Google Git
Sign in
chromium / external / github.com / web-platform-tests / wpt / refs/heads/DOMParser-interface / . / fetch / metadata / generated / css-images.sub.tentative.html
blob: 2f6f2f75f1b9a027dc441577b8547ba87edee231 [file] [log] [blame] [edit]
<!DOCTYPE html>
<!--
This test was procedurally generated. Please do not modify it directly.
Sources:
- fetch/metadata/tools/fetch-metadata.conf.yml
- fetch/metadata/tools/templates/css-images.sub.html
-->
<html lang="en">
<meta charset="utf-8">
<meta name="timeout" content="long">
<title>HTTP headers on request for CSS image-accepting properties</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/fetch/metadata/resources/helper.sub.js"></script>
<body>
<script>
'use strict';
/**
* The subtests in this file use an iframe to induce requests for CSS
* resources because an iframe's `onload` event is the most direct and
* generic mechanism to detect loading of CSS resources. As an optimization,
* the subtests share the same iframe and document.
*/
const declarations = [];
const iframe = document.createElement('iframe');
const whenIframeReady = new Promise((resolve, reject) => {
iframe.onload = resolve;
iframe.onerror = reject;
});
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpOrigin']);
declarations.push(`background-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-site');
})
.then(t.step_func_done(), (error) => t.unreached_func());
}, 'background-image sec-fetch-site - Not sent to non-trustworthy same-origin destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpOrigin']);
declarations.push(`border-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-site');
})
.then(t.step_func_done(), t.unreached_func());
}, 'border-image sec-fetch-site - Not sent to non-trustworthy same-origin destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpOrigin']);
declarations.push(`content: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-site');
})
.then(t.step_func_done(), t.unreached_func());
}, 'content sec-fetch-site - Not sent to non-trustworthy same-origin destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpOrigin']);
declarations.push(`cursor: url("${url}"), auto;`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-site');
})
.then(t.step_func_done(), t.unreached_func());
}, 'cursor sec-fetch-site - Not sent to non-trustworthy same-origin destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpOrigin']);
declarations.push(`list-style-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-site');
})
.then(t.step_func_done(), t.unreached_func());
}, 'list-style-image sec-fetch-site - Not sent to non-trustworthy same-origin destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpSameSite']);
declarations.push(`background-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-site');
})
.then(t.step_func_done(), (error) => t.unreached_func());
}, 'background-image sec-fetch-site - Not sent to non-trustworthy same-site destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpSameSite']);
declarations.push(`border-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-site');
})
.then(t.step_func_done(), t.unreached_func());
}, 'border-image sec-fetch-site - Not sent to non-trustworthy same-site destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpSameSite']);
declarations.push(`content: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-site');
})
.then(t.step_func_done(), t.unreached_func());
}, 'content sec-fetch-site - Not sent to non-trustworthy same-site destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpSameSite']);
declarations.push(`cursor: url("${url}"), auto;`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-site');
})
.then(t.step_func_done(), t.unreached_func());
}, 'cursor sec-fetch-site - Not sent to non-trustworthy same-site destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpSameSite']);
declarations.push(`list-style-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-site');
})
.then(t.step_func_done(), t.unreached_func());
}, 'list-style-image sec-fetch-site - Not sent to non-trustworthy same-site destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpCrossSite']);
declarations.push(`background-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-site');
})
.then(t.step_func_done(), (error) => t.unreached_func());
}, 'background-image sec-fetch-site - Not sent to non-trustworthy cross-site destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpCrossSite']);
declarations.push(`border-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-site');
})
.then(t.step_func_done(), t.unreached_func());
}, 'border-image sec-fetch-site - Not sent to non-trustworthy cross-site destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpCrossSite']);
declarations.push(`content: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-site');
})
.then(t.step_func_done(), t.unreached_func());
}, 'content sec-fetch-site - Not sent to non-trustworthy cross-site destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpCrossSite']);
declarations.push(`cursor: url("${url}"), auto;`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-site');
})
.then(t.step_func_done(), t.unreached_func());
}, 'cursor sec-fetch-site - Not sent to non-trustworthy cross-site destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpCrossSite']);
declarations.push(`list-style-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-site');
})
.then(t.step_func_done(), t.unreached_func());
}, 'list-style-image sec-fetch-site - Not sent to non-trustworthy cross-site destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpOrigin']);
declarations.push(`background-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-mode');
})
.then(t.step_func_done(), (error) => t.unreached_func());
