Fail");
+ });
+
eval("alert_assert('PASS (1 of 2)')");
- </script>
- <script>
window.eval("alert_assert('PASS (2 of 2)')");
-
</script>
<div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=false"></script>
</body>
</html>
diff --git a/content-security-policy/blink-contrib/eval-blocked-and-sends-report.sub.html b/content-security-policy/unsafe-eval/eval-blocked-and-sends-report.sub.html
similarity index 62%
rename from content-security-policy/blink-contrib/eval-blocked-and-sends-report.sub.html
rename to content-security-policy/unsafe-eval/eval-blocked-and-sends-report.sub.html
index 599b01c..998a616 100644
--- a/content-security-policy/blink-contrib/eval-blocked-and-sends-report.sub.html
+++ b/content-security-policy/unsafe-eval/eval-blocked-and-sends-report.sub.html
@@ -3,18 +3,20 @@
<head>
<!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="script-src 'self' 'unsafe-inline'; connect-src 'self';">
<title>eval-blocked-and-sends-report</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
- <script src='../support/logTest.sub.js?logs=["PASS: eval() blocked."]'></script>
+ <script src='../support/logTest.sub.js?logs=["PASS: eval() blocked.","violated-directive=script-src"]'></script>
<script src="../support/alertAssert.sub.js?alerts=[]"></script>
- <!-- enforcing policy:
-script-src 'self' 'unsafe-inline' 'self'; report-uri resources/save-report.php?test=eval-blocked-and-sends-report.html; connect-src 'self';
--->
</head>
<body>
<script>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log("violated-directive=" + e.violatedDirective);
+ });
+
try {
eval("alert_assert('FAIL')");
} catch (e) {
@@ -23,7 +25,6 @@
</script>
<div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=true&reportField=violated-directive&reportValue=script-src%20'self'%20'unsafe-inline'"></script>
</body>
</html>
diff --git a/content-security-policy/unsafe-eval/eval-blocked-in-about-blank-iframe.sub.html b/content-security-policy/unsafe-eval/eval-blocked-in-about-blank-iframe.sub.html
new file mode 100644
index 0000000..95b3d56
--- /dev/null
+++ b/content-security-policy/unsafe-eval/eval-blocked-in-about-blank-iframe.sub.html
@@ -0,0 +1,34 @@
+<!DOCTYPE html>
+<html>
+
+<head>
+ <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="script-src 'self' 'unsafe-inline'; connect-src 'self';">
+ <title>eval-blocked</title>
+ <script src="/resources/testharness.js"></script>
+ <script src="/resources/testharnessreport.js"></script>
+ <script src='../support/logTest.sub.js?logs=["violated-directive=script-src","PASS"]'></script>
+ <script src='../support/alertAssert.sub.js?alerts=[]'></script>
+</head>
+
+<body>
+
+<p>Eval should be blocked in the iframe, but inline script should be allowed.</p>
+<script>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log("violated-directive=" + e.violatedDirective);
+ });
+ window.onmessage = function(e) {
+ log(e.data);
+ }
+ window.onload = function() {
+ frames[0].document.write("<script>eval('window.parent.postMessage(\"FAIL\", \"*\");'); window.parent.postMessage(\"PASS\", \"*\");</sc" + "ript>");
+ frames[0].document.close();
+ }
+
+</script>
+<iframe src="about:blank"></iframe>
+
+</body>
+
+</html>
diff --git a/content-security-policy/blink-contrib/eval-blocked.sub.html b/content-security-policy/unsafe-eval/eval-blocked.sub.html
similarity index 69%
rename from content-security-policy/blink-contrib/eval-blocked.sub.html
rename to content-security-policy/unsafe-eval/eval-blocked.sub.html
index 229667e..7546082 100644
--- a/content-security-policy/blink-contrib/eval-blocked.sub.html
+++ b/content-security-policy/unsafe-eval/eval-blocked.sub.html
@@ -3,26 +3,26 @@
<head>
<!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="script-src 'self' 'unsafe-inline'; connect-src 'self';">
<title>eval-blocked</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
- <script src='../support/logTest.sub.js?logs=["PASS EvalError","PASS EvalError"]'></script>
+ <script src='../support/logTest.sub.js?logs=["PASS EvalError","PASS EvalError", "violated-directive=script-src"]'></script>
<script src="../support/alertAssert.sub.js?alerts=[]"></script>
- <!-- enforcing policy:
-script-src 'self' 'unsafe-inline' 'unsafe-inline'; connect-src 'self';
--->
</head>
<body>
<script>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log("violated-directive=" + e.violatedDirective);
+ });
+
try {
eval("alert_assert('FAIL (1 of 2)')");
} catch (e) {
log("PASS EvalError");
}
- </script>
- <script>
try {
window.eval("alert_assert('FAIL (1 of 2)')");
} catch (e) {
@@ -31,7 +31,6 @@
</script>
<div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=true&reportField=violated-directive&reportValue=script-src%20'unsafe-inline'"></script>
</body>
</html>
diff --git a/content-security-policy/unsafe-eval/eval-scripts-setInterval-allowed.sub.html b/content-security-policy/unsafe-eval/eval-scripts-setInterval-allowed.sub.html
new file mode 100644
index 0000000..ee888ea
--- /dev/null
+++ b/content-security-policy/unsafe-eval/eval-scripts-setInterval-allowed.sub.html
@@ -0,0 +1,33 @@
+<!DOCTYPE html>
+<html>
+
+<head>
+ <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self';">
+ <title>eval-scripts-setInterval-allowed</title>
+ <script src="/resources/testharness.js"></script>
+ <script src="/resources/testharnessreport.js"></script>
+ <script src='../support/logTest.sub.js?logs=["PASS 1 of 2","PASS 2 of 2"]'></script>
+ <script src='../support/alertAssert.sub.js?alerts=[]'></script>
+</head>
+<pre>
+<script>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log("Fail");
+ });
+
+ var id_string = setInterval("clearInterval(id_string); log('PASS 1 of 2')", 0);
+ if (id_string == 0)
+ log('FAIL: Return value for string (should not be 0): ' + id_string);
+
+ var id_function = setInterval(function() {
+ clearInterval(id_function);
+ log('PASS 2 of 2');
+ }, 0);
+
+ if (id_function == 0)
+ log('FAIL');
+</script>
+</pre>
+
+</html>
diff --git a/content-security-policy/unsafe-eval/eval-scripts-setInterval-blocked.sub.html b/content-security-policy/unsafe-eval/eval-scripts-setInterval-blocked.sub.html
new file mode 100644
index 0000000..0d65e29
--- /dev/null
+++ b/content-security-policy/unsafe-eval/eval-scripts-setInterval-blocked.sub.html
@@ -0,0 +1,31 @@
+<!DOCTYPE html>
+<html>
+
+<head>
+ <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="script-src 'self' 'unsafe-inline'; connect-src 'self';">
+ <title>eval-scripts-setInterval-blocked</title>
+ <script src="/resources/testharness.js"></script>
+ <script src="/resources/testharnessreport.js"></script>
+ <script src='../support/logTest.sub.js?logs=["PASS","violated-directive=script-src"]'></script>
+ <script src='../support/alertAssert.sub.js?alerts=[]'></script>
+</head>
+<script>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log("violated-directive=" + e.violatedDirective);
+ });
+
+ var id = setInterval("alert_assert('FAIL')", 0);
+ if (id != 0)
+ log('FAIL: Return value for string (should be 0): ' + id);
+
+ var id = setInterval(function() {
+ clearInterval(id);
+ log('PASS');
+ }, 0);
+
+ if (id == 0)
+ log('FAIL');
+</script>
+
+</html>
diff --git a/content-security-policy/unsafe-eval/eval-scripts-setTimeout-allowed.sub.html b/content-security-policy/unsafe-eval/eval-scripts-setTimeout-allowed.sub.html
new file mode 100644
index 0000000..ff85a86
--- /dev/null
+++ b/content-security-policy/unsafe-eval/eval-scripts-setTimeout-allowed.sub.html
@@ -0,0 +1,28 @@
+<!DOCTYPE html>
+<html>
+
+<head>
+ <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self';">
+ <title>eval-scripts-setTimeout-allowed</title>
+ <script src="/resources/testharness.js"></script>
+ <script src="/resources/testharnessreport.js"></script>
+ <script src='../support/logTest.sub.js?logs=["PASS 1 of 2","PASS 2 of 2"]'></script>
+ <script src='../support/alertAssert.sub.js?alerts=[]'></script>
