blob: 7ec60857b8ae2de596bb602a9d6aed3ab7b51302 [file] [log] [blame]
# These tests currently fail when run with --enable-browser-side-navigation
# See https://crbug.com/576261
# These tests are flaky.
Bug(none) http/tests/security/popup-allowed-by-sandbox-can-navigate.html [ Failure ]
Bug(none) virtual/outofblink-cors/http/tests/security/popup-allowed-by-sandbox-can-navigate.html [ Failure ]
Bug(none) virtual/outofblink-cors-ns/http/tests/security/popup-allowed-by-sandbox-can-navigate.html [ Failure ]
# Not disclosing |source_location| and/or |blocked url| between cross-origin
# renderers when a CSP policy is violated regresses the quality of console
# error messages.
Bug(718942) http/tests/misc/onload-detach-during-csp-frame-src-none.html [ Failure ]
Bug(718942) http/tests/security/contentSecurityPolicy/1.1/form-action-src-get-blocked-with-redirect.html [ Failure ]
Bug(718942) http/tests/security/contentSecurityPolicy/1.1/form-action-src-redirect-blocked.html [ Failure ]
Bug(718942) http/tests/security/contentSecurityPolicy/frame-src-cross-origin-load.html [ Failure ]
Bug(718942) virtual/outofblink-cors/http/tests/security/contentSecurityPolicy/1.1/form-action-src-get-blocked-with-redirect.html [ Failure ]
Bug(718942) virtual/outofblink-cors/http/tests/security/contentSecurityPolicy/1.1/form-action-src-redirect-blocked.html [ Failure ]
Bug(718942) virtual/outofblink-cors/http/tests/security/contentSecurityPolicy/frame-src-cross-origin-load.html [ Failure ]
Bug(718942) virtual/outofblink-cors-ns/http/tests/security/contentSecurityPolicy/1.1/form-action-src-get-blocked-with-redirect.html [ Failure ]
Bug(718942) virtual/outofblink-cors-ns/http/tests/security/contentSecurityPolicy/1.1/form-action-src-redirect-blocked.html [ Failure ]
Bug(718942) virtual/outofblink-cors-ns/http/tests/security/contentSecurityPolicy/frame-src-cross-origin-load.html [ Failure ]
# Console error message source location is present with PlzNavigate. It means
# that URLs are potentially disclosed across cross-origin renderers.
# See https://crbug.com/726178.
# One solution would be to send console messages from the browser to the
# devtool process without the round-trip in the renderer.
# See https://crbug.com/721329
Bug(726178) http/tests/security/mixedContent/insecure-frame-in-data-iframe-in-main-frame-blocked.html [ Failure ]
Bug(726178) http/tests/security/mixedContent/insecure-iframe-in-iframe.html [ Failure ]
Bug(726178) http/tests/security/mixedContent/insecure-iframe-in-main-frame-allowed.html [ Failure ]
Bug(726178) http/tests/security/mixedContent/insecure-iframe-in-main-frame-blocked.html [ Failure ]
Bug(726178) http/tests/security/mixedContent/insecure-iframe-in-main-frame.html [ Failure ]
Bug(726178) http/tests/security/mixedContent/nonwebby-scheme-in-iframe-allowed.https.html [ Failure ]
Bug(726178) http/tests/security/mixedContent/redirect-http-to-https-iframe-in-main-frame.html [ Failure ]
Bug(726178) http/tests/security/mixedContent/redirect-https-to-http-iframe-in-main-frame.html [ Failure ]
Bug(726178) virtual/outofblink-cors/http/tests/security/mixedContent/insecure-frame-in-data-iframe-in-main-frame-blocked.html [ Failure ]
Bug(726178) virtual/outofblink-cors/http/tests/security/mixedContent/insecure-iframe-in-iframe.html [ Failure ]
Bug(726178) virtual/outofblink-cors/http/tests/security/mixedContent/insecure-iframe-in-main-frame-allowed.html [ Failure ]
Bug(726178) virtual/outofblink-cors/http/tests/security/mixedContent/insecure-iframe-in-main-frame-blocked.html [ Failure ]
Bug(726178) virtual/outofblink-cors/http/tests/security/mixedContent/insecure-iframe-in-main-frame.html [ Failure ]
Bug(726178) virtual/outofblink-cors/http/tests/security/mixedContent/nonwebby-scheme-in-iframe-allowed.https.html [ Failure ]
Bug(726178) virtual/outofblink-cors/http/tests/security/mixedContent/redirect-http-to-https-iframe-in-main-frame.html [ Failure ]
Bug(726178) virtual/outofblink-cors/http/tests/security/mixedContent/redirect-https-to-http-iframe-in-main-frame.html [ Failure ]
Bug(726178) virtual/outofblink-cors-ns/http/tests/security/mixedContent/insecure-frame-in-data-iframe-in-main-frame-blocked.html [ Failure ]
Bug(726178) virtual/outofblink-cors-ns/http/tests/security/mixedContent/insecure-iframe-in-iframe.html [ Failure ]
Bug(726178) virtual/outofblink-cors-ns/http/tests/security/mixedContent/insecure-iframe-in-main-frame-allowed.html [ Failure ]
Bug(726178) virtual/outofblink-cors-ns/http/tests/security/mixedContent/insecure-iframe-in-main-frame-blocked.html [ Failure ]
Bug(726178) virtual/outofblink-cors-ns/http/tests/security/mixedContent/insecure-iframe-in-main-frame.html [ Failure ]
Bug(726178) virtual/outofblink-cors-ns/http/tests/security/mixedContent/nonwebby-scheme-in-iframe-allowed.https.html [ Failure ]
Bug(726178) virtual/outofblink-cors-ns/http/tests/security/mixedContent/redirect-http-to-https-iframe-in-main-frame.html [ Failure ]
Bug(726178) virtual/outofblink-cors-ns/http/tests/security/mixedContent/redirect-https-to-http-iframe-in-main-frame.html [ Failure ]
# ------------------------------------------------------------
# These tests are correct with PlzNavigate but not without it
# ------------------------------------------------------------
# Without PlzNavigate, the line number of the console message is missing when
# there is a redirect.
Bug(none) http/tests/security/contentSecurityPolicy/frame-src-redirect-blocked.html [ Failure ]
# The line number in CSP violation event should be hidden when it comes from a
# cross-origin iframe.
Bug(none) http/tests/security/contentSecurityPolicy/frame-src-child-frame-navigates-to-blocked-origin.html [ Failure ]