blob: 30ccc6054c900ad6c2dcfd95723fd86316336152 [file] [log] [blame]
<!DOCTYPE html>
<html>
<body>
<script src="/js-test-resources/js-test.js"></script>
<script>
if (window.testRunner) {
testRunner.setHandlesAuthenticationChallenges(true);
testRunner.setAuthenticationUsername("testUser");
testRunner.setAuthenticationPassword("testPassword");
}
window.jsTestIsAsync = true;
function pass()
{
testPassed("did not load image.");
finishJSTest();
}
function fail()
{
testFailed("did load image.");
finishJSTest();
}
function runTest()
{
// Load the image programmatically instead of declaratively to avoid output flakiness caused by
// the preload scanner performing mixed content checks as part of preloading the image.
let image = new Image;
image.onload = fail;
image.onerror = pass;
image.src = "https://127.0.0.1:8443/resources/redirect.php?url=https%3A//localhost%3A8443/resources/redirect.php%3Furl%3Dhttp%3A//localhost%3A8080/security/mixedContent/resources/subresource/protected-image.php";
document.body.appendChild(image);
}
window.onload = runTest;
</script>
<script>
description("This test loads a secure image that redirects to an secure image that redirects to an insecure image guarded by basic authentication. The insecure image should be blocked because it requires credentials.");
</script>
</body>
</html>