}, 'background-image sec-fetch-mode - Not sent to non-trustworthy same-origin destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpOrigin']);
declarations.push(`border-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-mode');
})
.then(t.step_func_done(), t.unreached_func());
}, 'border-image sec-fetch-mode - Not sent to non-trustworthy same-origin destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpOrigin']);
declarations.push(`content: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-mode');
})
.then(t.step_func_done(), t.unreached_func());
}, 'content sec-fetch-mode - Not sent to non-trustworthy same-origin destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpOrigin']);
declarations.push(`cursor: url("${url}"), auto;`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-mode');
})
.then(t.step_func_done(), t.unreached_func());
}, 'cursor sec-fetch-mode - Not sent to non-trustworthy same-origin destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpOrigin']);
declarations.push(`list-style-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-mode');
})
.then(t.step_func_done(), t.unreached_func());
}, 'list-style-image sec-fetch-mode - Not sent to non-trustworthy same-origin destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpSameSite']);
declarations.push(`background-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-mode');
})
.then(t.step_func_done(), (error) => t.unreached_func());
}, 'background-image sec-fetch-mode - Not sent to non-trustworthy same-site destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpSameSite']);
declarations.push(`border-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-mode');
})
.then(t.step_func_done(), t.unreached_func());
}, 'border-image sec-fetch-mode - Not sent to non-trustworthy same-site destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpSameSite']);
declarations.push(`content: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-mode');
})
.then(t.step_func_done(), t.unreached_func());
}, 'content sec-fetch-mode - Not sent to non-trustworthy same-site destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpSameSite']);
declarations.push(`cursor: url("${url}"), auto;`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-mode');
})
.then(t.step_func_done(), t.unreached_func());
}, 'cursor sec-fetch-mode - Not sent to non-trustworthy same-site destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpSameSite']);
declarations.push(`list-style-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-mode');
})
.then(t.step_func_done(), t.unreached_func());
}, 'list-style-image sec-fetch-mode - Not sent to non-trustworthy same-site destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpCrossSite']);
declarations.push(`background-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-mode');
})
.then(t.step_func_done(), (error) => t.unreached_func());
}, 'background-image sec-fetch-mode - Not sent to non-trustworthy cross-site destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpCrossSite']);
declarations.push(`border-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-mode');
})
.then(t.step_func_done(), t.unreached_func());
}, 'border-image sec-fetch-mode - Not sent to non-trustworthy cross-site destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpCrossSite']);
declarations.push(`content: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-mode');
})
.then(t.step_func_done(), t.unreached_func());
}, 'content sec-fetch-mode - Not sent to non-trustworthy cross-site destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpCrossSite']);
declarations.push(`cursor: url("${url}"), auto;`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-mode');
})
.then(t.step_func_done(), t.unreached_func());
}, 'cursor sec-fetch-mode - Not sent to non-trustworthy cross-site destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpCrossSite']);
declarations.push(`list-style-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-mode');
})
.then(t.step_func_done(), t.unreached_func());
}, 'list-style-image sec-fetch-mode - Not sent to non-trustworthy cross-site destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpOrigin']);
declarations.push(`background-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-dest');
})
.then(t.step_func_done(), (error) => t.unreached_func());
}, 'background-image sec-fetch-dest - Not sent to non-trustworthy same-origin destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpOrigin']);
declarations.push(`border-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-dest');
})
.then(t.step_func_done(), t.unreached_func());
}, 'border-image sec-fetch-dest - Not sent to non-trustworthy same-origin destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpOrigin']);
declarations.push(`content: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-dest');
})
.then(t.step_func_done(), t.unreached_func());
}, 'content sec-fetch-dest - Not sent to non-trustworthy same-origin destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpOrigin']);
declarations.push(`cursor: url("${url}"), auto;`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-dest');
})
.then(t.step_func_done(), t.unreached_func());
}, 'cursor sec-fetch-dest - Not sent to non-trustworthy same-origin destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpOrigin']);
declarations.push(`list-style-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-dest');
})
.then(t.step_func_done(), t.unreached_func());
}, 'list-style-image sec-fetch-dest - Not sent to non-trustworthy same-origin destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpSameSite']);
declarations.push(`background-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-dest');
})
.then(t.step_func_done(), (error) => t.unreached_func());
