<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[202150] trunk/LayoutTests</title>
</head>
<body>
<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta">
<dt>Revision</dt> <dd><a href="http://trac.webkit.org/projects/webkit/changeset/202150">202150</a></dd>
<dt>Author</dt> <dd>jiewen_tan@apple.com</dd>
<dt>Date</dt> <dd>2016-06-16 17:45:42 -0700 (Thu, 16 Jun 2016)</dd>
</dl>
<h3>Log Message</h3>
<pre>Move most of CSP tests into security/contentSecurityPolicy/
https://bugs.webkit.org/show_bug.cgi?id=158859
Reviewed by Daniel Bates.
* platform/mac-wk1/TestExpectations:
* platform/mac/TestExpectations:
* platform/wk2/TestExpectations:
* security/contentSecurityPolicy/blocks-video-expected.txt: Renamed from LayoutTests/media/csp-blocks-video-expected.txt.
* security/contentSecurityPolicy/blocks-video.html: Renamed from LayoutTests/media/csp-blocks-video.html.
* security/contentSecurityPolicy/font-loading-block-all-expected.txt: Renamed from LayoutTests/fast/text/font-loading-csp-block-all-expected.txt.
* security/contentSecurityPolicy/font-loading-block-all.html: Renamed from LayoutTests/fast/text/font-loading-csp-block-all.html.
* security/contentSecurityPolicy/image-with-blob-url-allowed-by-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html: Renamed from LayoutTests/fast/dom/HTMLImageElement/image-with-blob-url-allowed-by-csp-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html.
* security/contentSecurityPolicy/image-with-blob-url-allowed-by-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html: Renamed from LayoutTests/fast/dom/HTMLImageElement/image-with-blob-url-allowed-by-csp-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html.
* security/contentSecurityPolicy/image-with-blob-url-blocked-by-img-src-star-expected.html: Renamed from LayoutTests/fast/dom/HTMLImageElement/image-with-blob-url-blocked-by-csp-img-src-star-expected.html.
* security/contentSecurityPolicy/image-with-blob-url-blocked-by-img-src-star.html: Renamed from LayoutTests/fast/dom/HTMLImageElement/image-with-blob-url-blocked-by-csp-img-src-star.html.
* security/contentSecurityPolicy/image-with-data-url-allowed-by-img-src-star-expected.html: Renamed from LayoutTests/fast/dom/HTMLImageElement/image-with-data-url-allowed-by-csp-img-src-star-expected.html.
* security/contentSecurityPolicy/image-with-data-url-allowed-by-img-src-star.html: Renamed from LayoutTests/fast/dom/HTMLImageElement/image-with-data-url-allowed-by-csp-img-src-star.html.
* security/contentSecurityPolicy/image-with-file-url-allowed-by-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html: Renamed from LayoutTests/fast/dom/HTMLImageElement/image-with-file-url-allowed-by-csp-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html.
* security/contentSecurityPolicy/image-with-file-url-allowed-by-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html: Renamed from LayoutTests/fast/dom/HTMLImageElement/image-with-file-url-allowed-by-csp-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html.
* security/contentSecurityPolicy/image-with-file-url-blocked-by-img-src-star-expected.html: Renamed from LayoutTests/fast/dom/HTMLImageElement/image-with-file-url-blocked-by-csp-img-src-star-expected.html.
* security/contentSecurityPolicy/image-with-file-url-blocked-by-img-src-star.html: Renamed from LayoutTests/fast/dom/HTMLImageElement/image-with-file-url-blocked-by-csp-img-src-star.html.
* security/contentSecurityPolicy/link-with-blob-url-allowed-by-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html: Renamed from LayoutTests/fast/dom/HTMLLinkElement/link-with-blob-url-allowed-by-csp-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html.
* security/contentSecurityPolicy/link-with-blob-url-allowed-by-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html: Renamed from LayoutTests/fast/dom/HTMLLinkElement/link-with-blob-url-allowed-by-csp-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html.
* security/contentSecurityPolicy/link-with-blob-url-blocked-by-style-src-star-expected.html: Renamed from LayoutTests/fast/dom/HTMLLinkElement/link-with-blob-url-blocked-by-csp-style-src-star-expected.html.
* security/contentSecurityPolicy/link-with-blob-url-blocked-by-style-src-star.html: Renamed from LayoutTests/fast/dom/HTMLLinkElement/link-with-blob-url-blocked-by-csp-style-src-star.html.
* security/contentSecurityPolicy/link-with-data-url-allowed-by-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html: Renamed from LayoutTests/fast/dom/HTMLLinkElement/link-with-data-url-allowed-by-csp-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html.
* security/contentSecurityPolicy/link-with-data-url-allowed-by-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html: Renamed from LayoutTests/fast/dom/HTMLLinkElement/link-with-data-url-allowed-by-csp-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html.
* security/contentSecurityPolicy/link-with-data-url-blocked-by-style-src-star-expected.html: Renamed from LayoutTests/fast/dom/HTMLLinkElement/link-with-data-url-blocked-by-csp-style-src-star-expected.html.
* security/contentSecurityPolicy/link-with-data-url-blocked-by-style-src-star.html: Renamed from LayoutTests/fast/dom/HTMLLinkElement/link-with-data-url-blocked-by-csp-style-src-star.html.
* security/contentSecurityPolicy/link-with-file-url-allowed-by-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html: Renamed from LayoutTests/fast/dom/HTMLLinkElement/link-with-file-url-allowed-by-csp-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html.
* security/contentSecurityPolicy/link-with-file-url-allowed-by-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html: Renamed from LayoutTests/fast/dom/HTMLLinkElement/link-with-file-url-allowed-by-csp-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html.
* security/contentSecurityPolicy/link-with-file-url-blocked-by-style-src-star-expected.html: Renamed from LayoutTests/fast/dom/HTMLLinkElement/link-with-file-url-blocked-by-csp-style-src-star-expected.html.
* security/contentSecurityPolicy/link-with-file-url-blocked-by-style-src-star.html: Renamed from LayoutTests/fast/dom/HTMLLinkElement/link-with-file-url-blocked-by-csp-style-src-star.html.
* security/contentSecurityPolicy/resources/worker-inherits-blocks-eval.js: Renamed from LayoutTests/fast/workers/resources/worker-inherits-csp-blocks-eval.js.
(catch):
* security/contentSecurityPolicy/resources/worker-inherits-blocks-xhr.js: Renamed from LayoutTests/fast/workers/resources/worker-inherits-csp-blocks-xhr.js.
(catch):
* security/contentSecurityPolicy/video-with-blob-url-allowed-by-media-src-star-expected.html: Renamed from LayoutTests/media/video-with-blob-url-allowed-by-csp-media-src-star-expected.html.
* security/contentSecurityPolicy/video-with-blob-url-allowed-by-media-src-star.html: Renamed from LayoutTests/media/video-with-blob-url-allowed-by-csp-media-src-star.html.
* security/contentSecurityPolicy/video-with-data-url-allowed-by-media-src-star-expected.html: Renamed from LayoutTests/media/video-with-data-url-allowed-by-csp-media-src-star-expected.html.
* security/contentSecurityPolicy/video-with-data-url-allowed-by-media-src-star.html: Renamed from LayoutTests/media/video-with-data-url-allowed-by-csp-media-src-star.html.
* security/contentSecurityPolicy/video-with-file-url-allowed-by-media-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html: Renamed from LayoutTests/media/video-with-file-url-allowed-by-csp-media-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html.
* security/contentSecurityPolicy/video-with-file-url-allowed-by-media-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html: Renamed from LayoutTests/media/video-with-file-url-allowed-by-csp-media-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html.
* security/contentSecurityPolicy/video-with-file-url-blocked-by-media-src-star-expected.html: Renamed from LayoutTests/media/video-with-file-url-blocked-by-csp-media-src-star-expected.html.
* security/contentSecurityPolicy/video-with-file-url-blocked-by-media-src-star.html: Renamed from LayoutTests/media/video-with-file-url-blocked-by-csp-media-src-star.html.
* security/contentSecurityPolicy/worker-inherits-blocks-eval-expected.txt: Renamed from LayoutTests/fast/workers/worker-inherits-csp-blocks-eval-expected.txt.
* security/contentSecurityPolicy/worker-inherits-blocks-eval.html: Renamed from LayoutTests/fast/workers/worker-inherits-csp-blocks-eval.html.
* security/contentSecurityPolicy/worker-inherits-blocks-xhr-expected.txt: Renamed from LayoutTests/fast/workers/worker-inherits-csp-blocks-xhr-expected.txt.