+</head>
+<script>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log("Fail");
+ });
+
+ var id = setTimeout("log('PASS 1 of 2')", 0);
+ if (id == 0)
+ log('FAIL');
+ var id = setTimeout(function() {
+ log('PASS 2 of 2');
+ }, 0);
+ if (id == 0)
+ log('FAIL');
+</script>
+
+</html>
diff --git a/content-security-policy/unsafe-eval/eval-scripts-setTimeout-blocked.sub.html b/content-security-policy/unsafe-eval/eval-scripts-setTimeout-blocked.sub.html
new file mode 100644
index 0000000..21737ce
--- /dev/null
+++ b/content-security-policy/unsafe-eval/eval-scripts-setTimeout-blocked.sub.html
@@ -0,0 +1,30 @@
+<!DOCTYPE html>
+<html>
+
+<head>
+ <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="script-src 'self' 'unsafe-inline'; connect-src 'self';">
+ <title>eval-scripts-setTimeout-blocked</title>
+ <script src="/resources/testharness.js"></script>
+ <script src="/resources/testharnessreport.js"></script>
+ <script src='../support/logTest.sub.js?logs=["PASS","violated-directive=script-src"]'></script>
+ <script src='../support/alertAssert.sub.js?alerts=[]'></script>
+</head>
+<script>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log("violated-directive=" + e.violatedDirective);
+ });
+
+ var id = setTimeout("alert_assert('FAIL')", 0);
+ if (id != 0)
+ log('FAIL');
+
+ var id = setTimeout(function() {
+ log('PASS');
+ }, 0);
+
+ if (id == 0)
+ log('FAIL');
+</script>
+
+</html>
diff --git a/content-security-policy/unsafe-eval/function-constructor-allowed.sub.html b/content-security-policy/unsafe-eval/function-constructor-allowed.sub.html
new file mode 100644
index 0000000..8e6661b
--- /dev/null
+++ b/content-security-policy/unsafe-eval/function-constructor-allowed.sub.html
@@ -0,0 +1,26 @@
+<!DOCTYPE html>
+<html>
+
+<head>
+ <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self';">
+ <title>function-constructor-allowed</title>
+ <script src="/resources/testharness.js"></script>
+ <script src="/resources/testharnessreport.js"></script>
+ <script src='../support/logTest.sub.js?logs=["PASS"]'></script>
+ <script src='../support/alertAssert.sub.js?alerts=[]'></script>
+</head>
+
+<body>
+ <script>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log("Fail");
+ });
+
+ (new Function("log('PASS')"))();
+
+ </script>
+ <div id="log"></div>
+</body>
+
+</html>
diff --git a/content-security-policy/blink-contrib/function-constructor-blocked.sub.html b/content-security-policy/unsafe-eval/function-constructor-blocked.sub.html
similarity index 62%
rename from content-security-policy/blink-contrib/function-constructor-blocked.sub.html
rename to content-security-policy/unsafe-eval/function-constructor-blocked.sub.html
index be0c574..eb610ff 100644
--- a/content-security-policy/blink-contrib/function-constructor-blocked.sub.html
+++ b/content-security-policy/unsafe-eval/function-constructor-blocked.sub.html
@@ -3,27 +3,28 @@
<head>
<!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+ <meta http-equiv="Content-Security-Policy" content="script-src 'self' 'unsafe-inline'; connect-src 'self';">
<title>function-constructor-blocked</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
- <script src='../support/logTest.sub.js?logs=["PASS EvalError"]'></script>
+ <script src='../support/logTest.sub.js?logs=["PASS EvalError","violated-directive=script-src"]'></script>
<script src="../support/alertAssert.sub.js?alerts=[]"></script>
- <!-- enforcing policy:
-script-src 'self' 'unsafe-inline' 'unsafe-inline'; connect-src 'self';
--->
</head>
<body>
<script>
+ window.addEventListener('securitypolicyviolation', function(e) {
+ log("violated-directive=" + e.violatedDirective);
+ });
+
try {
- (new Function("alert_assert('FAIL')"))();
+ (new Function("log('FAIL')"))();
} catch (e) {
log("PASS EvalError");
}
</script>
<div id="log"></div>
- <script async defer src="../support/checkReport.sub.js?reportExists=true&reportField=violated-directive&reportValue=script-src%20'unsafe-inline'"></script>
</body>
</html>
diff --git a/css/css-flexbox-1/support/check-layout-th.js b/css/css-flexbox-1/support/check-layout-th.js
index 5e679a4..9b83df7 100644
--- a/css/css-flexbox-1/support/check-layout-th.js
+++ b/css/css-flexbox-1/support/check-layout-th.js
@@ -161,14 +161,15 @@
return output.checked;
}
-window.checkLayout = function(selectorList)
+var testNumber = 0;
+
+window.checkLayout = function(selectorList, callDone = true)
{
if (!selectorList) {
console.error("You must provide a CSS selector of nodes to check.");
return;
}
var nodes = document.querySelectorAll(selectorList);
- var testNumber = 0;
nodes = Array.prototype.slice.call(nodes);
nodes.reverse();
var checkedLayout = false;
@@ -189,7 +190,8 @@
if (!checkedLayout) {
console.error("No valid data-* attributes found in selector list : " + selectorList);
}
- done();
+ if (callDone)
+ done();
};
})();
diff --git a/css/css-grid-1/layout-algorithm/grid-stretch-respects-min-size-001.html b/css/css-grid-1/layout-algorithm/grid-stretch-respects-min-size-001.html
new file mode 100644
index 0000000..29eca9d
--- /dev/null
+++ b/css/css-grid-1/layout-algorithm/grid-stretch-respects-min-size-001.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<meta charset="utf-8">
+<title>CSS Grid Layout Test: stretch alignment respects min size constraints of the grid container</title>
+<link rel="author" title="Manuel Rego Casasnovas" href="mailto:rego@igalia.com">
+<link rel="help" href="https://drafts.csswg.org/css-grid-1/#algo-stretch">
+<link rel="help" href="https://drafts.csswg.org/css-grid-1/#grid-align">
+<link rel="match" href="../../reference/ref-filled-green-100px-square.xht">
+<meta name="assert" content="The test checks that during the last step of the track sizing algorithm (stretch auto tracks), the min-width/height constraints of the grid container are respected.">
+<style>
+ #reference-overlapped-red {
+ position: absolute;
+ background-color: red;
+ width: 100px;
+ height: 100px;
+ z-index: -1;
+ }
+
+ #constrained-wrapper {
+ width: 50px;
+ height: 50px;
+ }
+
+ #grid {
+ display: grid;
+ min-width: 100px;
+ min-height: 100px;
+ }
+
+ #test-item-overlapping-green {
+ background: green;
+ }
+</style>
+<p>Test passes if there is a filled green square and <strong>no red</strong>.</p>
+
+<div id="reference-overlapped-red"></div>
+<div id="constrained-wrapper">
+ <div id="grid">
+ <div id="test-item-overlapping-green"></div>
+ </div>
+</div>
diff --git a/css/css-grid-1/support/check-layout-th.js b/css/css-grid-1/support/check-layout-th.js
index 5e679a4..9b83df7 100644
--- a/css/css-grid-1/support/check-layout-th.js
+++ b/css/css-grid-1/support/check-layout-th.js
@@ -161,14 +161,15 @@
return output.checked;
}
-window.checkLayout = function(selectorList)
+var testNumber = 0;
+
+window.checkLayout = function(selectorList, callDone = true)
{
if (!selectorList) {
console.error("You must provide a CSS selector of nodes to check.");
return;
}
var nodes = document.querySelectorAll(selectorList);
- var testNumber = 0;
nodes = Array.prototype.slice.call(nodes);
nodes.reverse();
var checkedLayout = false;
@@ -189,7 +190,8 @@
if (!checkedLayout) {
console.error("No valid data-* attributes found in selector list : " + selectorList);
}
- done();
+ if (callDone)
+ done();
};
})();
diff --git a/css/css-images-3/gradients-with-transparent-ref.html b/css/css-images-3/gradients-with-transparent-ref.html
new file mode 100644
index 0000000..9f52476
--- /dev/null
+++ b/css/css-images-3/gradients-with-transparent-ref.html
@@ -0,0 +1,21 @@
+<!DOCTYPE html>
+<meta charset="utf-8">
+<title>Linear gradient with transparent reference</title>
+<style>
+ .test {
+ width: 200px;
+ height: 100px;
+ margin-left: 90px;
+ }
+ .gradient {
+ background-image: linear-gradient(to left, blue 0%, blue 20%, rgba(0,0,255,0));
+ }
+</style>
+
+<body>
+ <p>Gradient using 'transparent'</p>
+ <div id="gradient1" class="test gradient"></div>