}, 'background-image sec-fetch-dest - Not sent to non-trustworthy same-site destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpSameSite']);
declarations.push(`border-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-dest');
})
.then(t.step_func_done(), t.unreached_func());
}, 'border-image sec-fetch-dest - Not sent to non-trustworthy same-site destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpSameSite']);
declarations.push(`content: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-dest');
})
.then(t.step_func_done(), t.unreached_func());
}, 'content sec-fetch-dest - Not sent to non-trustworthy same-site destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpSameSite']);
declarations.push(`cursor: url("${url}"), auto;`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-dest');
})
.then(t.step_func_done(), t.unreached_func());
}, 'cursor sec-fetch-dest - Not sent to non-trustworthy same-site destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpSameSite']);
declarations.push(`list-style-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-dest');
})
.then(t.step_func_done(), t.unreached_func());
}, 'list-style-image sec-fetch-dest - Not sent to non-trustworthy same-site destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpCrossSite']);
declarations.push(`background-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-dest');
})
.then(t.step_func_done(), (error) => t.unreached_func());
}, 'background-image sec-fetch-dest - Not sent to non-trustworthy cross-site destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpCrossSite']);
declarations.push(`border-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-dest');
})
.then(t.step_func_done(), t.unreached_func());
}, 'border-image sec-fetch-dest - Not sent to non-trustworthy cross-site destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpCrossSite']);
declarations.push(`content: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-dest');
})
.then(t.step_func_done(), t.unreached_func());
}, 'content sec-fetch-dest - Not sent to non-trustworthy cross-site destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpCrossSite']);
declarations.push(`cursor: url("${url}"), auto;`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-dest');
})
.then(t.step_func_done(), t.unreached_func());
}, 'cursor sec-fetch-dest - Not sent to non-trustworthy cross-site destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpCrossSite']);
declarations.push(`list-style-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-dest');
})
.then(t.step_func_done(), t.unreached_func());
}, 'list-style-image sec-fetch-dest - Not sent to non-trustworthy cross-site destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpOrigin']);
declarations.push(`background-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-user');
})
.then(t.step_func_done(), (error) => t.unreached_func());
}, 'background-image sec-fetch-user - Not sent to non-trustworthy same-origin destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpOrigin']);
declarations.push(`border-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-user');
})
.then(t.step_func_done(), t.unreached_func());
}, 'border-image sec-fetch-user - Not sent to non-trustworthy same-origin destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpOrigin']);
declarations.push(`content: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-user');
})
.then(t.step_func_done(), t.unreached_func());
}, 'content sec-fetch-user - Not sent to non-trustworthy same-origin destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpOrigin']);
declarations.push(`cursor: url("${url}"), auto;`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-user');
})
.then(t.step_func_done(), t.unreached_func());
}, 'cursor sec-fetch-user - Not sent to non-trustworthy same-origin destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpOrigin']);
declarations.push(`list-style-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-user');
})
.then(t.step_func_done(), t.unreached_func());
}, 'list-style-image sec-fetch-user - Not sent to non-trustworthy same-origin destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpSameSite']);
declarations.push(`background-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-user');
})
.then(t.step_func_done(), (error) => t.unreached_func());
}, 'background-image sec-fetch-user - Not sent to non-trustworthy same-site destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpSameSite']);
declarations.push(`border-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-user');
})
.then(t.step_func_done(), t.unreached_func());
}, 'border-image sec-fetch-user - Not sent to non-trustworthy same-site destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpSameSite']);
declarations.push(`content: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-user');
})
.then(t.step_func_done(), t.unreached_func());
}, 'content sec-fetch-user - Not sent to non-trustworthy same-site destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpSameSite']);
declarations.push(`cursor: url("${url}"), auto;`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-user');
})
.then(t.step_func_done(), t.unreached_func());
}, 'cursor sec-fetch-user - Not sent to non-trustworthy same-site destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpSameSite']);
declarations.push(`list-style-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-user');
})
.then(t.step_func_done(), t.unreached_func());
}, 'list-style-image sec-fetch-user - Not sent to non-trustworthy same-site destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpCrossSite']);
declarations.push(`background-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-user');
})
.then(t.step_func_done(), (error) => t.unreached_func());