* security/contentSecurityPolicy/worker-inherits-blocks-xhr.html: Renamed from LayoutTests/fast/workers/worker-inherits-csp-blocks-xhr.html.</pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkLayoutTestsChangeLog">trunk/LayoutTests/ChangeLog</a></li>
<li><a href="#trunkLayoutTestsplatformmacTestExpectations">trunk/LayoutTests/platform/mac/TestExpectations</a></li>
<li><a href="#trunkLayoutTestsplatformmacwk1TestExpectations">trunk/LayoutTests/platform/mac-wk1/TestExpectations</a></li>
<li><a href="#trunkLayoutTestsplatformwk2TestExpectations">trunk/LayoutTests/platform/wk2/TestExpectations</a></li>
</ul>
<h3>Added Paths</h3>
<ul>
<li>trunk/LayoutTests/security/contentSecurityPolicy/</li>
<li><a href="#trunkLayoutTestssecuritycontentSecurityPolicyblocksvideoexpectedtxt">trunk/LayoutTests/security/contentSecurityPolicy/blocks-video-expected.txt</a></li>
<li><a href="#trunkLayoutTestssecuritycontentSecurityPolicyblocksvideohtml">trunk/LayoutTests/security/contentSecurityPolicy/blocks-video.html</a></li>
<li><a href="#trunkLayoutTestssecuritycontentSecurityPolicyfontloadingblockallexpectedtxt">trunk/LayoutTests/security/contentSecurityPolicy/font-loading-block-all-expected.txt</a></li>
<li><a href="#trunkLayoutTestssecuritycontentSecurityPolicyfontloadingblockallhtml">trunk/LayoutTests/security/contentSecurityPolicy/font-loading-block-all.html</a></li>
<li><a href="#trunkLayoutTestssecuritycontentSecurityPolicyimagewithbloburlallowedbyimgsrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledexpectedhtml">trunk/LayoutTests/security/contentSecurityPolicy/image-with-blob-url-allowed-by-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html</a></li>
<li><a href="#trunkLayoutTestssecuritycontentSecurityPolicyimagewithbloburlallowedbyimgsrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledhtml">trunk/LayoutTests/security/contentSecurityPolicy/image-with-blob-url-allowed-by-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html</a></li>
<li><a href="#trunkLayoutTestssecuritycontentSecurityPolicyimagewithbloburlblockedbyimgsrcstarexpectedhtml">trunk/LayoutTests/security/contentSecurityPolicy/image-with-blob-url-blocked-by-img-src-star-expected.html</a></li>
<li><a href="#trunkLayoutTestssecuritycontentSecurityPolicyimagewithbloburlblockedbyimgsrcstarhtml">trunk/LayoutTests/security/contentSecurityPolicy/image-with-blob-url-blocked-by-img-src-star.html</a></li>
<li><a href="#trunkLayoutTestssecuritycontentSecurityPolicyimagewithdataurlallowedbyimgsrcstarexpectedhtml">trunk/LayoutTests/security/contentSecurityPolicy/image-with-data-url-allowed-by-img-src-star-expected.html</a></li>
<li><a href="#trunkLayoutTestssecuritycontentSecurityPolicyimagewithdataurlallowedbyimgsrcstarhtml">trunk/LayoutTests/security/contentSecurityPolicy/image-with-data-url-allowed-by-img-src-star.html</a></li>
<li><a href="#trunkLayoutTestssecuritycontentSecurityPolicyimagewithfileurlallowedbyimgsrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledexpectedhtml">trunk/LayoutTests/security/contentSecurityPolicy/image-with-file-url-allowed-by-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html</a></li>
<li><a href="#trunkLayoutTestssecuritycontentSecurityPolicyimagewithfileurlallowedbyimgsrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledhtml">trunk/LayoutTests/security/contentSecurityPolicy/image-with-file-url-allowed-by-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html</a></li>
<li><a href="#trunkLayoutTestssecuritycontentSecurityPolicyimagewithfileurlblockedbyimgsrcstarexpectedhtml">trunk/LayoutTests/security/contentSecurityPolicy/image-with-file-url-blocked-by-img-src-star-expected.html</a></li>
<li><a href="#trunkLayoutTestssecuritycontentSecurityPolicyimagewithfileurlblockedbyimgsrcstarhtml">trunk/LayoutTests/security/contentSecurityPolicy/image-with-file-url-blocked-by-img-src-star.html</a></li>
<li><a href="#trunkLayoutTestssecuritycontentSecurityPolicylinkwithbloburlallowedbystylesrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledexpectedhtml">trunk/LayoutTests/security/contentSecurityPolicy/link-with-blob-url-allowed-by-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html</a></li>
<li><a href="#trunkLayoutTestssecuritycontentSecurityPolicylinkwithbloburlallowedbystylesrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledhtml">trunk/LayoutTests/security/contentSecurityPolicy/link-with-blob-url-allowed-by-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html</a></li>
<li><a href="#trunkLayoutTestssecuritycontentSecurityPolicylinkwithbloburlblockedbystylesrcstarexpectedhtml">trunk/LayoutTests/security/contentSecurityPolicy/link-with-blob-url-blocked-by-style-src-star-expected.html</a></li>
<li><a href="#trunkLayoutTestssecuritycontentSecurityPolicylinkwithbloburlblockedbystylesrcstarhtml">trunk/LayoutTests/security/contentSecurityPolicy/link-with-blob-url-blocked-by-style-src-star.html</a></li>
<li><a href="#trunkLayoutTestssecuritycontentSecurityPolicylinkwithdataurlallowedbystylesrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledexpectedhtml">trunk/LayoutTests/security/contentSecurityPolicy/link-with-data-url-allowed-by-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html</a></li>
<li><a href="#trunkLayoutTestssecuritycontentSecurityPolicylinkwithdataurlallowedbystylesrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledhtml">trunk/LayoutTests/security/contentSecurityPolicy/link-with-data-url-allowed-by-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html</a></li>
<li><a href="#trunkLayoutTestssecuritycontentSecurityPolicylinkwithdataurlblockedbystylesrcstarexpectedhtml">trunk/LayoutTests/security/contentSecurityPolicy/link-with-data-url-blocked-by-style-src-star-expected.html</a></li>
<li><a href="#trunkLayoutTestssecuritycontentSecurityPolicylinkwithdataurlblockedbystylesrcstarhtml">trunk/LayoutTests/security/contentSecurityPolicy/link-with-data-url-blocked-by-style-src-star.html</a></li>
<li><a href="#trunkLayoutTestssecuritycontentSecurityPolicylinkwithfileurlallowedbystylesrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledexpectedhtml">trunk/LayoutTests/security/contentSecurityPolicy/link-with-file-url-allowed-by-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html</a></li>
<li><a href="#trunkLayoutTestssecuritycontentSecurityPolicylinkwithfileurlallowedbystylesrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledhtml">trunk/LayoutTests/security/contentSecurityPolicy/link-with-file-url-allowed-by-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html</a></li>
<li><a href="#trunkLayoutTestssecuritycontentSecurityPolicylinkwithfileurlblockedbystylesrcstarexpectedhtml">trunk/LayoutTests/security/contentSecurityPolicy/link-with-file-url-blocked-by-style-src-star-expected.html</a></li>
<li><a href="#trunkLayoutTestssecuritycontentSecurityPolicylinkwithfileurlblockedbystylesrcstarhtml">trunk/LayoutTests/security/contentSecurityPolicy/link-with-file-url-blocked-by-style-src-star.html</a></li>
<li>trunk/LayoutTests/security/contentSecurityPolicy/resources/</li>
<li><a href="#trunkLayoutTestssecuritycontentSecurityPolicyresourcesworkerinheritsblocksevaljs">trunk/LayoutTests/security/contentSecurityPolicy/resources/worker-inherits-blocks-eval.js</a></li>
<li><a href="#trunkLayoutTestssecuritycontentSecurityPolicyresourcesworkerinheritsblocksxhrjs">trunk/LayoutTests/security/contentSecurityPolicy/resources/worker-inherits-blocks-xhr.js</a></li>
<li><a href="#trunkLayoutTestssecuritycontentSecurityPolicyvideowithbloburlallowedbymediasrcstarexpectedhtml">trunk/LayoutTests/security/contentSecurityPolicy/video-with-blob-url-allowed-by-media-src-star-expected.html</a></li>
<li><a href="#trunkLayoutTestssecuritycontentSecurityPolicyvideowithbloburlallowedbymediasrcstarhtml">trunk/LayoutTests/security/contentSecurityPolicy/video-with-blob-url-allowed-by-media-src-star.html</a></li>
<li><a href="#trunkLayoutTestssecuritycontentSecurityPolicyvideowithdataurlallowedbymediasrcstarexpectedhtml">trunk/LayoutTests/security/contentSecurityPolicy/video-with-data-url-allowed-by-media-src-star-expected.html</a></li>
<li><a href="#trunkLayoutTestssecuritycontentSecurityPolicyvideowithdataurlallowedbymediasrcstarhtml">trunk/LayoutTests/security/contentSecurityPolicy/video-with-data-url-allowed-by-media-src-star.html</a></li>
<li><a href="#trunkLayoutTestssecuritycontentSecurityPolicyvideowithfileurlallowedbymediasrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledexpectedhtml">trunk/LayoutTests/security/contentSecurityPolicy/video-with-file-url-allowed-by-media-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html</a></li>
<li><a href="#trunkLayoutTestssecuritycontentSecurityPolicyvideowithfileurlallowedbymediasrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledhtml">trunk/LayoutTests/security/contentSecurityPolicy/video-with-file-url-allowed-by-media-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html</a></li>
<li><a href="#trunkLayoutTestssecuritycontentSecurityPolicyvideowithfileurlblockedbymediasrcstarexpectedhtml">trunk/LayoutTests/security/contentSecurityPolicy/video-with-file-url-blocked-by-media-src-star-expected.html</a></li>
<li><a href="#trunkLayoutTestssecuritycontentSecurityPolicyvideowithfileurlblockedbymediasrcstarhtml">trunk/LayoutTests/security/contentSecurityPolicy/video-with-file-url-blocked-by-media-src-star.html</a></li>
<li><a href="#trunkLayoutTestssecuritycontentSecurityPolicyworkerinheritsblocksevalexpectedtxt">trunk/LayoutTests/security/contentSecurityPolicy/worker-inherits-blocks-eval-expected.txt</a></li>
<li><a href="#trunkLayoutTestssecuritycontentSecurityPolicyworkerinheritsblocksevalhtml">trunk/LayoutTests/security/contentSecurityPolicy/worker-inherits-blocks-eval.html</a></li>
<li><a href="#trunkLayoutTestssecuritycontentSecurityPolicyworkerinheritsblocksxhrexpectedtxt">trunk/LayoutTests/security/contentSecurityPolicy/worker-inherits-blocks-xhr-expected.txt</a></li>
<li><a href="#trunkLayoutTestssecuritycontentSecurityPolicyworkerinheritsblocksxhrhtml">trunk/LayoutTests/security/contentSecurityPolicy/worker-inherits-blocks-xhr.html</a></li>
</ul>
<h3>Removed Paths</h3>
<ul>
<li><a href="#trunkLayoutTestsfastdomHTMLImageElementimagewithbloburlallowedbycspimgsrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledexpectedhtml">trunk/LayoutTests/fast/dom/HTMLImageElement/image-with-blob-url-allowed-by-csp-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html</a></li>
<li><a href="#trunkLayoutTestsfastdomHTMLImageElementimagewithbloburlallowedbycspimgsrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledhtml">trunk/LayoutTests/fast/dom/HTMLImageElement/image-with-blob-url-allowed-by-csp-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html</a></li>
<li><a href="#trunkLayoutTestsfastdomHTMLImageElementimagewithbloburlblockedbycspimgsrcstarexpectedhtml">trunk/LayoutTests/fast/dom/HTMLImageElement/image-with-blob-url-blocked-by-csp-img-src-star-expected.html</a></li>
<li><a href="#trunkLayoutTestsfastdomHTMLImageElementimagewithbloburlblockedbycspimgsrcstarhtml">trunk/LayoutTests/fast/dom/HTMLImageElement/image-with-blob-url-blocked-by-csp-img-src-star.html</a></li>
<li><a href="#trunkLayoutTestsfastdomHTMLImageElementimagewithdataurlallowedbycspimgsrcstarexpectedhtml">trunk/LayoutTests/fast/dom/HTMLImageElement/image-with-data-url-allowed-by-csp-img-src-star-expected.html</a></li>
<li><a href="#trunkLayoutTestsfastdomHTMLImageElementimagewithdataurlallowedbycspimgsrcstarhtml">trunk/LayoutTests/fast/dom/HTMLImageElement/image-with-data-url-allowed-by-csp-img-src-star.html</a></li>
<li><a href="#trunkLayoutTestsfastdomHTMLImageElementimagewithfileurlallowedbycspimgsrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledexpectedhtml">trunk/LayoutTests/fast/dom/HTMLImageElement/image-with-file-url-allowed-by-csp-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html</a></li>
