<!DOCTYPE html>
<html>
<head>
<title>Unauthenticated origin is insecure</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/resources/get-host-info.js"></script>
</head>
<body>
<script>
if (window.location.origin != get_host_info().UNAUTHENTICATED_ORIGIN) {
window.location = get_host_info().UNAUTHENTICATED_ORIGIN +
window.location.pathname;
} else {
test(function () {
assert_equals(window.location.origin, get_host_info().UNAUTHENTICATED_ORIGIN, "Sanity check the test runner.");
assert_false(window.isSecureContext);
}, "unauthenticated origin is insecure.");
async_test(function (t) {
var messages = 0;
window.addEventListener("message", t.step_func(function (e) {
assert_false(e.data.isSecureContext);
messages++;
if (messages >= 2)
t.done();
}), false);
var i1 = document.createElement("iframe");
i1.src = get_host_info().HTTP_REMOTE_ORIGIN + "/security/secureContexts/resources/post-securecontext-status.html";
document.body.appendChild(i1);
var i2 = document.createElement("iframe");
i2.src = get_host_info().HTTPS_REMOTE_ORIGIN + "/security/secureContexts/resources/post-securecontext-status.html";
document.body.appendChild(i2);
}, "Frames are insecure");
}
</script>
</body>
</html>
Codebase Browser
chromium