+ <br />
+ <p>Gradient using rgba(0,0,255,0)</p>
+ <div id="gradient2" class="test gradient"></div>
+</body>
diff --git a/css/css-images-3/gradients-with-transparent.html b/css/css-images-3/gradients-with-transparent.html
new file mode 100644
index 0000000..e4505bc
--- /dev/null
+++ b/css/css-images-3/gradients-with-transparent.html
@@ -0,0 +1,26 @@
+<!DOCTYPE html>
+<meta charset="utf-8">
+<title>Gradients with transparent</title>
+<link rel="help" href="https://www.w3.org/TR/css3-images/#linear-gradients">
+<link rel="match" href="gradients-with-transparent-ref.html">
+<meta name="assert" content="The blue gradients to 'transparent' keyword, and rgba(0,0,0,0), match the gradient to rgba(0,0,255,0)">
+<style>
+ .test {
+ width: 200px;
+ height: 100px;
+ margin-left: 90px;
+ }
+ #gradient1 {
+ background-image: linear-gradient(to left, blue 0%, blue 20%, transparent);
+ }
+ #gradient2 {
+ background-image: linear-gradient(to left, blue 0%, blue 20%, rgba(0,0,0,0));
+ }
+</style>
+<body>
+ <p>Gradient using 'transparent'</p>
+ <div id="gradient1" class="test"></div>
+ <br />
+ <p>Gradient using rgba(0,0,255,0)</p>
+ <div id="gradient2" class="test"></div>
+</body>
diff --git a/css/css-tables-3/support/check-layout-th.js b/css/css-tables-3/support/check-layout-th.js
index 5e679a4..9b83df7 100644
--- a/css/css-tables-3/support/check-layout-th.js
+++ b/css/css-tables-3/support/check-layout-th.js
@@ -161,14 +161,15 @@
return output.checked;
}
-window.checkLayout = function(selectorList)
+var testNumber = 0;
+
+window.checkLayout = function(selectorList, callDone = true)
{
if (!selectorList) {
console.error("You must provide a CSS selector of nodes to check.");
return;
}
var nodes = document.querySelectorAll(selectorList);
- var testNumber = 0;
nodes = Array.prototype.slice.call(nodes);
nodes.reverse();
var checkedLayout = false;
@@ -189,7 +190,8 @@
if (!checkedLayout) {
console.error("No valid data-* attributes found in selector list : " + selectorList);
}
- done();
+ if (callDone)
+ done();
};
})();
diff --git a/css/css3-color/t44-currentcolor-inherited-c-ref.xht b/css/css3-color/t44-currentcolor-inherited-c-ref.xht
new file mode 100644
index 0000000..85a391d
--- /dev/null
+++ b/css/css3-color/t44-currentcolor-inherited-c-ref.xht
@@ -0,0 +1,15 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+ <title>"This paragraph" green background ref</title>
+ <style type="text/css"><![CDATA[
+ p {
+ background: green;
+ color: white;
+ }
+ ]]></style>
+ </head>
+ <body>
+ <p>This paragraph should have a green background.</p>
+ </body>
+</html>
diff --git a/css/css3-color/t44-currentcolor-inherited-c.xht b/css/css3-color/t44-currentcolor-inherited-c.xht
index 8b8fefc..402dff1 100644
--- a/css/css3-color/t44-currentcolor-inherited-c.xht
+++ b/css/css3-color/t44-currentcolor-inherited-c.xht
@@ -7,6 +7,7 @@
<link rel="reviewer" title="Elika J. Etemad" href="http://fantasai.inkedblade.net/contact" />
<link rel="help" href="http://www.w3.org/TR/css3-color/#currentcolor" />
<link rel="help" href="http://www.w3.org/Style/2011/REC-css3-color-20110607-errata.html#s.4.5" />
+ <link rel="match" href="t44-currentcolor-inherited-c-ref.xht" />
<meta name="flags" content="" />
<meta name="assert" content="currentColor is a computed value" />
<style type="text/css"><![CDATA[
diff --git a/html/infrastructure/urls/resolving-urls/query-encoding/resources/resolve-url.js b/html/infrastructure/urls/resolving-urls/query-encoding/resources/resolve-url.js
index 907b5fb..769b41b 100644
--- a/html/infrastructure/urls/resolving-urls/query-encoding/resources/resolve-url.js
+++ b/html/infrastructure/urls/resolving-urls/query-encoding/resources/resolve-url.js
@@ -35,7 +35,7 @@
// page and the test timing out
test_obj.force_timeout();
}
- setTimeout(poll, 200);
+ step_timeout(poll, 200);
} else {
assert_equals(xhr.response, expected);
test_obj.done();
@@ -43,7 +43,7 @@
});
xhr.send();
})
- setTimeout(poll, 200);
+ step_timeout(poll, 200);
}
// background attribute, check with getComputedStyle
diff --git a/html/semantics/interactive-elements/the-dialog-element/dialog-enabled.html b/html/semantics/interactive-elements/the-dialog-element/dialog-enabled.html
new file mode 100644
index 0000000..87a130c
--- /dev/null
+++ b/html/semantics/interactive-elements/the-dialog-element/dialog-enabled.html
@@ -0,0 +1,16 @@
+<!DOCTYPE html>
+<html>
+<head>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+</head>
+<body>
+<dialog></dialog>
+<script>
+test(function() {
+ dialog = document.querySelector('dialog')
+ assert_true(dialog instanceof HTMLDialogElement);
+}, "The DIALOG element should be recognized");
+</script>
+</body>
+</html>
diff --git a/html/semantics/interactive-elements/the-dialog-element/dialog-return-value.html b/html/semantics/interactive-elements/the-dialog-element/dialog-return-value.html
new file mode 100644
index 0000000..2a80de6
--- /dev/null
+++ b/html/semantics/interactive-elements/the-dialog-element/dialog-return-value.html
@@ -0,0 +1,54 @@
+<!DOCTYPE html>
+<html>
+<head>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+</head>
+<body>
+<dialog></dialog>
+<script>
+test(function() {
+ dialog = document.querySelector('dialog');
+ assert_equals(dialog.returnValue, '');
+
+ dialog.returnValue = 'Setting value directly';
+ assert_equals(dialog.returnValue, 'Setting value directly');
+
+ dialog.returnValue = null;
+ assert_equals(dialog.returnValue, 'null');
+
+ dialog.returnValue = '';
+ assert_equals(dialog.returnValue, '');
+
+ dialog.returnValue = 7;
+ assert_equals(dialog.returnValue, '7');
+
+ dialog.show();
+ dialog.close('Return value set from close()');
+ assert_equals(dialog.returnValue, 'Return value set from close()');
+
+ dialog.show();
+ dialog.close('');
+ assert_equals(dialog.returnValue, '');
+
+ dialog.show();
+ dialog.close(null);
+ assert_equals(dialog.returnValue, 'null');
+
+ dialog.returnValue = 'Should not change because no argument to close()';
+ dialog.show();
+ dialog.close();
+ assert_equals(dialog.returnValue, 'Should not change because no argument to close()');
+
+ dialog.returnValue = 'Should not change because of undefined argument to close()';
+ dialog.show();
+ dialog.close(undefined);
+ assert_equals(dialog.returnValue, 'Should not change because of undefined argument to close()');
+
+ dialog.returnValue = 'Should not change because of no-op close()';
+ dialog.close('blah');
+ assert_equals(dialog.returnValue, 'Should not change because of no-op close()');
+}, "Tests dialog.returnValue is settable and returns the last value set.");
+</script>
+</body>
+</html>
diff --git a/html/semantics/interactive-elements/the-dialog-element/show-modal-focusing-steps.html b/html/semantics/interactive-elements/the-dialog-element/show-modal-focusing-steps.html
new file mode 100644
index 0000000..164b414
--- /dev/null
+++ b/html/semantics/interactive-elements/the-dialog-element/show-modal-focusing-steps.html
@@ -0,0 +1,63 @@
+<!DOCTYPE html>
+<html>
+<head>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="./resources/common.js"></script>
+<script>
+promise_test(() => {
+ return waitUntilLoadedAndAutofocused().then(() => {
+ outerButton = document.getElementById('outer-button');
+ assert_equals(document.activeElement, outerButton);
+
+ // Test that focus goes to body if the dialog has no focusable elements, including itself
+ var outerDialog = document.getElementById('outer-dialog');
+ outerDialog.showModal();
+ assert_equals(document.activeElement, document.body);
+
+ // Test that an autofocus element in the dialog gets focus.
+ var dialog = document.getElementById('dialog');
+ dialog.showModal();
+ autofocusButton = document.getElementById('autofocus-button');
+ assert_equals(document.activeElement, autofocusButton);
+ dialog.close();
+
+ // ... or else first focusable element in the dialog gets focus.