<li><a href="#trunkLayoutTestsfastdomHTMLImageElementimagewithfileurlallowedbycspimgsrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledhtml">trunk/LayoutTests/fast/dom/HTMLImageElement/image-with-file-url-allowed-by-csp-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html</a></li>
<li><a href="#trunkLayoutTestsfastdomHTMLImageElementimagewithfileurlblockedbycspimgsrcstarexpectedhtml">trunk/LayoutTests/fast/dom/HTMLImageElement/image-with-file-url-blocked-by-csp-img-src-star-expected.html</a></li>
<li><a href="#trunkLayoutTestsfastdomHTMLImageElementimagewithfileurlblockedbycspimgsrcstarhtml">trunk/LayoutTests/fast/dom/HTMLImageElement/image-with-file-url-blocked-by-csp-img-src-star.html</a></li>
<li><a href="#trunkLayoutTestsfastdomHTMLLinkElementlinkwithbloburlallowedbycspstylesrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledexpectedhtml">trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-blob-url-allowed-by-csp-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html</a></li>
<li><a href="#trunkLayoutTestsfastdomHTMLLinkElementlinkwithbloburlallowedbycspstylesrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledhtml">trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-blob-url-allowed-by-csp-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html</a></li>
<li><a href="#trunkLayoutTestsfastdomHTMLLinkElementlinkwithbloburlblockedbycspstylesrcstarexpectedhtml">trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-blob-url-blocked-by-csp-style-src-star-expected.html</a></li>
<li><a href="#trunkLayoutTestsfastdomHTMLLinkElementlinkwithbloburlblockedbycspstylesrcstarhtml">trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-blob-url-blocked-by-csp-style-src-star.html</a></li>
<li><a href="#trunkLayoutTestsfastdomHTMLLinkElementlinkwithdataurlallowedbycspstylesrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledexpectedhtml">trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-data-url-allowed-by-csp-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html</a></li>
<li><a href="#trunkLayoutTestsfastdomHTMLLinkElementlinkwithdataurlallowedbycspstylesrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledhtml">trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-data-url-allowed-by-csp-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html</a></li>
<li><a href="#trunkLayoutTestsfastdomHTMLLinkElementlinkwithdataurlblockedbycspstylesrcstarexpectedhtml">trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-data-url-blocked-by-csp-style-src-star-expected.html</a></li>
<li><a href="#trunkLayoutTestsfastdomHTMLLinkElementlinkwithdataurlblockedbycspstylesrcstarhtml">trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-data-url-blocked-by-csp-style-src-star.html</a></li>
<li><a href="#trunkLayoutTestsfastdomHTMLLinkElementlinkwithfileurlallowedbycspstylesrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledexpectedhtml">trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-file-url-allowed-by-csp-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html</a></li>
<li><a href="#trunkLayoutTestsfastdomHTMLLinkElementlinkwithfileurlallowedbycspstylesrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledhtml">trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-file-url-allowed-by-csp-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html</a></li>
<li><a href="#trunkLayoutTestsfastdomHTMLLinkElementlinkwithfileurlblockedbycspstylesrcstarexpectedhtml">trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-file-url-blocked-by-csp-style-src-star-expected.html</a></li>
<li><a href="#trunkLayoutTestsfastdomHTMLLinkElementlinkwithfileurlblockedbycspstylesrcstarhtml">trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-file-url-blocked-by-csp-style-src-star.html</a></li>
<li><a href="#trunkLayoutTestsfasttextfontloadingcspblockallexpectedtxt">trunk/LayoutTests/fast/text/font-loading-csp-block-all-expected.txt</a></li>
<li><a href="#trunkLayoutTestsfasttextfontloadingcspblockallhtml">trunk/LayoutTests/fast/text/font-loading-csp-block-all.html</a></li>
<li><a href="#trunkLayoutTestsfastworkersresourcesworkerinheritscspblocksevaljs">trunk/LayoutTests/fast/workers/resources/worker-inherits-csp-blocks-eval.js</a></li>
<li><a href="#trunkLayoutTestsfastworkersresourcesworkerinheritscspblocksxhrjs">trunk/LayoutTests/fast/workers/resources/worker-inherits-csp-blocks-xhr.js</a></li>
<li><a href="#trunkLayoutTestsfastworkersworkerinheritscspblocksevalexpectedtxt">trunk/LayoutTests/fast/workers/worker-inherits-csp-blocks-eval-expected.txt</a></li>
<li><a href="#trunkLayoutTestsfastworkersworkerinheritscspblocksevalhtml">trunk/LayoutTests/fast/workers/worker-inherits-csp-blocks-eval.html</a></li>
<li><a href="#trunkLayoutTestsfastworkersworkerinheritscspblocksxhrexpectedtxt">trunk/LayoutTests/fast/workers/worker-inherits-csp-blocks-xhr-expected.txt</a></li>
<li><a href="#trunkLayoutTestsfastworkersworkerinheritscspblocksxhrhtml">trunk/LayoutTests/fast/workers/worker-inherits-csp-blocks-xhr.html</a></li>
<li><a href="#trunkLayoutTestsmediacspblocksvideoexpectedtxt">trunk/LayoutTests/media/csp-blocks-video-expected.txt</a></li>
<li><a href="#trunkLayoutTestsmediacspblocksvideohtml">trunk/LayoutTests/media/csp-blocks-video.html</a></li>
<li><a href="#trunkLayoutTestsmediavideowithbloburlallowedbycspmediasrcstarexpectedhtml">trunk/LayoutTests/media/video-with-blob-url-allowed-by-csp-media-src-star-expected.html</a></li>
<li><a href="#trunkLayoutTestsmediavideowithbloburlallowedbycspmediasrcstarhtml">trunk/LayoutTests/media/video-with-blob-url-allowed-by-csp-media-src-star.html</a></li>
<li><a href="#trunkLayoutTestsmediavideowithdataurlallowedbycspmediasrcstarexpectedhtml">trunk/LayoutTests/media/video-with-data-url-allowed-by-csp-media-src-star-expected.html</a></li>
<li><a href="#trunkLayoutTestsmediavideowithdataurlallowedbycspmediasrcstarhtml">trunk/LayoutTests/media/video-with-data-url-allowed-by-csp-media-src-star.html</a></li>
<li><a href="#trunkLayoutTestsmediavideowithfileurlallowedbycspmediasrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledexpectedhtml">trunk/LayoutTests/media/video-with-file-url-allowed-by-csp-media-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html</a></li>
<li><a href="#trunkLayoutTestsmediavideowithfileurlallowedbycspmediasrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledhtml">trunk/LayoutTests/media/video-with-file-url-allowed-by-csp-media-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html</a></li>
<li><a href="#trunkLayoutTestsmediavideowithfileurlblockedbycspmediasrcstarexpectedhtml">trunk/LayoutTests/media/video-with-file-url-blocked-by-csp-media-src-star-expected.html</a></li>
<li><a href="#trunkLayoutTestsmediavideowithfileurlblockedbycspmediasrcstarhtml">trunk/LayoutTests/media/video-with-file-url-blocked-by-csp-media-src-star.html</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkLayoutTestsChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/ChangeLog (202149 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/ChangeLog        2016-06-17 00:00:40 UTC (rev 202149)
+++ trunk/LayoutTests/ChangeLog        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -1,3 +1,56 @@
</span><ins>+2016-06-16 Jiewen Tan <jiewen_tan@apple.com>
+
+ Move most of CSP tests into security/contentSecurityPolicy/
+ https://bugs.webkit.org/show_bug.cgi?id=158859
+
+ Reviewed by Daniel Bates.
+
+ * platform/mac-wk1/TestExpectations:
+ * platform/mac/TestExpectations:
+ * platform/wk2/TestExpectations:
+ * security/contentSecurityPolicy/blocks-video-expected.txt: Renamed from LayoutTests/media/csp-blocks-video-expected.txt.
+ * security/contentSecurityPolicy/blocks-video.html: Renamed from LayoutTests/media/csp-blocks-video.html.
+ * security/contentSecurityPolicy/font-loading-block-all-expected.txt: Renamed from LayoutTests/fast/text/font-loading-csp-block-all-expected.txt.
+ * security/contentSecurityPolicy/font-loading-block-all.html: Renamed from LayoutTests/fast/text/font-loading-csp-block-all.html.
+ * security/contentSecurityPolicy/image-with-blob-url-allowed-by-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html: Renamed from LayoutTests/fast/dom/HTMLImageElement/image-with-blob-url-allowed-by-csp-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html.
+ * security/contentSecurityPolicy/image-with-blob-url-allowed-by-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html: Renamed from LayoutTests/fast/dom/HTMLImageElement/image-with-blob-url-allowed-by-csp-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html.
+ * security/contentSecurityPolicy/image-with-blob-url-blocked-by-img-src-star-expected.html: Renamed from LayoutTests/fast/dom/HTMLImageElement/image-with-blob-url-blocked-by-csp-img-src-star-expected.html.
+ * security/contentSecurityPolicy/image-with-blob-url-blocked-by-img-src-star.html: Renamed from LayoutTests/fast/dom/HTMLImageElement/image-with-blob-url-blocked-by-csp-img-src-star.html.
+ * security/contentSecurityPolicy/image-with-data-url-allowed-by-img-src-star-expected.html: Renamed from LayoutTests/fast/dom/HTMLImageElement/image-with-data-url-allowed-by-csp-img-src-star-expected.html.
+ * security/contentSecurityPolicy/image-with-data-url-allowed-by-img-src-star.html: Renamed from LayoutTests/fast/dom/HTMLImageElement/image-with-data-url-allowed-by-csp-img-src-star.html.
+ * security/contentSecurityPolicy/image-with-file-url-allowed-by-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html: Renamed from LayoutTests/fast/dom/HTMLImageElement/image-with-file-url-allowed-by-csp-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html.
+ * security/contentSecurityPolicy/image-with-file-url-allowed-by-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html: Renamed from LayoutTests/fast/dom/HTMLImageElement/image-with-file-url-allowed-by-csp-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html.
+ * security/contentSecurityPolicy/image-with-file-url-blocked-by-img-src-star-expected.html: Renamed from LayoutTests/fast/dom/HTMLImageElement/image-with-file-url-blocked-by-csp-img-src-star-expected.html.
+ * security/contentSecurityPolicy/image-with-file-url-blocked-by-img-src-star.html: Renamed from LayoutTests/fast/dom/HTMLImageElement/image-with-file-url-blocked-by-csp-img-src-star.html.
+ * security/contentSecurityPolicy/link-with-blob-url-allowed-by-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html: Renamed from LayoutTests/fast/dom/HTMLLinkElement/link-with-blob-url-allowed-by-csp-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html.
+ * security/contentSecurityPolicy/link-with-blob-url-allowed-by-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html: Renamed from LayoutTests/fast/dom/HTMLLinkElement/link-with-blob-url-allowed-by-csp-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html.
+ * security/contentSecurityPolicy/link-with-blob-url-blocked-by-style-src-star-expected.html: Renamed from LayoutTests/fast/dom/HTMLLinkElement/link-with-blob-url-blocked-by-csp-style-src-star-expected.html.
+ * security/contentSecurityPolicy/link-with-blob-url-blocked-by-style-src-star.html: Renamed from LayoutTests/fast/dom/HTMLLinkElement/link-with-blob-url-blocked-by-csp-style-src-star.html.
+ * security/contentSecurityPolicy/link-with-data-url-allowed-by-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html: Renamed from LayoutTests/fast/dom/HTMLLinkElement/link-with-data-url-allowed-by-csp-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html.
+ * security/contentSecurityPolicy/link-with-data-url-allowed-by-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html: Renamed from LayoutTests/fast/dom/HTMLLinkElement/link-with-data-url-allowed-by-csp-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html.
+ * security/contentSecurityPolicy/link-with-data-url-blocked-by-style-src-star-expected.html: Renamed from LayoutTests/fast/dom/HTMLLinkElement/link-with-data-url-blocked-by-csp-style-src-star-expected.html.
+ * security/contentSecurityPolicy/link-with-data-url-blocked-by-style-src-star.html: Renamed from LayoutTests/fast/dom/HTMLLinkElement/link-with-data-url-blocked-by-csp-style-src-star.html.
