| <!DOCTYPE html> |
| <html> |
| <body> |
| <script> |
| if (window.testRunner) { |
| testRunner.waitUntilDone(); |
| testRunner.dumpAsText(); |
| testRunner.dumpFrameLoadCallbacks(); |
| testRunner.setCanOpenWindows(); |
| testRunner.setCloseRemainingWindowsWhenComplete(true); |
| } |
| window.addEventListener("message", function (e) { |
| if (e.data != "done") |
| alert("should have loaded the insecure content"); |
| if (window.testRunner) |
| testRunner.notifyDone() |
| }, false); |
| </script> |
| <p>This test opens a window that reads a secure cookie and then loads an insecure image (via a tricky redirect). This should not block the insecure image from loading even though a secure cookie was accessed, because an insecure image can only affect pixels on screen, not expose private data.</p> |
| <script> |
| onload = function() { |
| window.open("https://127.0.0.1:8443/security/mixedContent/resources/frame-with-redirect-https-to-http-image-secure-cookie.html"); |
| } |
| </script> |
| </body> |
| </html> |