| <!DOCTYPE html> |
| <html> |
| <body> |
| <script src="/js-test-resources/js-test.js"></script> |
| <script> |
| if (window.testRunner) { |
| testRunner.setHandlesAuthenticationChallenges(true); |
| testRunner.setAuthenticationUsername("testUser"); |
| testRunner.setAuthenticationPassword("testPassword"); |
| } |
| |
| window.jsTestIsAsync = true; |
| |
| function pass() |
| { |
| testPassed("did not load image."); |
| finishJSTest(); |
| } |
| |
| function fail() |
| { |
| testFailed("did load image."); |
| finishJSTest(); |
| } |
| |
| function runTest() |
| { |
| // Load the image programmatically instead of declaratively to avoid output flakiness caused by |
| // the preload scanner performing mixed content checks as part of preloading the image. |
| let image = new Image; |
| image.onload = fail; |
| image.onerror = pass; |
| image.src = "https://127.0.0.1:8443/resources/redirect.py?url=https%3A//localhost%3A8443/resources/redirect.py%3Furl%3Dhttp%3A//localhost%3A8080/security/mixedContent/resources/subresource/protected-image.py"; |
| document.body.appendChild(image); |
| } |
| |
| window.onload = runTest; |
| </script> |
| <script> |
| description("This test loads a secure image that redirects to an secure image that redirects to an insecure image guarded by basic authentication. The insecure image should be blocked because it requires credentials."); |
| </script> |
| </body> |
| </html> |