+ * security/contentSecurityPolicy/link-with-file-url-allowed-by-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html: Renamed from LayoutTests/fast/dom/HTMLLinkElement/link-with-file-url-allowed-by-csp-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html.
+ * security/contentSecurityPolicy/link-with-file-url-allowed-by-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html: Renamed from LayoutTests/fast/dom/HTMLLinkElement/link-with-file-url-allowed-by-csp-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html.
+ * security/contentSecurityPolicy/link-with-file-url-blocked-by-style-src-star-expected.html: Renamed from LayoutTests/fast/dom/HTMLLinkElement/link-with-file-url-blocked-by-csp-style-src-star-expected.html.
+ * security/contentSecurityPolicy/link-with-file-url-blocked-by-style-src-star.html: Renamed from LayoutTests/fast/dom/HTMLLinkElement/link-with-file-url-blocked-by-csp-style-src-star.html.
+ * security/contentSecurityPolicy/resources/worker-inherits-blocks-eval.js: Renamed from LayoutTests/fast/workers/resources/worker-inherits-csp-blocks-eval.js.
+ (catch):
+ * security/contentSecurityPolicy/resources/worker-inherits-blocks-xhr.js: Renamed from LayoutTests/fast/workers/resources/worker-inherits-csp-blocks-xhr.js.
+ (catch):
+ * security/contentSecurityPolicy/video-with-blob-url-allowed-by-media-src-star-expected.html: Renamed from LayoutTests/media/video-with-blob-url-allowed-by-csp-media-src-star-expected.html.
+ * security/contentSecurityPolicy/video-with-blob-url-allowed-by-media-src-star.html: Renamed from LayoutTests/media/video-with-blob-url-allowed-by-csp-media-src-star.html.
+ * security/contentSecurityPolicy/video-with-data-url-allowed-by-media-src-star-expected.html: Renamed from LayoutTests/media/video-with-data-url-allowed-by-csp-media-src-star-expected.html.
+ * security/contentSecurityPolicy/video-with-data-url-allowed-by-media-src-star.html: Renamed from LayoutTests/media/video-with-data-url-allowed-by-csp-media-src-star.html.
+ * security/contentSecurityPolicy/video-with-file-url-allowed-by-media-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html: Renamed from LayoutTests/media/video-with-file-url-allowed-by-csp-media-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html.
+ * security/contentSecurityPolicy/video-with-file-url-allowed-by-media-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html: Renamed from LayoutTests/media/video-with-file-url-allowed-by-csp-media-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html.
+ * security/contentSecurityPolicy/video-with-file-url-blocked-by-media-src-star-expected.html: Renamed from LayoutTests/media/video-with-file-url-blocked-by-csp-media-src-star-expected.html.
+ * security/contentSecurityPolicy/video-with-file-url-blocked-by-media-src-star.html: Renamed from LayoutTests/media/video-with-file-url-blocked-by-csp-media-src-star.html.
+ * security/contentSecurityPolicy/worker-inherits-blocks-eval-expected.txt: Renamed from LayoutTests/fast/workers/worker-inherits-csp-blocks-eval-expected.txt.
+ * security/contentSecurityPolicy/worker-inherits-blocks-eval.html: Renamed from LayoutTests/fast/workers/worker-inherits-csp-blocks-eval.html.
+ * security/contentSecurityPolicy/worker-inherits-blocks-xhr-expected.txt: Renamed from LayoutTests/fast/workers/worker-inherits-csp-blocks-xhr-expected.txt.
+ * security/contentSecurityPolicy/worker-inherits-blocks-xhr.html: Renamed from LayoutTests/fast/workers/worker-inherits-csp-blocks-xhr.html.
+
</ins><span class="cx"> 2016-06-16 Simon Fraser <simon.fraser@apple.com>
</span><span class="cx">
</span><span class="cx"> Focus event dispatched in iframe causes parent document to scroll incorrectly
</span></span></pre></div>
<a id="trunkLayoutTestsfastdomHTMLImageElementimagewithbloburlallowedbycspimgsrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledexpectedhtml"></a>
<div class="delfile"><h4>Deleted: trunk/LayoutTests/fast/dom/HTMLImageElement/image-with-blob-url-allowed-by-csp-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html (202149 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/fast/dom/HTMLImageElement/image-with-blob-url-allowed-by-csp-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html        2016-06-17 00:00:40 UTC (rev 202149)
+++ trunk/LayoutTests/fast/dom/HTMLImageElement/image-with-blob-url-allowed-by-csp-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -1,7 +0,0 @@
</span><del>-<!DOCTYPE html>
-<html>
-<body>
-<p>This tests that loading image with a blob URL is allowed when the page has Content Security Policy &quot;image-src *&quot; and the WebKit setting AllowContentSecurityPolicySourceStarToMatchAnyProtocol is enabled. To run this test by hand, select an image file. This test PASSED if the image loads. Otherwise, it FAILED.</p>
-<img width="128" height="128" src="../resources/abe.png">
-</body>
-</html>
</del></span></pre></div>
<a id="trunkLayoutTestsfastdomHTMLImageElementimagewithbloburlallowedbycspimgsrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledhtml"></a>
<div class="delfile"><h4>Deleted: trunk/LayoutTests/fast/dom/HTMLImageElement/image-with-blob-url-allowed-by-csp-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html (202149 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/fast/dom/HTMLImageElement/image-with-blob-url-allowed-by-csp-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html        2016-06-17 00:00:40 UTC (rev 202149)
+++ trunk/LayoutTests/fast/dom/HTMLImageElement/image-with-blob-url-allowed-by-csp-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -1,59 +0,0 @@
</span><del>-<!DOCTYPE html>
-<html>
-<head>
-<meta http-equiv="Content-Security-Policy" content="img-src *">
-</head>
-<script>
-if (window.testRunner)
- testRunner.waitUntilDone();
-
-if (window.internals && window.internals.settings)
- internals.settings.setAllowContentSecurityPolicySourceStarToMatchAnyProtocol(true);
-
-var fileInput;
-
-function testFinished()
-{
- if (window.testRunner)
- testRunner.notifyDone();
-}
-
-function loadImage(event)
-{
- var image = document.createElement("img");
- image.height = "128";
- image.width = "128";
- image.alt = "FAIL";
- image.onload = testFinished;
- image.onerror = testFinished;
- image.src = window.URL.createObjectURL(event.target.files[0]);
-
- document.body.removeChild(fileInput);
- document.body.appendChild(image);
-}
-
-function runTest()
-{
- if (!window.eventSender)
- return;
-
- var x = fileInput.offsetLeft + fileInput.offsetWidth / 2;
- var y = fileInput.offsetTop + fileInput.offsetHeight / 2;
-
- eventSender.beginDragWithFiles(["../resources/abe.png"]);
- eventSender.mouseMoveTo(x, y);
- eventSender.mouseUp();
-}
-
-window.onload = function ()
-{
- fileInput = document.getElementById("file");
- fileInput.onchange = loadImage;
- runTest();
-}
-</script>
-<body>
-<p>This tests that loading image with a blob URL is allowed when the page has Content Security Policy &quot;image-src *&quot; and the WebKit setting AllowContentSecurityPolicySourceStarToMatchAnyProtocol is enabled. To run this test by hand, select an image file. This test PASSED if the image loads. Otherwise, it FAILED.</p>
-<input type="file" id="file" accept="image/*">
-</body>
-</html>
</del></span></pre></div>
<a id="trunkLayoutTestsfastdomHTMLImageElementimagewithbloburlblockedbycspimgsrcstarexpectedhtml"></a>
<div class="delfile"><h4>Deleted: trunk/LayoutTests/fast/dom/HTMLImageElement/image-with-blob-url-blocked-by-csp-img-src-star-expected.html (202149 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/fast/dom/HTMLImageElement/image-with-blob-url-blocked-by-csp-img-src-star-expected.html        2016-06-17 00:00:40 UTC (rev 202149)
+++ trunk/LayoutTests/fast/dom/HTMLImageElement/image-with-blob-url-blocked-by-csp-img-src-star-expected.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -1,7 +0,0 @@
</span><del>-<!DOCTYPE html>
-<html>
-<body>
-<p>This tests that loading image with a blob URL is blocked when the page has Content Security Policy &quot;image-src *&quot;. To run this test by hand, select an image file. This test PASSED if you see the word PASS below. Otherwise, it FAILED.</p>
-<img width="128" height="128" alt="PASS">
-</body>
-</html>
</del></span></pre></div>
<a id="trunkLayoutTestsfastdomHTMLImageElementimagewithbloburlblockedbycspimgsrcstarhtml"></a>
<div class="delfile"><h4>Deleted: trunk/LayoutTests/fast/dom/HTMLImageElement/image-with-blob-url-blocked-by-csp-img-src-star.html (202149 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/fast/dom/HTMLImageElement/image-with-blob-url-blocked-by-csp-img-src-star.html        2016-06-17 00:00:40 UTC (rev 202149)
+++ trunk/LayoutTests/fast/dom/HTMLImageElement/image-with-blob-url-blocked-by-csp-img-src-star.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -1,56 +0,0 @@
</span><del>-<!DOCTYPE html>
-<html>
-<head>
-<meta http-equiv="Content-Security-Policy" content="img-src *">
-</head>
-<script>
-if (window.testRunner)
- testRunner.waitUntilDone();
-
-var fileInput;
-
-function testFinished()
-{
- if (window.testRunner)
- testRunner.notifyDone();
-}
-
-function loadImage(event)
-{
- var image = document.createElement("img");
- image.height = "128";
- image.width = "128";
- image.alt = "PASS";
- image.onload = testFinished;
- image.onerror = testFinished;
- image.src = window.URL.createObjectURL(event.target.files[0]);
-
- document.body.removeChild(fileInput);
- document.body.appendChild(image);
-}
-
-function runTest()
-{
- if (!window.eventSender)
- return;
-
- var x = fileInput.offsetLeft + fileInput.offsetWidth / 2;
- var y = fileInput.offsetTop + fileInput.offsetHeight / 2;
-
- eventSender.beginDragWithFiles(["../resources/abe.png"]);
- eventSender.mouseMoveTo(x, y);
- eventSender.mouseUp();
-}
-
-window.onload = function ()
-{
- fileInput = document.getElementById("file");
- fileInput.onchange = loadImage;
- runTest();
-}
-</script>
-<body>
-<p>This tests that loading image with a blob URL is blocked when the page has Content Security Policy &quot;image-src *&quot;. To run this test by hand, select an image file. This test PASSED if you see the word PASS below. Otherwise, it FAILED.</p>
-<input type="file" id="file" accept="image/*">
-</body>
-</html>
</del></span></pre></div>
<a id="trunkLayoutTestsfastdomHTMLImageElementimagewithdataurlallowedbycspimgsrcstarexpectedhtml"></a>
<div class="delfile"><h4>Deleted: trunk/LayoutTests/fast/dom/HTMLImageElement/image-with-data-url-allowed-by-csp-img-src-star-expected.html (202149 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/fast/dom/HTMLImageElement/image-with-data-url-allowed-by-csp-img-src-star-expected.html        2016-06-17 00:00:40 UTC (rev 202149)
+++ trunk/LayoutTests/fast/dom/HTMLImageElement/image-with-data-url-allowed-by-csp-img-src-star-expected.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -1,7 +0,0 @@
</span><del>-<!DOCTYPE html>
-<html>
-<body>
-<p>This tests that loading image with a data URL is blocked when the page has Content Security Policy &quot;image-src *&quot;. This test PASSED if you see a green square below. Otherwise, it FAILED.</p>
