// META: script=/common/get-host-info.sub.js | |
promise_test(t => { | |
return promise_rejects(t, | |
new TypeError(), | |
fetch(get_host_info().HTTPS_REMOTE_ORIGIN + "/fetch/cross-origin-resource-policy/resources/hello.py?corp=same-site", { mode: "no-cors" })); | |
}, "Cross-Origin-Resource-Policy: same-site blocks retrieving HTTPS from HTTP"); |