third_party/WebKit/LayoutTests/http/tests/security/powerfulFeatureRestrictions/old-powerful-features-on-insecure-origin.html - chromium/src - Git at Google

 <!DOCTYPE html>
 <html manifest="/security/powerfulFeatureRestrictions/resources/simple.manifest">
 <head>
 <title>Old Powerful Features on an Insecure Origin</title>
 </head>
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 <script src="/resources/get-host-info.js"></script>

 <body>
 <div id="target"></div>
 <script>
 if (window.location.origin != get_host_info().UNAUTHENTICATED_ORIGIN) {
     window.location = get_host_info().UNAUTHENTICATED_ORIGIN + window.location.pathname;
 } else {
     if (!window.internals)
         assert_unreached('window.internals is required for this test');

     // Tests for APIs that are deprecated, but still allowed, on
     // insecure origins
     async_test(function() {
         testRunner.setMockDeviceMotion(true, 0, true, 0, true, 0,
                                        true, 0, true, 0, true, 0,
                                        true, 0, true, 0, true, 0,
                                        0);
         window.addEventListener('devicemotion', this.step_func_done());
     }, 'device motion');

     async_test(function() {
         testRunner.setMockDeviceOrientation(11.1, 22.2, 33.3, true);
         window.addEventListener('deviceorientation', this.step_func_done());
     }, 'device orientation');

     // Tests for APIs that have been turned off on insecure origins
     async_test(function() {
         navigator.geolocation.getCurrentPosition(
             this.unreached_func('getCurrentPosition should fail, but succeeded.'),
             this.step_func_done(function(error) {
                 assert_equals(error.code, error.PERMISSION_DENIED);
             }));
     }, 'getCurrentPosition');

     // Note that the deprecation message for watchPosition() will be suppressed
     // because it is an exact duplicate of the getCurrentPosition() message.
     // Thus, this test is really to confirm that it still executes (and fails).
     async_test(function() {
         navigator.geolocation.watchPosition(
             this.unreached_func('watchPosition should fail, but succeeded.'),
             this.step_func_done(function(error) {
                 assert_equals(error.code, error.PERMISSION_DENIED);
             }));
     }, 'watchPosition');

     async_test(function() {
         navigator.webkitGetUserMedia({ audio: true, video: true },
             this.unreached_func('navigator.webkitGetUserMedia should call the error callback, but called the success callback instead.'),
             this.step_func_done());
     }, 'navigator.webkitGetUserMedia');

     promise_test(function(test) {
         return navigator.mediaDevices.getUserMedia({audio: true, video: true}).then(
             test.unreached_func("navigator.mediaDevices.getUserMedia should reject the promise, but resolved instead."),
             function(error) {
                 assert_equals(error.name, "NotSupportedError");
                 assert_equals(error.message, "Only secure origins are allowed (see: https://goo.gl/Y0ZkNV).");
             });
     }, 'navigator.mediaDevices.getUserMedia');

     async_test(function() {
         var cached = this.step_func(function() {
             var test = this;
             fetch("/security/powerfulFeatureRestrictions/resources/simple.txt")
                 .then(this.step_func(function(response) {
                     assert_equals(response.status, 200);
                     response.text().then(this.step_func_done(function(data) {
                         assert_equals(data, "Hello, World!");
                     }));
                 }))
                 .catch(this.unreached_func("fetch() for cachable resource unexpectedly failed"));
         });

         applicationCache.addEventListener('cached', cached, false);
     }, 'appcache');

     test(function() {
       assert_false('requestMediaKeySystemAccess' in navigator);
     }, 'requestMediaKeySystemAccess');
 }
 </script>
 </body>
 </html>
	<!DOCTYPE html>
	<html manifest="/security/powerfulFeatureRestrictions/resources/simple.manifest">
	<head>
	<title>Old Powerful Features on an Insecure Origin</title>
	</head>
	<script src="/resources/testharness.js"></script>
	<script src="/resources/testharnessreport.js"></script>
	<script src="/resources/get-host-info.js"></script>

	<body>
	<div id="target"></div>
	<script>
	if (window.location.origin != get_host_info().UNAUTHENTICATED_ORIGIN) {
	window.location = get_host_info().UNAUTHENTICATED_ORIGIN + window.location.pathname;
	} else {
	if (!window.internals)
	assert_unreached('window.internals is required for this test');

	// Tests for APIs that are deprecated, but still allowed, on
	// insecure origins
	async_test(function() {
	testRunner.setMockDeviceMotion(true, 0, true, 0, true, 0,
	true, 0, true, 0, true, 0,
	true, 0, true, 0, true, 0,
	0);
	window.addEventListener('devicemotion', this.step_func_done());
	}, 'device motion');

	async_test(function() {
	testRunner.setMockDeviceOrientation(11.1, 22.2, 33.3, true);
	window.addEventListener('deviceorientation', this.step_func_done());
	}, 'device orientation');

	// Tests for APIs that have been turned off on insecure origins
	async_test(function() {
	navigator.geolocation.getCurrentPosition(
	this.unreached_func('getCurrentPosition should fail, but succeeded.'),
	this.step_func_done(function(error) {
	assert_equals(error.code, error.PERMISSION_DENIED);
	}));
	}, 'getCurrentPosition');

	// Note that the deprecation message for watchPosition() will be suppressed
	// because it is an exact duplicate of the getCurrentPosition() message.
	// Thus, this test is really to confirm that it still executes (and fails).
	async_test(function() {
	navigator.geolocation.watchPosition(
	this.unreached_func('watchPosition should fail, but succeeded.'),
	this.step_func_done(function(error) {
	assert_equals(error.code, error.PERMISSION_DENIED);
	}));
	}, 'watchPosition');

	async_test(function() {
	navigator.webkitGetUserMedia({ audio: true, video: true },
	this.unreached_func('navigator.webkitGetUserMedia should call the error callback, but called the success callback instead.'),
	this.step_func_done());
	}, 'navigator.webkitGetUserMedia');

	promise_test(function(test) {
	return navigator.mediaDevices.getUserMedia({audio: true, video: true}).then(
	test.unreached_func("navigator.mediaDevices.getUserMedia should reject the promise, but resolved instead."),
	function(error) {
	assert_equals(error.name, "NotSupportedError");
	assert_equals(error.message, "Only secure origins are allowed (see: https://goo.gl/Y0ZkNV).");
	});
	}, 'navigator.mediaDevices.getUserMedia');

	async_test(function() {
	var cached = this.step_func(function() {
	var test = this;
	fetch("/security/powerfulFeatureRestrictions/resources/simple.txt")
	.then(this.step_func(function(response) {
	assert_equals(response.status, 200);
	response.text().then(this.step_func_done(function(data) {
	assert_equals(data, "Hello, World!");
	}));
	}))
	.catch(this.unreached_func("fetch() for cachable resource unexpectedly failed"));
	});

	applicationCache.addEventListener('cached', cached, false);
	}, 'appcache');

	test(function() {
	assert_false('requestMediaKeySystemAccess' in navigator);
	}, 'requestMediaKeySystemAccess');
	}
	</script>
	</body>
	</html>