-<img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAADwAAAA8CAIAAAC1nk4lAAAAAXNSR0IArs4c6QAAAAlwSFlzAAALEwAACxMBAJqcGAAAAAd0SU1FB9oFFQg4GNq2yCEAAAAZdEVYdENvbW1lbnQAQ3JlYXRlZCB3aXRoIEdJTVBXgQ4XAAAAR0lEQVRo3u3OQQ0AAAgEoNPkRjeFDzdIQGXyTifS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0vcWUo0A+IZA5H8AAAAASUVORK5CYII=" width="128" height="128">
-</body>
-</html>
</del></span></pre></div>
<a id="trunkLayoutTestsfastdomHTMLImageElementimagewithdataurlallowedbycspimgsrcstarhtml"></a>
<div class="delfile"><h4>Deleted: trunk/LayoutTests/fast/dom/HTMLImageElement/image-with-data-url-allowed-by-csp-img-src-star.html (202149 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/fast/dom/HTMLImageElement/image-with-data-url-allowed-by-csp-img-src-star.html        2016-06-17 00:00:40 UTC (rev 202149)
+++ trunk/LayoutTests/fast/dom/HTMLImageElement/image-with-data-url-allowed-by-csp-img-src-star.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -1,10 +0,0 @@
</span><del>-<!DOCTYPE html>
-<html>
-<head>
-<meta http-equiv="Content-Security-Policy" content="img-src *">
-</head>
-<body>
-<p>This tests that loading image with a data URL is blocked when the page has Content Security Policy &quot;image-src *&quot;. This test PASSED if you see a green square below. Otherwise, it FAILED.</p>
-<img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAADwAAAA8CAIAAAC1nk4lAAAAAXNSR0IArs4c6QAAAAlwSFlzAAALEwAACxMBAJqcGAAAAAd0SU1FB9oFFQg4GNq2yCEAAAAZdEVYdENvbW1lbnQAQ3JlYXRlZCB3aXRoIEdJTVBXgQ4XAAAAR0lEQVRo3u3OQQ0AAAgEoNPkRjeFDzdIQGXyTifS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0vcWUo0A+IZA5H8AAAAASUVORK5CYII=" width="128" height="128">
-</body>
-</html>
</del></span></pre></div>
<a id="trunkLayoutTestsfastdomHTMLImageElementimagewithfileurlallowedbycspimgsrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledexpectedhtml"></a>
<div class="delfile"><h4>Deleted: trunk/LayoutTests/fast/dom/HTMLImageElement/image-with-file-url-allowed-by-csp-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html (202149 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/fast/dom/HTMLImageElement/image-with-file-url-allowed-by-csp-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html        2016-06-17 00:00:40 UTC (rev 202149)
+++ trunk/LayoutTests/fast/dom/HTMLImageElement/image-with-file-url-allowed-by-csp-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -1,7 +0,0 @@
</span><del>-<!DOCTYPE html>
-<html>
-<body>
-<p>This tests that loading image with a file URL is allowed when the page has Content Security Policy &quot;image-src *&quot; and the WebKit setting AllowContentSecurityPolicySourceStarToMatchAnyProtocol is enabled. This test PASSED if you see a green square below. Otherwise, it FAILED.</p>
-<img src="resources/green.png" width="128" height="128">
-</body>
-</html>
</del></span></pre></div>
<a id="trunkLayoutTestsfastdomHTMLImageElementimagewithfileurlallowedbycspimgsrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledhtml"></a>
<div class="delfile"><h4>Deleted: trunk/LayoutTests/fast/dom/HTMLImageElement/image-with-file-url-allowed-by-csp-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html (202149 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/fast/dom/HTMLImageElement/image-with-file-url-allowed-by-csp-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html        2016-06-17 00:00:40 UTC (rev 202149)
+++ trunk/LayoutTests/fast/dom/HTMLImageElement/image-with-file-url-allowed-by-csp-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -1,14 +0,0 @@
</span><del>-<!DOCTYPE html>
-<html>
-<head>
-<meta http-equiv="Content-Security-Policy" content="img-src *">
-<script>
-if (window.internals && window.internals.settings)
- internals.settings.setAllowContentSecurityPolicySourceStarToMatchAnyProtocol(true);
-</script>
-</head>
-<body>
-<p>This tests that loading image with a file URL is allowed when the page has Content Security Policy &quot;image-src *&quot; and the WebKit setting AllowContentSecurityPolicySourceStarToMatchAnyProtocol is enabled. This test PASSED if you see a green square below. Otherwise, it FAILED.</p>
-<img src="resources/green.png" width="128" height="128" alt="FAIL">
-</body>
-</html>
</del></span></pre></div>
<a id="trunkLayoutTestsfastdomHTMLImageElementimagewithfileurlblockedbycspimgsrcstarexpectedhtml"></a>
<div class="delfile"><h4>Deleted: trunk/LayoutTests/fast/dom/HTMLImageElement/image-with-file-url-blocked-by-csp-img-src-star-expected.html (202149 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/fast/dom/HTMLImageElement/image-with-file-url-blocked-by-csp-img-src-star-expected.html        2016-06-17 00:00:40 UTC (rev 202149)
+++ trunk/LayoutTests/fast/dom/HTMLImageElement/image-with-file-url-blocked-by-csp-img-src-star-expected.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -1,7 +0,0 @@
</span><del>-<!DOCTYPE html>
-<html>
-<body>
-<p>This tests that loading image with a file URL is blocked when the page has Content Security Policy &quot;image-src *&quot;. This test PASSED if you see the word PASS below. Otherwise, it FAILED.</p>
-<img src="" width="128" height="128" alt="PASS">
-</body>
-</html>
</del></span></pre></div>
<a id="trunkLayoutTestsfastdomHTMLImageElementimagewithfileurlblockedbycspimgsrcstarhtml"></a>
<div class="delfile"><h4>Deleted: trunk/LayoutTests/fast/dom/HTMLImageElement/image-with-file-url-blocked-by-csp-img-src-star.html (202149 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/fast/dom/HTMLImageElement/image-with-file-url-blocked-by-csp-img-src-star.html        2016-06-17 00:00:40 UTC (rev 202149)
+++ trunk/LayoutTests/fast/dom/HTMLImageElement/image-with-file-url-blocked-by-csp-img-src-star.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -1,10 +0,0 @@
</span><del>-<!DOCTYPE html>
-<html>
-<head>
-<meta http-equiv="Content-Security-Policy" content="img-src *">
-</head>
-<body>
-<p>This tests that loading image with a file URL is blocked when the page has Content Security Policy &quot;image-src *&quot;. This test PASSED if you see the word PASS below. Otherwise, it FAILED.</p>
-<img src="resources/green.png" width="128" height="128" alt="PASS">
-</body>
-</html>
</del></span></pre></div>
<a id="trunkLayoutTestsfastdomHTMLLinkElementlinkwithbloburlallowedbycspstylesrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledexpectedhtml"></a>
<div class="delfile"><h4>Deleted: trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-blob-url-allowed-by-csp-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html (202149 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-blob-url-allowed-by-csp-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html        2016-06-17 00:00:40 UTC (rev 202149)
+++ trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-blob-url-allowed-by-csp-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -1,7 +0,0 @@
</span><del>-<!DOCTYPE html>
-<html>
-<body>
-<p>This tests that loading a stylesheet with a blob URL is allowed when the page has Content Security Policy &quot;style-src *&quot; and the WebKit setting AllowContentSecurityPolicySourceStarToMatchAnyProtocol is enabled. This test PASSED if you see a green square below. Otherwise, it FAILED.</p>
-<div style="background-color: green; height: 128px; width: 128px"></div>
-</body>
-</html>
</del></span></pre></div>
<a id="trunkLayoutTestsfastdomHTMLLinkElementlinkwithbloburlallowedbycspstylesrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledhtml"></a>
<div class="delfile"><h4>Deleted: trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-blob-url-allowed-by-csp-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html (202149 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-blob-url-allowed-by-csp-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html        2016-06-17 00:00:40 UTC (rev 202149)
+++ trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-blob-url-allowed-by-csp-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -1,32 +0,0 @@
</span><del>-<!DOCTYPE html>
-<html>
-<head>
-<style>
-#test {
- background-color: red;
- height: 128px;
- width: 128px;
-}
-</style>
-<meta http-equiv="Content-Security-Policy" content="style-src *">
-<script>
-if (window.internals && window.internals.settings)
- internals.settings.setAllowContentSecurityPolicySourceStarToMatchAnyProtocol(true);
-
-function createLinkElementWithStylesheet(stylesheetURL)
-{
- var link = document.createElement("link");
- link.rel = "stylesheet";
- link.href = stylesheetURL;
- return link;
-}
-
-var blobURL = window.URL.createObjectURL(new Blob(["#test { background-color: green !important; }"], {type: "text/css"}));
-document.head.appendChild(createLinkElementWithStylesheet(blobURL));
-</script>
-</head>
-<body>
-<p>This tests that loading a stylesheet with a blob URL is allowed when the page has Content Security Policy &quot;style-src *&quot; and the WebKit setting AllowContentSecurityPolicySourceStarToMatchAnyProtocol is enabled. This test PASSED if you see a green square below. Otherwise, it FAILED.</p>
-<div id="test"></div>
-</body>
-</html>
</del></span></pre></div>
<a id="trunkLayoutTestsfastdomHTMLLinkElementlinkwithbloburlblockedbycspstylesrcstarexpectedhtml"></a>
<div class="delfile"><h4>Deleted: trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-blob-url-blocked-by-csp-style-src-star-expected.html (202149 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-blob-url-blocked-by-csp-style-src-star-expected.html        2016-06-17 00:00:40 UTC (rev 202149)
+++ trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-blob-url-blocked-by-csp-style-src-star-expected.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -1,7 +0,0 @@
</span><del>-<!DOCTYPE html>
-<html>
-<body>
-<p>This tests that loading a stylesheet with a blob URL is blocked when the page has Content Security Policy &quot;style-src *&quot;. This test PASSED if you see a green square below. Otherwise, it FAILED.</p>
-<div style="background-color: green; height: 128px; width: 128px"></div>
-</body>
-</html>
</del></span></pre></div>
<a id="trunkLayoutTestsfastdomHTMLLinkElementlinkwithbloburlblockedbycspstylesrcstarhtml"></a>
<div class="delfile"><h4>Deleted: trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-blob-url-blocked-by-csp-style-src-star.html (202149 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-blob-url-blocked-by-csp-style-src-star.html        2016-06-17 00:00:40 UTC (rev 202149)
+++ trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-blob-url-blocked-by-csp-style-src-star.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -1,29 +0,0 @@
</span><del>-<!DOCTYPE html>
-<html>
-<head>
-<style>
-#test {
- background-color: green;
- height: 128px;
- width: 128px;
-}
-</style>
-<meta http-equiv="Content-Security-Policy" content="style-src *">
-<script>
-function createLinkElementWithStylesheet(stylesheetURL)
-{
- var link = document.createElement("link");
- link.rel = "stylesheet";
- link.href = stylesheetURL;
- return link;
-}
-
-var blobURL = window.URL.createObjectURL(new Blob(["#test { background-color: red !important; }"], {type: "text/css"}));
-document.head.appendChild(createLinkElementWithStylesheet(blobURL));
-</script>
-</head>
-<body>