+ autofocusButton.parentNode.removeChild(autofocusButton);
+ dialog.showModal();
+ firstButton = document.getElementById('first-button');
+ assert_equals(document.activeElement, firstButton);
+ dialog.close();
+
+ // ... or else the dialog itself gets focus.;
+ var buttons = dialog.querySelectorAll('button');
+ for (var i = 0; i < buttons.length; ++i)
+ buttons[i].hidden = true;
+ dialog.showModal();
+ assert_equals(document.activeElement, dialog);
+ dialog.close();
+
+ document.getElementById('outer-dialog').close();
+ });
+}, "focus when a modal dialog is opened");
+</script>
+</head>
+<body>
+<button id="outer-button" autofocus></button>
+<dialog id="outer-dialog">
+ <dialog id="dialog" tabindex=0>
+ <button disabled></button>
+ <dialog>
+ <button autofocus></button>
+ </dialog>
+ <button id="first-button"></button>
+ <div>
+ <span>
+ <button id="autofocus-button" autofocus></button>
+ </span>
+ </div>
+ <button id="final-button"></button>
+ </dialog>
+</dialog>
+</body>
+</html>
diff --git a/interfaces/cssom-view.idl b/interfaces/cssom-view.idl
index af779a1..4a70cb9 100644
--- a/interfaces/cssom-view.idl
+++ b/interfaces/cssom-view.idl
@@ -89,15 +89,14 @@
enum ScrollLogicalPosition { "start", "center", "end", "nearest" };
dictionary ScrollIntoViewOptions : ScrollOptions {
- ScrollLogicalPosition block = "center";
- ScrollLogicalPosition inline = "center";
+ ScrollLogicalPosition block = "start";
+ ScrollLogicalPosition inline = "nearest";
};
partial interface Element {
DOMRectList getClientRects();
[NewObject] DOMRect getBoundingClientRect();
- void scrollIntoView();
- void scrollIntoView((boolean or object) arg);
+ void scrollIntoView(optional (boolean or ScrollIntoViewOptions) arg);
void scroll(optional ScrollToOptions options);
void scroll(unrestricted double x, unrestricted double y);
void scrollTo(optional ScrollToOptions options);
diff --git a/interfaces/html.idl b/interfaces/html.idl
index a372298..2a2ed4b 100644
--- a/interfaces/html.idl
+++ b/interfaces/html.idl
@@ -1,4 +1,5 @@
-[LegacyUnenumerableNamedProperties]
+[Exposed=Window,
+ LegacyUnenumerableNamedProperties]
interface HTMLAllCollection {
readonly attribute unsigned long length;
getter Element? (unsigned long index);
@@ -6,6 +7,7 @@
legacycaller (HTMLCollection or Element)? item(optional DOMString nameOrIndex);
};
+[Exposed=Window]
interface HTMLFormControlsCollection : HTMLCollection {
// inherits length and item()
getter (RadioNodeList or Element)? namedItem(DOMString name); // shadows inherited namedItem()
@@ -15,6 +17,7 @@
attribute DOMString value;
};
+[Exposed=Window]
interface HTMLOptionsCollection : HTMLCollection {
// inherits item(), namedItem()
[CEReactions] attribute unsigned long length; // shadows inherited length
@@ -84,7 +87,8 @@
Document implements GlobalEventHandlers;
Document implements DocumentAndElementEventHandlers;
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLElement : Element {
// metadata attributes
[CEReactions] attribute DOMString title;
@@ -106,6 +110,7 @@
[CEReactions] attribute [TreatNullAs=EmptyString] DOMString innerText;
};
+
HTMLElement implements GlobalEventHandlers;
HTMLElement implements DocumentAndElementEventHandlers;
HTMLElement implements ElementContentEditable;
@@ -113,33 +118,39 @@
// Note: intentionally not [HTMLConstructor]
interface HTMLUnknownElement : HTMLElement { };
-[OverrideBuiltins]
+[Exposed=Window,
+ OverrideBuiltins]
interface DOMStringMap {
getter DOMString (DOMString name);
[CEReactions] setter void (DOMString name, DOMString value);
[CEReactions] deleter void (DOMString name);
};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLHtmlElement : HTMLElement {
// also has obsolete members
};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLHeadElement : HTMLElement {};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLTitleElement : HTMLElement {
[CEReactions] attribute DOMString text;
};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLBaseElement : HTMLElement {
[CEReactions] attribute USVString href;
[CEReactions] attribute DOMString target;
};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLLinkElement : HTMLElement {
[CEReactions] attribute USVString href;
[CEReactions] attribute DOMString? crossOrigin;
@@ -161,7 +172,8 @@
};
HTMLLinkElement implements LinkStyle;
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLMetaElement : HTMLElement {
[CEReactions] attribute DOMString name;
[CEReactions] attribute DOMString httpEquiv;
@@ -170,7 +182,8 @@
// also has obsolete members
};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLStyleElement : HTMLElement {
[CEReactions] attribute DOMString media;
[CEReactions] attribute DOMString nonce;
@@ -178,39 +191,46 @@
};
HTMLStyleElement implements LinkStyle;
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLBodyElement : HTMLElement {
// also has obsolete members
};
HTMLBodyElement implements WindowEventHandlers;
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLHeadingElement : HTMLElement {
// also has obsolete members
};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLParagraphElement : HTMLElement {
// also has obsolete members
};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLHRElement : HTMLElement {
// also has obsolete members
};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLPreElement : HTMLElement {
// also has obsolete members
};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLQuoteElement : HTMLElement {
[CEReactions] attribute USVString cite;
};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLOListElement : HTMLElement {
[CEReactions] attribute boolean reversed;
[CEReactions] attribute long start;
@@ -219,35 +239,41 @@
// also has obsolete members
};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLUListElement : HTMLElement {
// also has obsolete members
};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLMenuElement : HTMLElement {
// also has obsolete members
};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLLIElement : HTMLElement {
[CEReactions] attribute long value;
// also has obsolete members
};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLDListElement : HTMLElement {
// also has obsolete members
};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLDivElement : HTMLElement {
// also has obsolete members
};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLAnchorElement : HTMLElement {
[CEReactions] attribute DOMString target;
[CEReactions] attribute DOMString download;
@@ -265,25 +291,30 @@
};
HTMLAnchorElement implements HTMLHyperlinkElementUtils;
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLDataElement : HTMLElement {
[CEReactions] attribute DOMString value;
};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLTimeElement : HTMLElement {
[CEReactions] attribute DOMString dateTime;
};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLSpanElement : HTMLElement {};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLBRElement : HTMLElement {
// also has obsolete members
};
-[NoInterfaceObject]
+[Exposed=Window,
+ NoInterfaceObject]
interface HTMLHyperlinkElementUtils {
[CEReactions] stringifier attribute USVString href;
readonly attribute USVString origin;
@@ -298,16 +329,19 @@
[CEReactions] attribute USVString hash;
};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLModElement : HTMLElement {
[CEReactions] attribute USVString cite;
[CEReactions] attribute DOMString dateTime;
};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLPictureElement : HTMLElement {};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLSourceElement : HTMLElement {
[CEReactions] attribute USVString src;
[CEReactions] attribute DOMString type;
@@ -316,7 +350,9 @@
[CEReactions] attribute DOMString media;
};
-[HTMLConstructor, NamedConstructor=Image(optional unsigned long width, optional unsigned long height)]
+[Exposed=Window,
+ HTMLConstructor,
+ NamedConstructor=Image(optional unsigned long width, optional unsigned long height)]
interface HTMLImageElement : HTMLElement {
[CEReactions] attribute DOMString alt;
[CEReactions] attribute USVString src;
@@ -338,7 +374,8 @@
// also has obsolete members
};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLIFrameElement : HTMLElement {
[CEReactions] attribute USVString src;
[CEReactions] attribute DOMString srcdoc;
@@ -357,7 +394,8 @@
// also has obsolete members
};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLEmbedElement : HTMLElement {
[CEReactions] attribute USVString src;
[CEReactions] attribute DOMString type;
@@ -368,7 +406,8 @@
// also has obsolete members
};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLObjectElement : HTMLElement {
[CEReactions] attribute USVString data;
[CEReactions] attribute DOMString type;
@@ -392,7 +431,8 @@
// also has obsolete members
};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLParamElement : HTMLElement {
