Closed Bug 1558947 Opened 6 years ago Closed 6 years ago

[wpt-sync] Sync PR 17300 - Allow browsers to block mixed content requests from cross-origin tests.

Tracking

()

Status:

RESOLVED FIXED

Milestone:

mozilla70

Tracking Flags:

Tracking

Status

firefox70

---

fixed

People

(Reporter: wpt-sync, Unassigned)

References

(
URL
)

Details

(Whiteboard: [necko-triaged][wptsync downstream])

Web Platform Test Sync Bot [:wpt-sync] (Matrix: #interop:mozilla.org)

Assignee

Description

•

6 years ago

Sync web-platform-tests PR 17300 into mozilla-central (this bug is closed when the sync is complete).

PR: https://github.com/web-platform-tests/wpt/pull/17300
Details from upstream follow.

Ryosuke Niwa <rniwa@webkit.org> wrote:

Allow browsers to block mixed content requests from cross-origin tests.

Gecko and Blink by default block mixed content requests.

As a result, header-referrer-strict-origin-when-cross-origin.https.html, header-referrer-strict-origin.https.html,
and beacon/headers/header-referrer-unsafe-url.https.html fail in those two browsers.

Allow the mixed content beacon requests to be blocked in these tests as allowed by the specification:
https://www.w3.org/TR/mixed-content/#should-block-fetch
https://www.w3.org/TR/mixed-content/#requirements-user-controls

Also fixed a bug in header-referrer-strict-origin-when-cross-origin.https.html that it was not testing cross-origin.

Web Platform Test Sync Bot [:wpt-sync] (Matrix: #interop:mozilla.org)

Assignee

Updated

•

6 years ago

Component: web-platform-tests → DOM: Networking

Product: Testing → Core

Web Platform Test Sync Bot [:wpt-sync] (Matrix: #interop:mozilla.org)

Assignee

Comment 1

•

6 years ago

Pushed to try https://treeherder.mozilla.org/#/jobs?repo=try&revision=affcb3e1bf27674e58271c6b1e837ffc048778b7

Web Platform Test Sync Bot [:wpt-sync] (Matrix: #interop:mozilla.org)

Assignee

Comment 2

•

6 years ago

Pushed to try https://treeherder.mozilla.org/#/jobs?repo=try&revision=bddfd5130dcdd3a6fb7d2bb17cf2a122cec6eba6

Web Platform Test Sync Bot [:wpt-sync] (Matrix: #interop:mozilla.org)

Assignee

Comment 3

•

6 years ago

Pushed to try (stability) https://treeherder.mozilla.org/#/jobs?repo=try&revision=f5c1771b90e8fd80129e7d853ab15b16bf7d0026

Web Platform Test Sync Bot [:wpt-sync] (Matrix: #interop:mozilla.org)

Assignee

Comment 4

•

6 years ago

Failed to get results from try push

Michal Novotny [:michal]

Updated

•

6 years ago

Priority: P4 → P5

Whiteboard: [wptsync downstream] → [necko-triaged][wptsync downstream]

Web Platform Test Sync Bot [:wpt-sync] (Matrix: #interop:mozilla.org)

Assignee

Comment 5

•

6 years ago

Pushed to try https://treeherder.mozilla.org/#/jobs?repo=try&revision=6eaaa625c7f28f542aa324f6aaf553c88289a8be

Web Platform Test Sync Bot [:wpt-sync] (Matrix: #interop:mozilla.org)

Assignee

Comment 6

•

6 years ago

Pushed to try (stability) https://treeherder.mozilla.org/#/jobs?repo=try&revision=aa8c6734799bcf6dc0a4372ea0f0d895ffd77648

Pulsebot

Comment 7

•

6 years ago

Pushed by james@hoppipolla.co.uk: https://hg.mozilla.org/integration/mozilla-inbound/rev/8549427c0ca2 [wpt PR 17300] - Allow browsers to block mixed content requests from cross-origin tests., a=testonly

Razvan Maries

Comment 8

•

6 years ago

bugherder

https://hg.mozilla.org/mozilla-central/rev/8549427c0ca2

Status: NEW → RESOLVED

Closed: 6 years ago

status-firefox70: --- → fixed

Resolution: --- → FIXED

Target Milestone: --- → mozilla70

You need to log in before you can comment on or make changes to this bug.

Bugzilla

[wpt-sync] Sync PR 17300 - Allow browsers to block mixed content requests from cross-origin tests.

Categories

(Core :: DOM: Networking, defect, P5)

Tracking

()

People

(Reporter: wpt-sync, Unassigned)

References

(
URL
)

Details

(Whiteboard: [necko-triaged][wptsync downstream])

Crash Data

Security

(public)

User Story

Description

Updated

Comment 1

Comment 2

Comment 3

Comment 4

Updated

Comment 5

Comment 6

Comment 7

Comment 8