-<p>This tests that loading a stylesheet with a blob URL is blocked when the page has Content Security Policy &quot;style-src *&quot;. This test PASSED if you see a green square below. Otherwise, it FAILED.</p>
-<div id="test"></div>
-</body>
-</html>
</del></span></pre></div>
<a id="trunkLayoutTestsfastdomHTMLLinkElementlinkwithdataurlallowedbycspstylesrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledexpectedhtml"></a>
<div class="delfile"><h4>Deleted: trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-data-url-allowed-by-csp-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html (202149 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-data-url-allowed-by-csp-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html        2016-06-17 00:00:40 UTC (rev 202149)
+++ trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-data-url-allowed-by-csp-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -1,7 +0,0 @@
</span><del>-<!DOCTYPE html>
-<html>
-<body>
-<p>This tests that loading a stylesheet with a data URL is allowed when the page has Content Security Policy &quot;style-src *&quot; and the WebKit setting AllowContentSecurityPolicySourceStarToMatchAnyProtocol is enabled. This test PASSED if you see a green square below. Otherwise, it FAILED.</p>
-<div style="background-color: green; height: 128px; width: 128px"></div>
-</body>
-</html>
</del></span></pre></div>
<a id="trunkLayoutTestsfastdomHTMLLinkElementlinkwithdataurlallowedbycspstylesrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledhtml"></a>
<div class="delfile"><h4>Deleted: trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-data-url-allowed-by-csp-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html (202149 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-data-url-allowed-by-csp-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html        2016-06-17 00:00:40 UTC (rev 202149)
+++ trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-data-url-allowed-by-csp-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -1,22 +0,0 @@
</span><del>-<!DOCTYPE html>
-<html>
-<head>
-<style>
-#test {
- background-color: red;
- height: 128px;
- width: 128px;
-}
-</style>
-<meta http-equiv="Content-Security-Policy" content="style-src *">
-<script>
-if (window.internals && window.internals.settings)
- internals.settings.setAllowContentSecurityPolicySourceStarToMatchAnyProtocol(true);
-</script>
-<link rel="stylesheet" href="data:text/css, #test { background-color: green !important; }">
-</head>
-<body>
-<p>This tests that loading a stylesheet with a data URL is allowed when the page has Content Security Policy &quot;style-src *&quot; and the WebKit setting AllowContentSecurityPolicySourceStarToMatchAnyProtocol is enabled. This test PASSED if you see a green square below. Otherwise, it FAILED.</p>
-<div id="test"></div>
-</body>
-</html>
</del></span></pre></div>
<a id="trunkLayoutTestsfastdomHTMLLinkElementlinkwithdataurlblockedbycspstylesrcstarexpectedhtml"></a>
<div class="delfile"><h4>Deleted: trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-data-url-blocked-by-csp-style-src-star-expected.html (202149 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-data-url-blocked-by-csp-style-src-star-expected.html        2016-06-17 00:00:40 UTC (rev 202149)
+++ trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-data-url-blocked-by-csp-style-src-star-expected.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -1,7 +0,0 @@
</span><del>-<!DOCTYPE html>
-<html>
-<body>
-<p>This tests that loading a stylesheet with a data URL is blocked when the page has Content Security Policy &quot;style-src *&quot;. This test PASSED if you see a green square below. Otherwise, it FAILED.</p>
-<div style="background-color: green; height: 128px; width: 128px"></div>
-</body>
-</html>
</del></span></pre></div>
<a id="trunkLayoutTestsfastdomHTMLLinkElementlinkwithdataurlblockedbycspstylesrcstarhtml"></a>
<div class="delfile"><h4>Deleted: trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-data-url-blocked-by-csp-style-src-star.html (202149 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-data-url-blocked-by-csp-style-src-star.html        2016-06-17 00:00:40 UTC (rev 202149)
+++ trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-data-url-blocked-by-csp-style-src-star.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -1,18 +0,0 @@
</span><del>-<!DOCTYPE html>
-<html>
-<head>
-<style>
-#test {
- background-color: green;
- height: 128px;
- width: 128px;
-}
-</style>
-<meta http-equiv="Content-Security-Policy" content="style-src *">
-<link rel="stylesheet" href="data:text/css, #test { background-color: red !important; }">
-</head>
-<body>
-<p>This tests that loading a stylesheet with a data URL is blocked when the page has Content Security Policy &quot;style-src *&quot;. This test PASSED if you see a green square below. Otherwise, it FAILED.</p>
-<div id="test"></div>
-</body>
-</html>
</del></span></pre></div>
<a id="trunkLayoutTestsfastdomHTMLLinkElementlinkwithfileurlallowedbycspstylesrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledexpectedhtml"></a>
<div class="delfile"><h4>Deleted: trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-file-url-allowed-by-csp-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html (202149 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-file-url-allowed-by-csp-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html        2016-06-17 00:00:40 UTC (rev 202149)
+++ trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-file-url-allowed-by-csp-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -1,7 +0,0 @@
</span><del>-<!DOCTYPE html>
-<html>
-<body>
-<p>This tests that loading a stylesheet with a file URL is allowed when the page has Content Security Policy &quot;style-src *&quot; and the WebKit setting AllowContentSecurityPolicySourceStarToMatchAnyProtocol is enabled. This test PASSED if you see a green square below. Otherwise, it FAILED.</p>
-<div style="background-color: green; height: 128px; width: 128px"></div>
-</body>
-</html>
</del></span></pre></div>
<a id="trunkLayoutTestsfastdomHTMLLinkElementlinkwithfileurlallowedbycspstylesrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledhtml"></a>
<div class="delfile"><h4>Deleted: trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-file-url-allowed-by-csp-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html (202149 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-file-url-allowed-by-csp-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html        2016-06-17 00:00:40 UTC (rev 202149)
+++ trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-file-url-allowed-by-csp-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -1,22 +0,0 @@
</span><del>-<!DOCTYPE html>
-<html>
-<head>
-<style>
-#test {
- background-color: red;
- height: 128px;
- width: 128px;
-}
-</style>
-<meta http-equiv="Content-Security-Policy" content="style-src *">
-<script>
-if (window.internals && window.internals.settings)
- internals.settings.setAllowContentSecurityPolicySourceStarToMatchAnyProtocol(true);
-</script>
-<link rel="stylesheet" href="resources/green-background-color.css">
-</head>
-<body>
-<p>This tests that loading a stylesheet with a file URL is allowed when the page has Content Security Policy &quot;style-src *&quot; and the WebKit setting AllowContentSecurityPolicySourceStarToMatchAnyProtocol is enabled. This test PASSED if you see a green square below. Otherwise, it FAILED.</p>
-<div id="test"></div>
-</body>
-</html>
</del></span></pre></div>
<a id="trunkLayoutTestsfastdomHTMLLinkElementlinkwithfileurlblockedbycspstylesrcstarexpectedhtml"></a>
<div class="delfile"><h4>Deleted: trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-file-url-blocked-by-csp-style-src-star-expected.html (202149 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-file-url-blocked-by-csp-style-src-star-expected.html        2016-06-17 00:00:40 UTC (rev 202149)
+++ trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-file-url-blocked-by-csp-style-src-star-expected.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -1,7 +0,0 @@
</span><del>-<!DOCTYPE html>
-<html>
-<body>
-<p>This tests that loading a stylesheet with a file URL is blocked when the page has Content Security Policy &quot;style-src *&quot;. This test PASSED if you see a green square below. Otherwise, it FAILED.</p>
-<div style="background-color: green; height: 128px; width: 128px"></div>
-</body>
-</html>
</del></span></pre></div>
<a id="trunkLayoutTestsfastdomHTMLLinkElementlinkwithfileurlblockedbycspstylesrcstarhtml"></a>
<div class="delfile"><h4>Deleted: trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-file-url-blocked-by-csp-style-src-star.html (202149 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-file-url-blocked-by-csp-style-src-star.html        2016-06-17 00:00:40 UTC (rev 202149)
+++ trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-file-url-blocked-by-csp-style-src-star.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -1,18 +0,0 @@
</span><del>-<!DOCTYPE html>
-<html>
-<head>
-<style>
-#test {
- background-color: green;
- height: 128px;
- width: 128px;
-}
-</style>
-<meta http-equiv="Content-Security-Policy" content="style-src *">
-<link rel="stylesheet" href="resources/red-background-color.css">
-</head>
-<body>
-<p>This tests that loading a stylesheet with a file URL is blocked when the page has Content Security Policy &quot;style-src *&quot;. This test PASSED if you see a green square below. Otherwise, it FAILED.</p>
-<div id="test"></div>
-</body>
-</html>
</del></span></pre></div>
<a id="trunkLayoutTestsfasttextfontloadingcspblockallexpectedtxt"></a>
<div class="delfile"><h4>Deleted: trunk/LayoutTests/fast/text/font-loading-csp-block-all-expected.txt (202149 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/fast/text/font-loading-csp-block-all-expected.txt        2016-06-17 00:00:40 UTC (rev 202149)
+++ trunk/LayoutTests/fast/text/font-loading-csp-block-all-expected.txt        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -1,11 +0,0 @@
</span><del>-CONSOLE MESSAGE: Refused to load Ahem.woff because it does not appear in the font-src directive of the Content Security Policy.
-This test makes sure that the promise of a FontFace with no FontFaceSources gets rejected.
-
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-PASS rejectedException.code is rejectedException.NETWORK_ERR
-PASS successfullyParsed is true
-
-TEST COMPLETE
-
</del></span></pre></div>
<a id="trunkLayoutTestsfasttextfontloadingcspblockallhtml"></a>
<div class="delfile"><h4>Deleted: trunk/LayoutTests/fast/text/font-loading-csp-block-all.html (202149 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/fast/text/font-loading-csp-block-all.html        2016-06-17 00:00:40 UTC (rev 202149)
+++ trunk/LayoutTests/fast/text/font-loading-csp-block-all.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -1,26 +0,0 @@
</span><del>-<!DOCTYPE html>
-<html>
-<head>
-<meta http-equiv="Content-Security-Policy" content="font-src 'none'">
-<script src="../../resources/js-test-pre.js"></script>
-</head>
-<body>
-<script>
-description("This test makes sure that the promise of a FontFace with no FontFaceSources gets rejected.")