[CEReactions] attribute DOMString name;
[CEReactions] attribute DOMString value;
@@ -400,7 +440,8 @@
// also has obsolete members
};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLVideoElement : HTMLMediaElement {
[CEReactions] attribute unsigned long width;
[CEReactions] attribute unsigned long height;
@@ -410,10 +451,13 @@
[CEReactions] attribute boolean playsInline;
};
-[HTMLConstructor, NamedConstructor=Audio(optional DOMString src)]
+[Exposed=Window,
+ HTMLConstructor,
+ NamedConstructor=Audio(optional DOMString src)]
interface HTMLAudioElement : HTMLMediaElement {};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLTrackElement : HTMLElement {
[CEReactions] attribute DOMString kind;
[CEReactions] attribute USVString src;
@@ -432,6 +476,8 @@
enum CanPlayTypeResult { "" /* empty string */, "maybe", "probably" };
typedef (MediaStream or MediaSource or Blob) MediaProvider;
+
+[Exposed=Window]
interface HTMLMediaElement : HTMLElement {
// error state
@@ -490,6 +536,7 @@
TextTrack addTextTrack(TextTrackKind kind, optional DOMString label = "", optional DOMString language = "");
};
+[Exposed=Window]
interface MediaError {
const unsigned short MEDIA_ERR_ABORTED = 1;
const unsigned short MEDIA_ERR_NETWORK = 2;
@@ -500,6 +547,7 @@
readonly attribute DOMString message;
};
+[Exposed=Window]
interface AudioTrackList : EventTarget {
readonly attribute unsigned long length;
getter AudioTrack (unsigned long index);
@@ -510,6 +558,7 @@
attribute EventHandler onremovetrack;
};
+[Exposed=Window]
interface AudioTrack {
readonly attribute DOMString id;
readonly attribute DOMString kind;
@@ -518,6 +567,7 @@
attribute boolean enabled;
};
+[Exposed=Window]
interface VideoTrackList : EventTarget {
readonly attribute unsigned long length;
getter VideoTrack (unsigned long index);
@@ -529,6 +579,7 @@
attribute EventHandler onremovetrack;
};
+[Exposed=Window]
interface VideoTrack {
readonly attribute DOMString id;
readonly attribute DOMString kind;
@@ -537,6 +588,7 @@
attribute boolean selected;
};
+[Exposed=Window]
interface TextTrackList : EventTarget {
readonly attribute unsigned long length;
getter TextTrack (unsigned long index);
@@ -549,6 +601,8 @@
enum TextTrackMode { "disabled", "hidden", "showing" };
enum TextTrackKind { "subtitles", "captions", "descriptions", "chapters", "metadata" };
+
+[Exposed=Window]
interface TextTrack : EventTarget {
readonly attribute TextTrackKind kind;
readonly attribute DOMString label;
@@ -568,12 +622,14 @@
attribute EventHandler oncuechange;
};
+[Exposed=Window]
interface TextTrackCueList {
readonly attribute unsigned long length;
getter TextTrackCue (unsigned long index);
TextTrackCue? getCueById(DOMString id);
};
+[Exposed=Window]
interface TextTrackCue : EventTarget {
readonly attribute TextTrack? track;
@@ -586,13 +642,15 @@
attribute EventHandler onexit;
};
+[Exposed=Window]
interface TimeRanges {
readonly attribute unsigned long length;
double start(unsigned long index);
double end(unsigned long index);
};
-[Constructor(DOMString type, optional TrackEventInit eventInitDict)]
+[Exposed=Window,
+ Constructor(DOMString type, optional TrackEventInit eventInitDict)]
interface TrackEvent : Event {
readonly attribute (VideoTrack or AudioTrack or TextTrack)? track;
};
@@ -601,13 +659,15 @@
(VideoTrack or AudioTrack or TextTrack)? track = null;
};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLMapElement : HTMLElement {
[CEReactions] attribute DOMString name;
[SameObject] readonly attribute HTMLCollection areas;
};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLAreaElement : HTMLElement {
[CEReactions] attribute DOMString alt;
[CEReactions] attribute DOMString coords;
@@ -623,7 +683,8 @@
};
HTMLAreaElement implements HTMLHyperlinkElementUtils;
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLTableElement : HTMLElement {
[CEReactions] attribute HTMLTableCaptionElement? caption;
HTMLTableCaptionElement createCaption();
@@ -647,19 +708,22 @@
// also has obsolete members
};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLTableCaptionElement : HTMLElement {
// also has obsolete members
};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLTableColElement : HTMLElement {
[CEReactions] attribute unsigned long span;
// also has obsolete members
};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLTableSectionElement : HTMLElement {
[SameObject] readonly attribute HTMLCollection rows;
HTMLElement insertRow(optional long index = -1);
@@ -668,7 +732,8 @@
// also has obsolete members
};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLTableRowElement : HTMLElement {
readonly attribute long rowIndex;
readonly attribute long sectionRowIndex;
@@ -679,7 +744,8 @@
// also has obsolete members
};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLTableCellElement : HTMLElement {
[CEReactions] attribute unsigned long colSpan;
[CEReactions] attribute unsigned long rowSpan;
@@ -692,7 +758,10 @@
// also has obsolete members
};
-[OverrideBuiltins, LegacyUnenumerableNamedProperties, HTMLConstructor]
+[Exposed=Window,
+ OverrideBuiltins,
+ LegacyUnenumerableNamedProperties,
+ HTMLConstructor]
interface HTMLFormElement : HTMLElement {
[CEReactions] attribute DOMString acceptCharset;
[CEReactions] attribute USVString action;
@@ -715,14 +784,16 @@
boolean reportValidity();
};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLLabelElement : HTMLElement {
readonly attribute HTMLFormElement? form;
[CEReactions] attribute DOMString htmlFor;
readonly attribute HTMLElement? control;
};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLInputElement : HTMLElement {
[CEReactions] attribute DOMString accept;
[CEReactions] attribute DOMString alt;
@@ -786,7 +857,8 @@
// also has obsolete members
};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLButtonElement : HTMLElement {
[CEReactions] attribute boolean autofocus;
[CEReactions] attribute boolean disabled;
@@ -810,7 +882,8 @@
readonly attribute NodeList labels;
};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLSelectElement : HTMLElement {
[CEReactions] attribute DOMString autocomplete;
[CEReactions] attribute boolean autofocus;
@@ -846,18 +919,22 @@
readonly attribute NodeList labels;
};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLDataListElement : HTMLElement {
[SameObject] readonly attribute HTMLCollection options;
};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLOptGroupElement : HTMLElement {
[CEReactions] attribute boolean disabled;
[CEReactions] attribute DOMString label;
};
-[HTMLConstructor, NamedConstructor=Option(optional DOMString text = "", optional DOMString value, optional boolean defaultSelected = false, optional boolean selected = false)]
+[Exposed=Window,
+ HTMLConstructor,
+ NamedConstructor=Option(optional DOMString text = "", optional DOMString value, optional boolean defaultSelected = false, optional boolean selected = false)]
interface HTMLOptionElement : HTMLElement {
[CEReactions] attribute boolean disabled;
readonly attribute HTMLFormElement? form;
@@ -870,7 +947,8 @@
readonly attribute long index;
};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLTextAreaElement : HTMLElement {
[CEReactions] attribute DOMString autocomplete;
[CEReactions] attribute boolean autofocus;
@@ -911,7 +989,8 @@
void setSelectionRange(unsigned long start, unsigned long end, optional DOMString direction);
};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLOutputElement : HTMLElement {
[SameObject, PutForwards=value] readonly attribute DOMTokenList htmlFor;
readonly attribute HTMLFormElement? form;
@@ -931,7 +1010,8 @@
readonly attribute NodeList labels;
};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLProgressElement : HTMLElement {
[CEReactions] attribute double value;
[CEReactions] attribute double max;
@@ -939,7 +1019,8 @@
readonly attribute NodeList labels;
};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLMeterElement : HTMLElement {
[CEReactions] attribute double value;
[CEReactions] attribute double min;
@@ -950,7 +1031,8 @@
readonly attribute NodeList labels;
};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLFieldSetElement : HTMLElement {
[CEReactions] attribute boolean disabled;
readonly attribute HTMLFormElement? form;
@@ -968,7 +1050,8 @@
void setCustomValidity(DOMString error);
};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLLegendElement : HTMLElement {
readonly attribute HTMLFormElement? form;
@@ -982,6 +1065,7 @@
"preserve" // default
};
+[Exposed=Window]
interface ValidityState {
readonly attribute boolean valueMissing;
readonly attribute boolean typeMismatch;
@@ -996,12 +1080,14 @@
readonly attribute boolean valid;
};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLDetailsElement : HTMLElement {
[CEReactions] attribute boolean open;
};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLDialogElement : HTMLElement {