}, 'background-image sec-fetch-user - Not sent to non-trustworthy cross-site destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpCrossSite']);
declarations.push(`border-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-user');
})
.then(t.step_func_done(), t.unreached_func());
}, 'border-image sec-fetch-user - Not sent to non-trustworthy cross-site destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpCrossSite']);
declarations.push(`content: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-user');
})
.then(t.step_func_done(), t.unreached_func());
}, 'content sec-fetch-user - Not sent to non-trustworthy cross-site destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpCrossSite']);
declarations.push(`cursor: url("${url}"), auto;`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-user');
})
.then(t.step_func_done(), t.unreached_func());
}, 'cursor sec-fetch-user - Not sent to non-trustworthy cross-site destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpCrossSite']);
declarations.push(`list-style-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-user');
})
.then(t.step_func_done(), t.unreached_func());
}, 'list-style-image sec-fetch-user - Not sent to non-trustworthy cross-site destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpOrigin']);
declarations.push(`background-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-storage-access');
})
.then(t.step_func_done(), (error) => t.unreached_func());
}, 'background-image sec-fetch-storage-access - Not sent to non-trustworthy same-origin destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpOrigin']);
declarations.push(`border-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-storage-access');
})
.then(t.step_func_done(), t.unreached_func());
}, 'border-image sec-fetch-storage-access - Not sent to non-trustworthy same-origin destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpOrigin']);
declarations.push(`content: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-storage-access');
})
.then(t.step_func_done(), t.unreached_func());
}, 'content sec-fetch-storage-access - Not sent to non-trustworthy same-origin destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpOrigin']);
declarations.push(`cursor: url("${url}"), auto;`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-storage-access');
})
.then(t.step_func_done(), t.unreached_func());
}, 'cursor sec-fetch-storage-access - Not sent to non-trustworthy same-origin destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpOrigin']);
declarations.push(`list-style-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-storage-access');
})
.then(t.step_func_done(), t.unreached_func());
}, 'list-style-image sec-fetch-storage-access - Not sent to non-trustworthy same-origin destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpSameSite']);
declarations.push(`background-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-storage-access');
})
.then(t.step_func_done(), (error) => t.unreached_func());
}, 'background-image sec-fetch-storage-access - Not sent to non-trustworthy same-site destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpSameSite']);
declarations.push(`border-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-storage-access');
})
.then(t.step_func_done(), t.unreached_func());
}, 'border-image sec-fetch-storage-access - Not sent to non-trustworthy same-site destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpSameSite']);
declarations.push(`content: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-storage-access');
})
.then(t.step_func_done(), t.unreached_func());
}, 'content sec-fetch-storage-access - Not sent to non-trustworthy same-site destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpSameSite']);
declarations.push(`cursor: url("${url}"), auto;`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-storage-access');
})
.then(t.step_func_done(), t.unreached_func());
}, 'cursor sec-fetch-storage-access - Not sent to non-trustworthy same-site destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpSameSite']);
declarations.push(`list-style-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-storage-access');
})
.then(t.step_func_done(), t.unreached_func());
}, 'list-style-image sec-fetch-storage-access - Not sent to non-trustworthy same-site destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpCrossSite']);
declarations.push(`background-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-storage-access');
})
.then(t.step_func_done(), (error) => t.unreached_func());
}, 'background-image sec-fetch-storage-access - Not sent to non-trustworthy cross-site destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpCrossSite']);
declarations.push(`border-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-storage-access');
})
.then(t.step_func_done(), t.unreached_func());
}, 'border-image sec-fetch-storage-access - Not sent to non-trustworthy cross-site destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpCrossSite']);
declarations.push(`content: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-storage-access');
})
.then(t.step_func_done(), t.unreached_func());
}, 'content sec-fetch-storage-access - Not sent to non-trustworthy cross-site destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpCrossSite']);
declarations.push(`cursor: url("${url}"), auto;`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-storage-access');
})
.then(t.step_func_done(), t.unreached_func());
}, 'cursor sec-fetch-storage-access - Not sent to non-trustworthy cross-site destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpCrossSite']);
declarations.push(`list-style-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-storage-access');
})