-
-window.jsTestIsAsync = true;
-
-var face = new FontFace("WebFont", "url(../../resources/Ahem.woff) format('woff')", { });
-
-var rejectedException;
-var loading = face.load().then(function() {
- testFailed("Promise should not resolve successfully.");
- finishJSTest();
-}, function(e) {
- rejectedException = e;
- shouldBe("rejectedException.code", "rejectedException.NETWORK_ERR");
- finishJSTest();
-});
-</script>
-<script src="../../resources/js-test-post.js"></script>
-</body>
</del></span></pre></div>
<a id="trunkLayoutTestsfastworkersresourcesworkerinheritscspblocksevaljs"></a>
<div class="delfile"><h4>Deleted: trunk/LayoutTests/fast/workers/resources/worker-inherits-csp-blocks-eval.js (202149 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/fast/workers/resources/worker-inherits-csp-blocks-eval.js        2016-06-17 00:00:40 UTC (rev 202149)
+++ trunk/LayoutTests/fast/workers/resources/worker-inherits-csp-blocks-eval.js        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -1,14 +0,0 @@
</span><del>-var exception;
-try {
- eval("1 + 0");
-} catch (e) {
- exception = e;
-}
-if (!exception)
- self.postMessage("FAIL should throw EvalError. But did not throw an exception.");
-else {
- if (exception instanceof EvalError)
- self.postMessage("PASS threw exception " + exception + ".");
- else
- self.postMessage("FAIL should throw EvalError. Threw exception " + exception + ".");
-}
</del></span></pre></div>
<a id="trunkLayoutTestsfastworkersresourcesworkerinheritscspblocksxhrjs"></a>
<div class="delfile"><h4>Deleted: trunk/LayoutTests/fast/workers/resources/worker-inherits-csp-blocks-xhr.js (202149 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/fast/workers/resources/worker-inherits-csp-blocks-xhr.js        2016-06-17 00:00:40 UTC (rev 202149)
+++ trunk/LayoutTests/fast/workers/resources/worker-inherits-csp-blocks-xhr.js        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -1,19 +0,0 @@
</span><del>-var exception;
-try {
- var xhr = new XMLHttpRequest;
- var isAsynchronous = false;
- xhr.open("GET", "non-existent-file", isAsynchronous);
- xhr.send();
-} catch (e) {
- exception = e;
-}
-
-var expectedExceptionCode = 19; // DOMException.NETWORK_ERR
-if (!exception)
- self.postMessage("FAIL should throw " + expectedExceptionCode + ". But did not throw an exception.");
-else {
- if (exception.code === expectedExceptionCode)
- self.postMessage("PASS threw exception " + exception + ".");
- else
- self.postMessage("FAIL should throw " + expectedExceptionCode + ". Threw exception " + exception + ".");
-}
</del></span></pre></div>
<a id="trunkLayoutTestsfastworkersworkerinheritscspblocksevalexpectedtxt"></a>
<div class="delfile"><h4>Deleted: trunk/LayoutTests/fast/workers/worker-inherits-csp-blocks-eval-expected.txt (202149 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/fast/workers/worker-inherits-csp-blocks-eval-expected.txt        2016-06-17 00:00:40 UTC (rev 202149)
+++ trunk/LayoutTests/fast/workers/worker-inherits-csp-blocks-eval-expected.txt        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -1,4 +0,0 @@
</span><del>-This tests that the Content Security Policy (CSP) of the owner document (this page) blocks a file-URL Web Worker from using eval() because the parent's CSP does not list unsafe-eval in script-src.
-
-PASS threw exception EvalError: Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'unsafe-inline'".
-.
</del></span></pre></div>
<a id="trunkLayoutTestsfastworkersworkerinheritscspblocksevalhtml"></a>
<div class="delfile"><h4>Deleted: trunk/LayoutTests/fast/workers/worker-inherits-csp-blocks-eval.html (202149 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/fast/workers/worker-inherits-csp-blocks-eval.html        2016-06-17 00:00:40 UTC (rev 202149)
+++ trunk/LayoutTests/fast/workers/worker-inherits-csp-blocks-eval.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -1,32 +0,0 @@
</span><del>-<!DOCTYPE html>
-<html>
-<head>
-<meta http-equiv="Content-Security-Policy" content="script-src 'unsafe-inline'">
-<script>
-if (window.testRunner) {
- testRunner.dumpAsText();
- testRunner.waitUntilDone();
-}
-</script>
-</head>
-<body>
-<p>This tests that the Content Security Policy (CSP) of the owner document (this page) blocks a file-URL Web Worker from using <code>eval()</code> because the parent's CSP does not list <code>unsafe-eval</code> in script-src.</p>
-<pre id="result"></pre>
-<script>
-window.onmessage = function (event)
-{
- document.getElementById("result").textContent = event.data;
- if (window.testRunner)
- testRunner.notifyDone();
-}
-
-var worker;
-try {
- worker = new Worker("resources/worker-inherits-csp-blocks-eval.js");
- worker.onmessage = function (event) { window.postMessage(event.data, "*") };
-} catch (exception) {
- window.postMessage("FAIL should not have thrown an exception when creating worker. Threw exception " + exception + ".", "*");
-}
-</script>
-</body>
-</html>
</del></span></pre></div>
<a id="trunkLayoutTestsfastworkersworkerinheritscspblocksxhrexpectedtxt"></a>
<div class="delfile"><h4>Deleted: trunk/LayoutTests/fast/workers/worker-inherits-csp-blocks-xhr-expected.txt (202149 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/fast/workers/worker-inherits-csp-blocks-xhr-expected.txt        2016-06-17 00:00:40 UTC (rev 202149)
+++ trunk/LayoutTests/fast/workers/worker-inherits-csp-blocks-xhr-expected.txt        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -1,4 +0,0 @@
</span><del>-CONSOLE MESSAGE: Refused to connect to non-existent-file because it does not appear in the connect-src directive of the Content Security Policy.
-This tests that the Content Security Policy (CSP) of the owner document (this page) blocks a file-URL Web Worker from making an XHR request because the parent's CSP contains "connect-src 'none'"
-
-PASS threw exception Error: NetworkError: DOM Exception 19.
</del></span></pre></div>
<a id="trunkLayoutTestsfastworkersworkerinheritscspblocksxhrhtml"></a>
<div class="delfile"><h4>Deleted: trunk/LayoutTests/fast/workers/worker-inherits-csp-blocks-xhr.html (202149 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/fast/workers/worker-inherits-csp-blocks-xhr.html        2016-06-17 00:00:40 UTC (rev 202149)
+++ trunk/LayoutTests/fast/workers/worker-inherits-csp-blocks-xhr.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -1,32 +0,0 @@
</span><del>-<!DOCTYPE html>
-<html>
-<head>
-<meta http-equiv="Content-Security-Policy" content="script-src 'unsafe-inline'; connect-src 'none'">
-<script>
-if (window.testRunner) {
- testRunner.dumpAsText();
- testRunner.waitUntilDone();
-}
-</script>
-</head>
-<body>
-<p>This tests that the Content Security Policy (CSP) of the owner document (this page) blocks a file-URL Web Worker from making an XHR request because the parent's CSP contains &quot;connect-src 'none'&quot;</p>
-<pre id="result"></pre>
-<script>
-window.onmessage = function (event)
-{
- document.getElementById("result").textContent = event.data;
- if (window.testRunner)
- testRunner.notifyDone();
-}
-
-var worker;
-try {
- worker = new Worker("resources/worker-inherits-csp-blocks-xhr.js");
- worker.onmessage = function (event) { window.postMessage(event.data, "*") };
-} catch (exception) {
- window.postMessage("FAIL should not have thrown an exception when creating worker. Threw exception " + exception + ".", "*");
-}
-</script>
-</body>
-</html>
</del></span></pre></div>
<a id="trunkLayoutTestsmediacspblocksvideoexpectedtxt"></a>
<div class="delfile"><h4>Deleted: trunk/LayoutTests/media/csp-blocks-video-expected.txt (202149 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/media/csp-blocks-video-expected.txt        2016-06-17 00:00:40 UTC (rev 202149)
+++ trunk/LayoutTests/media/csp-blocks-video-expected.txt        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -1,4 +0,0 @@
</span><del>-CONSOLE MESSAGE: Refused to load test.mp4 because it does not appear in the media-src directive of the Content Security Policy.
-
-END OF TEST
-This test passes if it doesn't alert failure.
</del></span></pre></div>
<a id="trunkLayoutTestsmediacspblocksvideohtml"></a>
<div class="delfile"><h4>Deleted: trunk/LayoutTests/media/csp-blocks-video.html (202149 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/media/csp-blocks-video.html        2016-06-17 00:00:40 UTC (rev 202149)
+++ trunk/LayoutTests/media/csp-blocks-video.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -1,16 +0,0 @@
</span><del>-<meta http-equiv="Content-Security-Policy" content="media-src 'none'">
-<video controls></video>
-<script src=media-file.js></script>
-<script src=video-test.js></script>
-<p>This test passes if it doesn't alert failure.</p>
-<script>
-var mediaFile = findMediaFile("video", "content/test");
-video.src = mediaFile;
-
-waitForEvent('loadedmetadata', function () {
- alert('FAIL');
- endTest();
-} );
-video.load();
-addEventListener('load', endTest, false);
-</script>
</del></span></pre></div>
<a id="trunkLayoutTestsmediavideowithbloburlallowedbycspmediasrcstarexpectedhtml"></a>
<div class="delfile"><h4>Deleted: trunk/LayoutTests/media/video-with-blob-url-allowed-by-csp-media-src-star-expected.html (202149 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/media/video-with-blob-url-allowed-by-csp-media-src-star-expected.html        2016-06-17 00:00:40 UTC (rev 202149)