[CEReactions] attribute boolean open;
attribute DOMString returnValue;
@@ -1010,12 +1096,12 @@
[CEReactions] void close(optional DOMString returnValue);
};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLScriptElement : HTMLElement {
[CEReactions] attribute USVString src;
[CEReactions] attribute DOMString type;
[CEReactions] attribute boolean noModule;
- [CEReactions] attribute DOMString charset;
[CEReactions] attribute boolean async;
[CEReactions] attribute boolean defer;
[CEReactions] attribute DOMString? crossOrigin;
@@ -1027,12 +1113,14 @@
// also has obsolete members
};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLTemplateElement : HTMLElement {
readonly attribute DocumentFragment content;
};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLSlotElement : HTMLElement {
[CEReactions] attribute DOMString name;
sequence<Node> assignedNodes(optional AssignedNodesOptions options);
@@ -1044,7 +1132,8 @@
typedef (CanvasRenderingContext2D or WebGLRenderingContext) RenderingContext;
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLCanvasElement : HTMLElement {
[CEReactions] attribute unsigned long width;
[CEReactions] attribute unsigned long height;
@@ -1075,6 +1164,7 @@
enum ImageSmoothingQuality { "low", "medium", "high" };
+[Exposed=Window]
interface CanvasRenderingContext2D {
// back-reference to the canvas
readonly attribute HTMLCanvasElement canvas;
@@ -1184,7 +1274,8 @@
boolean isPointInStroke(Path2D path, unrestricted double x, unrestricted double y);
};
-[NoInterfaceObject]
+[Exposed=Window,
+ NoInterfaceObject]
interface CanvasUserInterface {
void drawFocusIfNeeded(Element element);
void drawFocusIfNeeded(Path2D path, Element element);
@@ -1192,7 +1283,8 @@
void scrollPathIntoView(Path2D path);
};
-[NoInterfaceObject]
+[Exposed=Window,
+ NoInterfaceObject]
interface CanvasText {
// text (see also the CanvasPathDrawingStyles and CanvasTextDrawingStyles interfaces)
void fillText(DOMString text, unrestricted double x, unrestricted double y, optional unrestricted double maxWidth);
@@ -1238,7 +1330,8 @@
attribute unrestricted double lineDashOffset;
};
-[NoInterfaceObject]
+[Exposed=Window,
+ NoInterfaceObject]
interface CanvasTextDrawingStyles {
// text
attribute DOMString font; // (default 10px sans-serif)
@@ -1274,6 +1367,7 @@
void setTransform(optional DOMMatrix2DInit transform);
};
+[Exposed=Window]
interface TextMetrics {
// x-direction
readonly attribute double width; // advance width
@@ -1312,6 +1406,7 @@
};
Path2D implements CanvasPath;
+[Exposed=Window]
interface ImageBitmapRenderingContext {
readonly attribute HTMLCanvasElement canvas;
void transferFromImageBitmap(ImageBitmap? bitmap);
@@ -1363,6 +1458,7 @@
OffscreenCanvasRenderingContext2D implements CanvasPath;
+[Exposed=Window]
interface CustomElementRegistry {
[CEReactions] void define(DOMString name, Function constructor, optional ElementDefinitionOptions options);
any get(DOMString name);
@@ -1373,13 +1469,15 @@
DOMString extends;
};
-[NoInterfaceObject]
+[Exposed=Window,
+ NoInterfaceObject]
interface ElementContentEditable {
[CEReactions] attribute DOMString contentEditable;
readonly attribute boolean isContentEditable;
};
-[Constructor, Exposed=(Window)]
+[Exposed=Window,
+ Constructor]
interface DataTransfer {
attribute DOMString dropEffect;
attribute DOMString effectAllowed;
@@ -1396,6 +1494,7 @@
[SameObject] readonly attribute FileList files;
};
+[Exposed=Window]
interface DataTransferItemList {
readonly attribute unsigned long length;
getter DataTransferItem (unsigned long index);
@@ -1405,6 +1504,7 @@
void clear();
};
+[Exposed=Window]
interface DataTransferItem {
readonly attribute DOMString kind;
readonly attribute DOMString type;
@@ -1414,7 +1514,8 @@
callback FunctionStringCallback = void (DOMString data);
-[Constructor(DOMString type, optional DragEventInit eventInitDict)]
+[Exposed=Window,
+ Constructor(DOMString type, optional DragEventInit eventInitDict)]
interface DragEvent : MouseEvent {
readonly attribute DataTransfer? dataTransfer;
};
@@ -1482,13 +1583,16 @@
callback FrameRequestCallback = void (DOMHighResTimeStamp time);
+[Exposed=Window]
interface BarProp {
readonly attribute boolean visible;
};
enum ScrollRestoration { "auto", "manual" };
+[Exposed=Window]
interface History {
+ readonly attribute unsigned long index;
readonly attribute unsigned long length;
attribute ScrollRestoration scrollRestoration;
readonly attribute any state;
@@ -1499,6 +1603,7 @@
void replaceState(any data, DOMString title, optional USVString? url = null);
};
+[Exposed=Window]
interface Location { // but see also additional creation steps and overridden internal methods
[Unforgeable] stringifier attribute USVString href;
[Unforgeable] readonly attribute USVString origin;
@@ -1517,7 +1622,8 @@
[Unforgeable, SameObject] readonly attribute DOMStringList ancestorOrigins;
};
-[Constructor(DOMString type, optional PopStateEventInit eventInitDict)]
+[Exposed=Window,
+ Constructor(DOMString type, optional PopStateEventInit eventInitDict)]
interface PopStateEvent : Event {
readonly attribute any state;
};
@@ -1526,7 +1632,8 @@
any state = null;
};
-[Constructor(DOMString type, optional HashChangeEventInit eventInitDict)]
+[Exposed=Window,
+ Constructor(DOMString type, optional HashChangeEventInit eventInitDict)]
interface HashChangeEvent : Event {
readonly attribute USVString oldURL;
readonly attribute USVString newURL;
@@ -1537,7 +1644,8 @@
USVString newURL = "";
};
-[Constructor(DOMString type, optional PageTransitionEventInit eventInitDict)]
+[Exposed=Window,
+ Constructor(DOMString type, optional PageTransitionEventInit eventInitDict)]
interface PageTransitionEvent : Event {
readonly attribute boolean persisted;
};
@@ -1546,10 +1654,12 @@
boolean persisted = false;
};
+[Exposed=Window]
interface BeforeUnloadEvent : Event {
attribute DOMString returnValue;
};
+[Exposed=Window]
interface ApplicationCache : EventTarget {
// update status
@@ -1622,7 +1732,8 @@
callback OnBeforeUnloadEventHandlerNonNull = DOMString? (Event event);
typedef OnBeforeUnloadEventHandlerNonNull? OnBeforeUnloadEventHandler;
-[NoInterfaceObject]
+[Exposed=Window,
+ NoInterfaceObject]
interface GlobalEventHandlers {
attribute EventHandler onabort;
attribute EventHandler onauxclick;
@@ -1688,7 +1799,8 @@
attribute EventHandler onwaiting;
};
-[NoInterfaceObject]
+[Exposed=Window,
+ NoInterfaceObject]
interface WindowEventHandlers {
attribute EventHandler onafterprint;
attribute EventHandler onbeforeprint;
@@ -1708,7 +1820,8 @@
attribute EventHandler onunload;
};
-[NoInterfaceObject]
+[Exposed=Window,
+ NoInterfaceObject]
interface DocumentAndElementEventHandlers {
attribute EventHandler oncopy;
attribute EventHandler oncut;
@@ -1723,7 +1836,7 @@
// base64 utility methods
DOMString btoa(DOMString data);
- DOMString atob(DOMString data);
+ ByteString atob(DOMString data);
// timers
long setTimeout(TimerHandler handler, optional long timeout = 0, any... arguments);
@@ -1738,6 +1851,7 @@
Window implements WindowOrWorkerGlobalScope;
WorkerGlobalScope implements WindowOrWorkerGlobalScope;
+[Exposed=Window]
interface Navigator {
// objects implementing this interface also implement the interfaces given below
};
@@ -1775,25 +1889,29 @@
readonly attribute FrozenArray<DOMString> languages;
};
-[NoInterfaceObject]
+[Exposed=Window,
+ NoInterfaceObject]
interface NavigatorContentUtils {
void registerProtocolHandler(DOMString scheme, USVString url, DOMString title);
void unregisterProtocolHandler(DOMString scheme, USVString url);
};
-[NoInterfaceObject]
+[Exposed=Window,
+ NoInterfaceObject]
interface NavigatorCookies {
readonly attribute boolean cookieEnabled;
};
-[NoInterfaceObject]
+[Exposed=Window,
+ NoInterfaceObject]
interface NavigatorPlugins {
[SameObject] readonly attribute PluginArray plugins;
[SameObject] readonly attribute MimeTypeArray mimeTypes;
boolean javaEnabled();
};
-[LegacyUnenumerableNamedProperties]
+[Exposed=Window,
+ LegacyUnenumerableNamedProperties]
interface PluginArray {
void refresh(optional boolean reload = false);
readonly attribute unsigned long length;
@@ -1801,14 +1919,16 @@
getter Plugin? namedItem(DOMString name);
};
-[LegacyUnenumerableNamedProperties]
+[Exposed=Window,
+ LegacyUnenumerableNamedProperties]
interface MimeTypeArray {
readonly attribute unsigned long length;
getter MimeType? item(unsigned long index);
getter MimeType? namedItem(DOMString name);
};
-[LegacyUnenumerableNamedProperties]
+[Exposed=Window,
+ LegacyUnenumerableNamedProperties]
interface Plugin {
readonly attribute DOMString name;
readonly attribute DOMString description;
@@ -1818,6 +1938,7 @@
getter MimeType? namedItem(DOMString name);
};
+[Exposed=Window]
interface MimeType {
readonly attribute DOMString type;
readonly attribute DOMString description;
@@ -1850,7 +1971,7 @@
ResizeQuality resizeQuality = "low";