.then(t.step_func_done(), t.unreached_func());
}, 'list-style-image sec-fetch-storage-access - Not sent to non-trustworthy cross-site destination');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpsOrigin', 'httpOrigin']);
declarations.push(`background-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-site');
})
.then(t.step_func_done(), (error) => t.unreached_func());
}, 'background-image sec-fetch-site - HTTPS downgrade (header not sent)');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpsOrigin', 'httpOrigin']);
declarations.push(`border-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-site');
})
.then(t.step_func_done(), t.unreached_func());
}, 'border-image sec-fetch-site - HTTPS downgrade (header not sent)');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpsOrigin', 'httpOrigin']);
declarations.push(`content: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-site');
})
.then(t.step_func_done(), t.unreached_func());
}, 'content sec-fetch-site - HTTPS downgrade (header not sent)');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpsOrigin', 'httpOrigin']);
declarations.push(`cursor: url("${url}"), auto;`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-site');
})
.then(t.step_func_done(), t.unreached_func());
}, 'cursor sec-fetch-site - HTTPS downgrade (header not sent)');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpsOrigin', 'httpOrigin']);
declarations.push(`list-style-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_not_own_property(headers, 'sec-fetch-site');
})
.then(t.step_func_done(), t.unreached_func());
}, 'list-style-image sec-fetch-site - HTTPS downgrade (header not sent)');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpOrigin', 'httpsOrigin']);
declarations.push(`background-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_own_property(headers, 'sec-fetch-site');
assert_equals(headers['sec-fetch-site'], 'cross-site');
})
.then(t.step_func_done(), (error) => t.unreached_func());
}, 'background-image sec-fetch-site - HTTPS upgrade');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpOrigin', 'httpsOrigin']);
declarations.push(`border-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_own_property(headers, 'sec-fetch-site');
assert_array_equals(headers['sec-fetch-site'], ['cross-site']);
})
.then(t.step_func_done(), t.unreached_func());
}, 'border-image sec-fetch-site - HTTPS upgrade');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpOrigin', 'httpsOrigin']);
declarations.push(`content: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_own_property(headers, 'sec-fetch-site');
assert_array_equals(headers['sec-fetch-site'], ['cross-site']);
})
.then(t.step_func_done(), t.unreached_func());
}, 'content sec-fetch-site - HTTPS upgrade');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpOrigin', 'httpsOrigin']);
declarations.push(`cursor: url("${url}"), auto;`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_own_property(headers, 'sec-fetch-site');
assert_array_equals(headers['sec-fetch-site'], ['cross-site']);
})
.then(t.step_func_done(), t.unreached_func());
}, 'cursor sec-fetch-site - HTTPS upgrade');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpOrigin', 'httpsOrigin']);
declarations.push(`list-style-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_own_property(headers, 'sec-fetch-site');
assert_array_equals(headers['sec-fetch-site'], ['cross-site']);
})
.then(t.step_func_done(), t.unreached_func());
}, 'list-style-image sec-fetch-site - HTTPS upgrade');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpsOrigin', 'httpOrigin', 'httpsOrigin']);
declarations.push(`background-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_own_property(headers, 'sec-fetch-site');
assert_equals(headers['sec-fetch-site'], 'cross-site');
})
.then(t.step_func_done(), (error) => t.unreached_func());
}, 'background-image sec-fetch-site - HTTPS downgrade-upgrade');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpsOrigin', 'httpOrigin', 'httpsOrigin']);
declarations.push(`border-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_own_property(headers, 'sec-fetch-site');
assert_array_equals(headers['sec-fetch-site'], ['cross-site']);
})
.then(t.step_func_done(), t.unreached_func());
}, 'border-image sec-fetch-site - HTTPS downgrade-upgrade');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpsOrigin', 'httpOrigin', 'httpsOrigin']);
declarations.push(`content: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_own_property(headers, 'sec-fetch-site');
assert_array_equals(headers['sec-fetch-site'], ['cross-site']);
})
.then(t.step_func_done(), t.unreached_func());
}, 'content sec-fetch-site - HTTPS downgrade-upgrade');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpsOrigin', 'httpOrigin', 'httpsOrigin']);
declarations.push(`cursor: url("${url}"), auto;`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_own_property(headers, 'sec-fetch-site');
assert_array_equals(headers['sec-fetch-site'], ['cross-site']);
})
.then(t.step_func_done(), t.unreached_func());
}, 'cursor sec-fetch-site - HTTPS downgrade-upgrade');
async_test((t) => {
const key = '{{uuid()}}';
const url = makeRequestURL(key, ['httpsOrigin', 'httpOrigin', 'httpsOrigin']);
declarations.push(`list-style-image: url("${url}");`);
whenIframeReady
.then(() => retrieve(key))
.then((headers) => {
assert_own_property(headers, 'sec-fetch-site');
assert_array_equals(headers['sec-fetch-site'], ['cross-site']);
})
.then(t.step_func_done(), t.unreached_func());
}, 'list-style-image sec-fetch-site - HTTPS downgrade-upgrade');
iframe.srcdoc = declarations.map((declaration, index) => `
<style>.el${index} { ${declaration} }</style><div class="el${index}"></div>`
).join('');
document.body.appendChild(iframe);
</script>
</body>
</html>