blob: 884b058d42cf03ead5dfd0e61ec1a102d7e9c413 [file] [log] [blame]
frame "<!--frame1-->" - didStartProvisionalLoadForFrame
main frame - didFinishDocumentLoadForFrame
frame "<!--frame1-->" - didCommitLoadForFrame
CONSOLE MESSAGE: line 4: [blocked] The page at https://127.0.0.1:8443/security/mixedContent/resources/frame-with-insecure-css.html was not allowed to run insecure content from http://127.0.0.1:8080/security/mixedContent/resources/style.css.
frame "<!--frame1-->" - didFinishDocumentLoadForFrame
frame "<!--frame1-->" - didHandleOnloadEventsForFrame
main frame - didHandleOnloadEventsForFrame
frame "<!--frame1-->" - didFinishLoadForFrame
main frame - didFinishLoadForFrame
This test loads a secure iframe that loads an insecure style sheet. We should trigger a mixed content callback because an active network attacker can use CSS3 to breach the confidentiality of the HTTPS security origin.