};
-[Constructor(DOMString type, optional MessageEventInit eventInitDict), Exposed=(Window,Worker)]
+[Constructor(DOMString type, optional MessageEventInit eventInitDict), Exposed=(Window,Worker,AudioWorklet)]
interface MessageEvent : Event {
readonly attribute any data;
readonly attribute USVString origin;
@@ -1942,7 +2063,7 @@
readonly attribute MessagePort port2;
};
-[Exposed=(Window,Worker), Transferable]
+[Exposed=(Window,Worker,AudioWorklet), Transferable]
interface MessagePort : EventTarget {
void postMessage(any message, optional sequence<object> transfer = []);
void start();
@@ -2054,6 +2175,7 @@
readonly attribute USVString hash;
};
+[Exposed=Window]
interface Storage {
readonly attribute unsigned long length;
DOMString? key(unsigned long index);
@@ -2063,19 +2185,22 @@
void clear();
};
-[NoInterfaceObject]
+[Exposed=Window,
+ NoInterfaceObject]
interface WindowSessionStorage {
readonly attribute Storage sessionStorage;
};
Window implements WindowSessionStorage;
-[NoInterfaceObject]
+[Exposed=Window,
+ NoInterfaceObject]
interface WindowLocalStorage {
readonly attribute Storage localStorage;
};
Window implements WindowLocalStorage;
-[Constructor(DOMString type, optional StorageEventInit eventInitDict)]
+[Exposed=Window,
+ Constructor(DOMString type, optional StorageEventInit eventInitDict)]
interface StorageEvent : Event {
readonly attribute DOMString? key;
readonly attribute DOMString? oldValue;
@@ -2092,22 +2217,8 @@
Storage? storageArea = null;
};
-// Note: intentionally not [HTMLConstructor]
-interface HTMLAppletElement : HTMLElement {
- attribute DOMString align;
- attribute DOMString alt;
- attribute DOMString archive;
- attribute DOMString code;
- attribute USVString codeBase;
- attribute DOMString height;
- attribute unsigned long hspace;
- attribute DOMString name;
- attribute USVString _object; // the underscore is not part of the identifier
- attribute unsigned long vspace;
- attribute DOMString width;
-};
-
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLMarqueeElement : HTMLElement {
[CEReactions] attribute DOMString behavior;
[CEReactions] attribute DOMString bgColor;
@@ -2129,14 +2240,16 @@
void stop();
};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLFrameSetElement : HTMLElement {
[CEReactions] attribute DOMString cols;
[CEReactions] attribute DOMString rows;
};
HTMLFrameSetElement implements WindowEventHandlers;
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLFrameElement : HTMLElement {
[CEReactions] attribute DOMString name;
[CEReactions] attribute DOMString scrolling;
@@ -2188,7 +2301,8 @@
[CEReactions] attribute DOMString width;
};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLDirectoryElement : HTMLElement {
[CEReactions] attribute boolean compact;
};
@@ -2206,7 +2320,8 @@
[CEReactions] attribute DOMString name;
};
-[HTMLConstructor]
+[Exposed=Window,
+ HTMLConstructor]
interface HTMLFontElement : HTMLElement {
[CEReactions] attribute [TreatNullAs=EmptyString] DOMString color;
[CEReactions] attribute DOMString face;
@@ -2309,6 +2424,7 @@
};
partial interface HTMLScriptElement {
+ [CEReactions] attribute DOMString charset;
[CEReactions] attribute DOMString event;
[CEReactions] attribute DOMString htmlFor;
};
@@ -2385,7 +2501,8 @@
[Replaceable, SameObject] readonly attribute External external;
};
-[NoInterfaceObject]
+[Exposed=Window,
+ NoInterfaceObject]
interface External {
void AddSearchProvider();
void IsSearchProviderInstalled();
diff --git a/mediacapture-streams/MediaStream-default-feature-policy.https.sub.html b/mediacapture-streams/MediaStream-default-feature-policy.https.html
similarity index 90%
rename from mediacapture-streams/MediaStream-default-feature-policy.https.sub.html
rename to mediacapture-streams/MediaStream-default-feature-policy.https.html
index 1f48e85..12e6492 100644
--- a/mediacapture-streams/MediaStream-default-feature-policy.https.sub.html
+++ b/mediacapture-streams/MediaStream-default-feature-policy.https.html
@@ -2,8 +2,8 @@
<body>
<script src=/resources/testharness.js></script>
<script src=/resources/testharnessreport.js></script>
+ <script src=/common/get-host-info.sub.js></script>
<script src=/feature-policy/resources/featurepolicy.js></script>
- <script src=util/utils.js></script>
<script>
'use strict';
@@ -33,8 +33,9 @@
});
};
+ var cross_domain = get_host_info().HTTPS_REMOTE_ORIGIN;
run_all_fp_tests_allow_self(
- 'https://{{domains[www]}}:{{ports[https][0]}}',
+ cross_domain,
'microphone',
'[object NavigatorUserMediaError]',
function() {
@@ -42,7 +43,7 @@
});
run_all_fp_tests_allow_self(
- 'https://{{domains[www]}}:{{ports[https][0]}}',
+ cross_domain,
'camera',
'[object NavigatorUserMediaError]',
function() {
@@ -50,7 +51,7 @@
});
run_all_fp_tests_allow_self(
- 'https://{{domains[www]}}:{{ports[https][0]}}',
+ cross_domain,
'camera; microphone',
'[object NavigatorUserMediaError]',
function() {
diff --git a/mediacapture-streams/MediaStreamTrack-idl.https.html b/mediacapture-streams/MediaStreamTrack-idl.https.html
new file mode 100644
index 0000000..5164d99
--- /dev/null
+++ b/mediacapture-streams/MediaStreamTrack-idl.https.html
@@ -0,0 +1,52 @@
+<!doctype html>
+<title>MediaStreamTrack IDL tests</title>
+<link rel="help" href="https://w3c.github.io/mediacapture-main/#media-stream-track-interface-definition">
+<script src=/resources/testharness.js></script>
+<script src=/resources/testharnessreport.js></script>
+<script src=/resources/WebIDLParser.js></script>
+<script src=/resources/idlharness.js></script>
+<script>
+function idl_test([dom_idl, stream]) {
+ const idl_array = new IdlArray();
+
+ idl_array.add_untested_idls(dom_idl);
+ idl_array.add_untested_idls('interface EventHandler {};');
+ idl_array.add_idls("interface MediaStreamTrack : EventTarget {\
+ readonly attribute DOMString kind;\
+ readonly attribute DOMString id;\
+ readonly attribute DOMString label;\
+ attribute boolean enabled;\
+ readonly attribute boolean muted;\
+ attribute EventHandler onmute;\
+ attribute EventHandler onunmute;\
+ readonly attribute MediaStreamTrackState readyState;\
+ attribute EventHandler onended;\
+ attribute EventHandler onoverconstrained;\
+ MediaStreamTrack clone ();\
+ void stop ();\
+ MediaTrackCapabilities getCapabilities ();\
+ MediaTrackConstraints getConstraints ();\
+ MediaTrackSettings getSettings ();\
+ Promise<void> applyConstraints (optional MediaTrackConstraints constraints);\
+};\
+\
+enum MediaStreamTrackState {\
+ \"live\",\
+ \"ended\"\
+};");
+
+ self.track = stream.getTracks()[0];
+ idl_array.add_objects({MediaStreamTrack: ["track"]});
+
+ idl_array.test();
+}
+
+promise_test(() => {
+ return Promise.all([
+ fetch("/interfaces/dom.idl").then(response => response.text()),
+ navigator.mediaDevices.getUserMedia({audio: true}),
+ ]).then(idl_test);
+}, "Test driver")
+</script>
+</body>
+</html>
diff --git a/mediacapture-streams/MediaStreamTrack-init.https.html b/mediacapture-streams/MediaStreamTrack-init.https.html
index a51cb67..e3e5ada 100644
--- a/mediacapture-streams/MediaStreamTrack-init.https.html
+++ b/mediacapture-streams/MediaStreamTrack-init.https.html
@@ -18,53 +18,19 @@
<div id='log'></div>
<script src=/resources/testharness.js></script>
<script src=/resources/testharnessreport.js></script>
-<script src=/resources/WebIDLParser.js></script>
-<script src=/resources/idlharness.js></script>
<script>
-var t = async_test("Tests that the video MediaStreamTrack objects are properly initialized", {timeout:10000});
-var track = null
-var idl_array = new IdlArray();
-
-idl_array.add_idls("interface EventTarget {\
- void addEventListener(DOMString type, EventListener? callback, optional boolean capture = false);\
- void removeEventListener(DOMString type, EventListener? callback, optional boolean capture = false);\
- boolean dispatchEvent(Event event);\
-};");
-
-idl_array.add_idls("interface MediaStreamTrack : EventTarget {\
- readonly attribute DOMString kind;\
- readonly attribute DOMString id;\
- readonly attribute DOMString label;\
- attribute boolean enabled;\
- readonly attribute boolean muted;\
- attribute EventHandler onmute;\
- attribute EventHandler onunmute;\
- readonly attribute MediaStreamTrackState readyState;\
- attribute EventHandler onended;\
- attribute EventHandler onoverconstrained;\
- MediaStreamTrack clone ();\
- void stop ();\
- MediaTrackCapabilities getCapabilities ();\
- MediaTrackConstraints getConstraints ();\
- MediaTrackSettings getSettings ();\
- Promise<void> applyConstraints (optional MediaTrackConstraints constraints);\
-};");
-
-t.step(function () {
- navigator.mediaDevices.getUserMedia({video: true})
- .then(t.step_func(function (stream) {
+promise_test(() => {
+ return navigator.mediaDevices.getUserMedia({video: true})
+ .then(stream => {
var videoTracks = stream.getVideoTracks();
