| <!DOCTYPE html> |
| <html> |
| <head> |
| <title>Unauthenticated origin is insecure</title> |
| <script src="/resources/testharness.js"></script> |
| <script src="/resources/testharness-helpers.js"></script> |
| <script src="/resources/testharnessreport.js"></script> |
| <script src="/resources/get-host-info.js"></script> |
| </head> |
| <body> |
| <script> |
| if (window.location.origin != get_host_info().UNAUTHENTICATED_ORIGIN) { |
| window.location = get_host_info().UNAUTHENTICATED_ORIGIN + |
| window.location.pathname; |
| } else { |
| test(function () { |
| assert_equals(window.location.origin, get_host_info().UNAUTHENTICATED_ORIGIN, "Sanity check the test runner."); |
| assert_false(window.isSecureContext); |
| }, "unauthenticated origin is insecure."); |
| |
| async_test(function (t) { |
| var messages = 0; |
| window.addEventListener("message", t.step_func(function (e) { |
| assert_false(e.data.isSecureContext); |
| messages++; |
| if (messages >= 2) |
| t.done(); |
| }), false); |
| |
| var i1 = document.createElement("iframe"); |
| i1.src = get_host_info().UNAUTHENTICATED_ORIGIN + "/security/secureContexts/resources/post-securecontext-status.html"; |
| document.body.appendChild(i1); |
| |
| var i2 = document.createElement("iframe"); |
| i2.src = get_host_info().AUTHENTICATED_ORIGIN + "/security/secureContexts/resources/post-securecontext-status.html"; |
| document.body.appendChild(i2); |
| }, "Frames are insecure"); |
| } |
| </script> |
| </body> |
| </html> |