chromium/src/third_party/blink/web_tests/http/tests/security/secureContexts/unauthenticated_srcdoc.html - manifest_repos/chromium_src - Git at Google

 <!DOCTYPE html>
 <html>
 <head>
     <title>Unauthenticated origin with srcdoc iframe is insecure</title>
     <script src="/resources/testharness.js"></script>
     <script src="/resources/testharnessreport.js"></script>
     <script src="/resources/get-host-info.js"></script>
 </head>
 <body>
     <script>
         if (window.location.origin != get_host_info().UNAUTHENTICATED_ORIGIN) {
             window.location = get_host_info().UNAUTHENTICATED_ORIGIN +
                               window.location.pathname;
         } else {
             test(function () {
                 assert_equals(window.location.origin, get_host_info().UNAUTHENTICATED_ORIGIN, "Sanity check the test runner.");
                 assert_false(window.isSecureContext);
             }, "unauthenticated origin is insecure.");

             async_test(function (t) {
                 var messages = 0;
                 window.addEventListener("message", t.step_func(function (e) {
                     assert_false(e.data.isSecureContext);
                     messages++;
                     if (messages >= 2)
                         t.done();
                 }), false);

                 var i1 = document.createElement("iframe");
                 i1.srcdoc = "<iframe src='" + get_host_info().HTTP_REMOTE_ORIGIN + "/security/secureContexts/resources/post-securecontext-status.html" + "'></iframe>";
                 document.body.appendChild(i1);

                 var i2 = document.createElement("iframe");
                 i2.srcdoc = "<iframe src='" + get_host_info().AUTHENTICATED_ORIGIN + "/security/secureContexts/resources/post-securecontext-status.html" + "'></iframe>";
                 document.body.appendChild(i2);
             }, "Frames inside srcdoc frames are insecure");
         }
     </script>
 </body>
 </html>
	<!DOCTYPE html>
	<html>
	<head>
	<title>Unauthenticated origin with srcdoc iframe is insecure</title>
	<script src="/resources/testharness.js"></script>
	<script src="/resources/testharnessreport.js"></script>
	<script src="/resources/get-host-info.js"></script>
	</head>
	<body>
	<script>
	if (window.location.origin != get_host_info().UNAUTHENTICATED_ORIGIN) {
	window.location = get_host_info().UNAUTHENTICATED_ORIGIN +
	window.location.pathname;
	} else {
	test(function () {
	assert_equals(window.location.origin, get_host_info().UNAUTHENTICATED_ORIGIN, "Sanity check the test runner.");
	assert_false(window.isSecureContext);
	}, "unauthenticated origin is insecure.");

	async_test(function (t) {
	var messages = 0;
	window.addEventListener("message", t.step_func(function (e) {
	assert_false(e.data.isSecureContext);
	messages++;
	if (messages >= 2)
	t.done();
	}), false);

	var i1 = document.createElement("iframe");
	i1.srcdoc = "<iframe src='" + get_host_info().HTTP_REMOTE_ORIGIN + "/security/secureContexts/resources/post-securecontext-status.html" + "'></iframe>";
	document.body.appendChild(i1);

	var i2 = document.createElement("iframe");
	i2.srcdoc = "<iframe src='" + get_host_info().AUTHENTICATED_ORIGIN + "/security/secureContexts/resources/post-securecontext-status.html" + "'></iframe>";
	document.body.appendChild(i2);
	}, "Frames inside srcdoc frames are insecure");
	}
	</script>
	</body>
	</html>