assert_equals(videoTracks.length, 1, "There is exactly one video track in the media stream");
track = videoTracks[0];
- idl_array.add_objects({MediaStreamTrack: ["track"]});
- idl_array.test();
assert_equals(track.readyState, "live", "The track object is in live state");
assert_equals(track.kind, "video", "The track object is of video kind");
// Not clear that this is required by the spec,
// see https://www.w3.org/Bugs/Public/show_bug.cgi?id=22212
assert_true(track.enabled, "The track object is enabed");
- t.done();
- }));
+ });
});
</script>
</body>
diff --git a/mediacapture-streams/OWNERS b/mediacapture-streams/OWNERS
index 2a9bbd3..25688fa 100644
--- a/mediacapture-streams/OWNERS
+++ b/mediacapture-streams/OWNERS
@@ -1,4 +1,5 @@
@agouaillard
@alvestrand
@dontcallmedom
+@eric-carlson
@youennf
diff --git a/pointerevents/pointerevent_support.js b/pointerevents/pointerevent_support.js
index 33f2667..0ed4010 100644
--- a/pointerevents/pointerevent_support.js
+++ b/pointerevents/pointerevent_support.js
@@ -155,14 +155,14 @@
}
function updateDescriptionSecondStepTouchActionElement(target, scrollReturnInterval) {
- window.setTimeout(function() {
+ window.step_timeout(function() {
objectScroller(target, 'up', 0);}
, scrollReturnInterval);
document.getElementById('desc').innerHTML = "Test Description: Try to scroll element RIGHT moving your outside of the red border";
}
function updateDescriptionThirdStepTouchActionElement(target, scrollReturnInterval) {
- window.setTimeout(function() {
+ window.step_timeout(function() {
objectScroller(target, 'left', 0);}
, scrollReturnInterval);
document.getElementById('desc').innerHTML = "Test Description: Try to scroll element DOWN then RIGHT starting your touch inside of the element. Then tap complete button";
diff --git a/tools/ci/jobs.py b/tools/ci/jobs.py
index 07bebae..9ec29a8 100644
--- a/tools/ci/jobs.py
+++ b/tools/ci/jobs.py
@@ -123,4 +123,4 @@
for item in sorted(jobs):
print(item)
else:
- return 0 if set(kwargs["includes"]) == jobs else 1
+ return 0 if set(kwargs["includes"]).issubset(jobs) else 1
diff --git a/tools/ci/tests/test_jobs.py b/tools/ci/tests/test_jobs.py
index 908c6e2..1b1ed36 100644
--- a/tools/ci/tests/test_jobs.py
+++ b/tools/ci/tests/test_jobs.py
@@ -2,6 +2,7 @@
default_jobs = set(["lint", "manifest_upload"])
+
def test_testharness():
assert jobs.get_jobs(["resources/testharness.js"]) == default_jobs | set(["resources_unittest"])
assert jobs.get_jobs(["resources/testharness.js"],
@@ -9,6 +10,7 @@
assert jobs.get_jobs(["foo/resources/testharness.js"],
includes=["resources_unittest"]) == set()
+
def test_stability():
assert jobs.get_jobs(["dom/historical.html"],
includes=["stability"]) == set(["stability"])
diff --git a/tools/serve/serve.py b/tools/serve/serve.py
index 96417c3..886553b 100644
--- a/tools/serve/serve.py
+++ b/tools/serve/serve.py
@@ -279,7 +279,7 @@
import logging
global logger
logger = logging.getLogger("web-platform-tests")
- logging.basicConfig(level=getattr(logging, level.upper()))
+ logger.setLevel(getattr(logging, level.upper()))
set_logger(logger)
diff --git a/tools/wpt/commands.json b/tools/wpt/commands.json
index 1ab767f..2e4b96f 100644
--- a/tools/wpt/commands.json
+++ b/tools/wpt/commands.json
@@ -5,5 +5,6 @@
"help": "Get a list of files that have changed", "virtualenv": false},
"tests-affected": {"path": "testfiles.py", "script": "run_tests_affected", "parser": "get_parser_affected",
"help": "Get a list of tests affected by changes", "virtualenv": false},
- "install": {"path": "install.py", "script": "run", "parser": "get_parser", "help": "Install browser components"}
+ "install": {"path": "install.py", "script": "run", "parser": "get_parser", "help": "Install browser components"},
+ "branch-point": {"path": "testfiles.py", "script": "display_branch_point", "parser": null, "help": "Print branch point from master", "virtualenv": false}
}
diff --git a/tools/wpt/testfiles.py b/tools/wpt/testfiles.py
index 89e6e27..519a958 100644
--- a/tools/wpt/testfiles.py
+++ b/tools/wpt/testfiles.py
@@ -27,9 +27,17 @@
return git
+def display_branch_point():
+ print(branch_point())
+
+
def branch_point():
git = get_git_cmd(wpt_root)
- if os.environ.get("TRAVIS_PULL_REQUEST", "false") != "false":
+ if (os.environ.get("TRAVIS_PULL_REQUEST", "false") == "false" and
+ os.environ.get("TRAVIS_BRANCH") == "master"):
+ # For builds on the master branch just return the HEAD commit
+ return git("rev-parse", "HEAD")
+ elif os.environ.get("TRAVIS_PULL_REQUEST", "false") != "false":
# This is a PR, so the base branch is in TRAVIS_BRANCH
travis_branch = os.environ.get("TRAVIS_BRANCH")
assert travis_branch, "TRAVIS_BRANCH environment variable is defined"
diff --git a/tools/wpt/wpt.py b/tools/wpt/wpt.py
index cf94ce0..49f463d 100644
--- a/tools/wpt/wpt.py
+++ b/tools/wpt/wpt.py
@@ -1,6 +1,7 @@
import argparse
-import os
import json
+import logging
+import os
import sys
from tools import localpaths
@@ -89,6 +90,8 @@
def main(prog=None, argv=None):
+ logging.basicConfig(level=logging.INFO)
+
if prog is None:
prog = sys.argv[0]
if argv is None:
diff --git a/tools/wptrunner/wptrunner/testrunner.py b/tools/wptrunner/wptrunner/testrunner.py
index c4655b7..882ac20 100644
--- a/tools/wptrunner/wptrunner/testrunner.py
+++ b/tools/wptrunner/wptrunner/testrunner.py
@@ -157,6 +157,7 @@
self.started = False
self.init_timer = None
+ self.command_queue = command_queue
def update_settings(self, test):
browser_settings = self.browser.settings(test)
diff --git a/web-animations/interfaces/AnimationEffectTiming/iterationStart.html b/web-animations/interfaces/AnimationEffectTiming/iterationStart.html
index df3f992..ed2d0e0 100644
--- a/web-animations/interfaces/AnimationEffectTiming/iterationStart.html
+++ b/web-animations/interfaces/AnimationEffectTiming/iterationStart.html
@@ -25,7 +25,7 @@
duration: 100,
delay: 1 });
anim.effect.timing.iterationStart = 2.5;
- assert_equals(anim.effect.getComputedTiming().progress, 0.5);
+ assert_times_equal(anim.effect.getComputedTiming().progress, 0.5);
assert_equals(anim.effect.getComputedTiming().currentIteration, 2);
}, 'Test that changing the iterationStart affects computed timing ' +
'when backwards-filling');
@@ -39,7 +39,7 @@
duration: 100,
delay: 0 });
anim.effect.timing.iterationStart = 2.5;
- assert_equals(anim.effect.getComputedTiming().progress, 0.5);
+ assert_times_equal(anim.effect.getComputedTiming().progress, 0.5);
assert_equals(anim.effect.getComputedTiming().currentIteration, 2);
}, 'Test that changing the iterationStart affects computed timing ' +
'during the active phase');
@@ -54,7 +54,7 @@
delay: 0 });
anim.finish();
anim.effect.timing.iterationStart = 2.5;
- assert_equals(anim.effect.getComputedTiming().progress, 0.5);
+ assert_times_equal(anim.effect.getComputedTiming().progress, 0.5);
assert_equals(anim.effect.getComputedTiming().currentIteration, 3);
}, 'Test that changing the iterationStart affects computed timing ' +
'when forwards-filling');
diff --git a/web-animations/resources/effect-tests.js b/web-animations/resources/effect-tests.js
index 5d0f618..4a0c66e 100644
--- a/web-animations/resources/effect-tests.js
+++ b/web-animations/resources/effect-tests.js
@@ -17,6 +17,11 @@
// }
//
function assert_computed_timing_for_each_phase(animation, property, values) {
+ // Some computed timing properties (e.g. 'progress') require floating-point
+ // comparison, whilst exact equality suffices for others.
+ const assert_property_equals =
+ (property === 'progress') ? assert_times_equal : assert_equals;
+
const effect = animation.effect;
const timing = effect.getComputedTiming();
@@ -33,8 +38,8 @@
} else {
animation.currentTime = beforeActive;
}
- assert_equals(effect.getComputedTiming()[property], values.before,
- `Value of ${property} in the before phase`);
+ assert_property_equals(effect.getComputedTiming()[property], values.before,
+ `Value of ${property} in the before phase`);
// Active phase
if (effect.getComputedTiming().activeDuration > 0) {
@@ -43,8 +48,8 @@
} else {
animation.currentTime = activeAfter;
}
- assert_equals(effect.getComputedTiming()[property], values.activeBoundary,
- `Value of ${property} at the boundary of the active phase`);
+ assert_property_equals(effect.getComputedTiming()[property], values.activeBoundary,
+ `Value of ${property} at the boundary of the active phase`);
} else {
assert_equals(values.activeBoundary, undefined,
'Test specifies a value to check during the active phase but'
@@ -58,8 +63,8 @@
} else {
animation.currentTime = activeAfter + 1;
}
- assert_equals(effect.getComputedTiming()[property], values.after,
- `Value of ${property} in the after phase`);
+ assert_property_equals(effect.getComputedTiming()[property], values.after,
+ `Value of ${property} in the after phase`);
} else {
assert_equals(values.after, undefined,
'Test specifies a value to check during the after phase but'