+++ trunk/LayoutTests/media/video-with-blob-url-allowed-by-csp-media-src-star-expected.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -1,28 +0,0 @@
</span><del>-<!DOCTYPE html>
-<html>
-<head>
-<script src="media-file.js"></script>
-<script>
-if (window.testRunner)
- testRunner.waitUntilDone();
-
-function testFinished()
-{
- if (window.testRunner)
- testRunner.notifyDone();
-}
-
-window.onload = function ()
-{
- var video = document.getElementById("video");
- video.onloadedmetadata = testFinished;
- video.onerror = testFinished;
- video.src = findMediaFile("video", "content/test");
-}
-</script>
-</head>
-<body>
-<p>This tests that loading a video with a blob URL is allowed when the page has Content Security Policy &quot;media-src *&quot;. To run this test by hand, select a video file. This test PASSED if the video loads and its first frame is shown below. Otherwise, it FAILED.</p>
-<video id="video"></video>
-</body>
-</html>
</del></span></pre></div>
<a id="trunkLayoutTestsmediavideowithbloburlallowedbycspmediasrcstarhtml"></a>
<div class="delfile"><h4>Deleted: trunk/LayoutTests/media/video-with-blob-url-allowed-by-csp-media-src-star.html (202149 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/media/video-with-blob-url-allowed-by-csp-media-src-star.html        2016-06-17 00:00:40 UTC (rev 202149)
+++ trunk/LayoutTests/media/video-with-blob-url-allowed-by-csp-media-src-star.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -1,54 +0,0 @@
</span><del>-<!DOCTYPE html>
-<html>
-<head>
-<meta http-equiv="Content-Security-Policy" content="media-src *">
-<script src="media-file.js"></script>
-<script>
-if (window.testRunner)
- testRunner.waitUntilDone();
-
-var fileInput;
-
-function testFinished()
-{
- if (window.testRunner)
- testRunner.notifyDone();
-}
-
-function loadVideo(event)
-{
- var video = document.createElement("video");
- video.onloadedmetadata = testFinished;
- video.onerror = testFinished;
- video.src = window.URL.createObjectURL(event.target.files[0]);
-
- document.body.removeChild(fileInput);
- document.body.appendChild(video);
-}
-
-function runTest()
-{
- if (!window.eventSender)
- return;
-
- var x = fileInput.offsetLeft + fileInput.offsetWidth / 2;
- var y = fileInput.offsetTop + fileInput.offsetHeight / 2;
-
- eventSender.beginDragWithFiles([findMediaFile("video", "content/test")]);
- eventSender.mouseMoveTo(x, y);
- eventSender.mouseUp();
-}
-
-window.onload = function ()
-{
- fileInput = document.getElementById("file");
- fileInput.onchange = loadVideo;
- runTest();
-}
-</script>
-</head>
-<body>
-<p>This tests that loading a video with a blob URL is allowed when the page has Content Security Policy &quot;media-src *&quot;. To run this test by hand, select a video file. This test PASSED if the video loads and its first frame is shown below. Otherwise, it FAILED.</p>
-<input type="file" id="file">
-</body>
-</html>
</del></span></pre></div>
<a id="trunkLayoutTestsmediavideowithdataurlallowedbycspmediasrcstarexpectedhtml"></a>
<div class="delfile"><h4>Deleted: trunk/LayoutTests/media/video-with-data-url-allowed-by-csp-media-src-star-expected.html (202149 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/media/video-with-data-url-allowed-by-csp-media-src-star-expected.html        2016-06-17 00:00:40 UTC (rev 202149)
+++ trunk/LayoutTests/media/video-with-data-url-allowed-by-csp-media-src-star-expected.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -1,25 +0,0 @@
</span><del>-<!DOCTYPE html>
-<html>
-<head>
-<style>
-video {
- width: 128px;
- height: 128px;
-}
-</style>
-<script>
-if (window.testRunner)
- testRunner.waitUntilDone();
-
-function testFinished()
-{
- if (window.testRunner)
- testRunner.notifyDone();
-}
-</script>
-</head>
-<body>
-<p>This tests that loading a video with a data URL is allowed when the page has Content Security Policy &quot;media-src *&quot;. This test PASSED if you see a square with a green-to-gray horizontal gradient. Otherwise, it FAILED.</p>
-<video src="data:video/mp4;base64,AAAAGGZ0eXBtcDQyAAAAAW1wNDJtcDQxAAACrW1vb3YAAABsbXZoZAAAAADTABd80wAXfAAAAlgAAAAoAAEAAAEAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAAI5dHJhawAAAFx0a2hkAAAAAdMAF3zTABd8AAAAAQAAAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAQAAAAAAyAAAAMgAAAAAAJGVkdHMAAAAcZWxzdAAAAAAAAAABAAAAKAAAAAAAAQAAAAABsW1kaWEAAAAgbWRoZAAAAADTABd80wAXfAAAAlgAAAJYFccAAAAAADpoZGxyAAAAAAAAAAB2aWRlAAAAAAAAAAAAAAAAQXBwbGUgVmlkZW8gTWVkaWEgSGFuZGxlcgAAAAFPbWluZgAAABR2bWhkAAAAAQAAAAAAAAAAAAAAJGRpbmYAAAAcZHJlZgAAAAAAAAABAAAADHVybCAAAAABAAABD3N0YmwAAACrc3RzZAAAAAAAAAABAAAAm21wNHYAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAMgAyAEgAAABIAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAY//8AAABFZXNkcwAAAAADNwAAHwQvIBEALuAAAH0AAAB9AAUgAAABsPMAAAG1DuBAwM8AAAEAAAABIACEQPooDKAyox8GAQIAAAAYc3R0cwAAAAAAAAABAAAAAQAAAlgAAAAcc3RzYwAAAAAAAAABAAAAAQAAAAEAAAABAAAAFHN0c3oAAAAAAAACxQAAAAEAAAAUc3RjbwAAAAAAAAABAAAC7QA
AAAhmcmVlAAAACGZyZWUAAALdbWRhdAAAAAh3aWRlAAAAAG1kYXQAAAG2EAMJjF7bCAFgRvbfiNzb8MqOhJBwKtkGGQPFwBJgwxJBwKtkGGQPFwBJhh2CkikFCCBi64HxGi1uVcfsItzm5SWWWEAMwPAQHYPB/5YKAHh/9cQgeL/6wGCNbb+PNv4225srB4D+rB4P/DEcHiIBMHi4BkFk2DwH9WDwf+GI4PEQCYPFwDILJwHgILEHg/1sHgIJcHh/4MHgIGUHi/70HwICPB4CCxB4P9bB4CCXB4f+DB4CBlB4v+9B8CAjjbb+Ntv422/ZWDwH9WDwf+GI4PEQCYPFwDILJsHgP6sHg/8MRweIgEweLgGQWTweAgsQeD/WweAglweH/gweAgZQeL/vQfAgI6DwEFPlbB4D9lB4CCN9jP02/B4D+LB4CBdzFbA4raq6DwH+CIUjLUVtK1V+0N8EFhlrsD1r+dx7IOgeB/qweA/wweF/4weKgEx0D5sAiweB/qweA/wweF/4weKgEx0D5sAiYYMwPA/44KUHhf88A8Hif+Eeg+b/7g3g8D/bg8B/dg8L/hgoweJ/2RJB83/zZGDwP9WDwH+GDwv/GDxUAmOgfNgEWDwP9WDwH+GDwv/GDxUAmOgfNgEW8Hgf8cFKDwv+eAeDxP/CPQfN/98Hgf7cHgP7sHhf8MFGDxP+yJIPm/+bIweB/qweA/wweF/4weKgEx0D5sAiweB/qweA/wweF/4weKgEx0D5sAi3g8D/jgpQeF/zwDweJ/4R6D5v/vg8D/bg8B/dg8L/hgoweJ/2RJB83/zYSw/H6cS0/y8v+OU7agt+o9nSz09hV6Zg2yRaBW23Hw/H4jD8uEkSC9OOhLHSdUPx0Ox8rbSD8fD9I3GUheXJWLjKZOmZzG1Strcbabyf9ZrjR8Px+Iw/LhJEgvTjoSx0nVD8dDsfK20g/Hw/SNxlIXlyVi4ymTpmcxtUra3G
2m8n/Wa5" oncanplay="testFinished()"></video>
-</body>
-</html>
</del></span></pre></div>
<a id="trunkLayoutTestsmediavideowithdataurlallowedbycspmediasrcstarhtml"></a>
<div class="delfile"><h4>Deleted: trunk/LayoutTests/media/video-with-data-url-allowed-by-csp-media-src-star.html (202149 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/media/video-with-data-url-allowed-by-csp-media-src-star.html        2016-06-17 00:00:40 UTC (rev 202149)
+++ trunk/LayoutTests/media/video-with-data-url-allowed-by-csp-media-src-star.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -1,27 +0,0 @@
</span><del>-<!DOCTYPE html>
-<html>
-<head>
-<meta http-equiv="Content-Security-Policy" content="media-src *">
-<style>
-video {
- background-color: red;
- width: 128px;
- height: 128px;
-}
-</style>
-<script>
-if (window.testRunner)
- testRunner.waitUntilDone();
-
-function testFinished()
-{
- if (window.testRunner)
- testRunner.notifyDone();
-}
-</script>
-</head>
-<body>
-<p>This tests that loading a video with a data URL is allowed when the page has Content Security Policy &quot;media-src *&quot;. This test PASSED if you see a square with a green-to-gray horizontal gradient. Otherwise, it FAILED.</p>
-<video src="data:video/mp4;base64,AAAAGGZ0eXBtcDQyAAAAAW1wNDJtcDQxAAACrW1vb3YAAABsbXZoZAAAAADTABd80wAXfAAAAlgAAAAoAAEAAAEAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAAI5dHJhawAAAFx0a2hkAAAAAdMAF3zTABd8AAAAAQAAAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAQAAAAAAyAAAAMgAAAAAAJGVkdHMAAAAcZWxzdAAAAAAAAAABAAAAKAAAAAAAAQAAAAABsW1kaWEAAAAgbWRoZAAAAADTABd80wAXfAAAAlgAAAJYFccAAAAAADpoZGxyAAAAAAAAAAB2aWRlAAAAAAAAAAAAAAAAQXBwbGUgVmlkZW8gTWVkaWEgSGFuZGxlcgAAAAFPbWluZgAAABR2bWhkAAAAAQAAAAAAAAAAAAAAJGRpbmYAAAAcZHJlZgAAAAAAAAABAAAADHVybCAAAAABAAABD3N0YmwAAACrc3RzZAAAAAAAAAABAAAAm21wNHYAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAMgAyAEgAAABIAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAY//8AAABFZXNkcwAAAAADNwAAHwQvIBEALuAAAH0AAAB9AAUgAAABsPMAAAG1DuBAwM8AAAEAAAABIACEQPooDKAyox8GAQIAAAAYc3R0cwAAAAAAAAABAAAAAQAAAlgAAAAcc3RzYwAAAAAAAAABAAAAAQAAAAEAAAABAAAAFHN0c3oAAAAAAAACxQAAAAEAAAAUc3RjbwAAAAAAAAABAAAC7QA
AAAhmcmVlAAAACGZyZWUAAALdbWRhdAAAAAh3aWRlAAAAAG1kYXQAAAG2EAMJjF7bCAFgRvbfiNzb8MqOhJBwKtkGGQPFwBJgwxJBwKtkGGQPFwBJhh2CkikFCCBi64HxGi1uVcfsItzm5SWWWEAMwPAQHYPB/5YKAHh/9cQgeL/6wGCNbb+PNv4225srB4D+rB4P/DEcHiIBMHi4BkFk2DwH9WDwf+GI4PEQCYPFwDILJwHgILEHg/1sHgIJcHh/4MHgIGUHi/70HwICPB4CCxB4P9bB4CCXB4f+DB4CBlB4v+9B8CAjjbb+Ntv422/ZWDwH9WDwf+GI4PEQCYPFwDILJsHgP6sHg/8MRweIgEweLgGQWTweAgsQeD/WweAglweH/gweAgZQeL/vQfAgI6DwEFPlbB4D9lB4CCN9jP02/B4D+LB4CBdzFbA4raq6DwH+CIUjLUVtK1V+0N8EFhlrsD1r+dx7IOgeB/qweA/wweF/4weKgEx0D5sAiweB/qweA/wweF/4weKgEx0D5sAiYYMwPA/44KUHhf88A8Hif+Eeg+b/7g3g8D/bg8B/dg8L/hgoweJ/2RJB83/zZGDwP9WDwH+GDwv/GDxUAmOgfNgEWDwP9WDwH+GDwv/GDxUAmOgfNgEW8Hgf8cFKDwv+eAeDxP/CPQfN/98Hgf7cHgP7sHhf8MFGDxP+yJIPm/+bIweB/qweA/wweF/4weKgEx0D5sAiweB/qweA/wweF/4weKgEx0D5sAi3g8D/jgpQeF/zwDweJ/4R6D5v/vg8D/bg8B/dg8L/hgoweJ/2RJB83/zYSw/H6cS0/y8v+OU7agt+o9nSz09hV6Zg2yRaBW23Hw/H4jD8uEkSC9OOhLHSdUPx0Ox8rbSD8fD9I3GUheXJWLjKZOmZzG1Strcbabyf9ZrjR8Px+Iw/LhJEgvTjoSx0nVD8dDsfK20g/Hw/SNxlIXlyVi4ymTpmcxtUra3G
2m8n/Wa5" oncanplay="testFinished()" onerror="testFinished()"></video>
-</body>
-</html>
</del></span></pre></div>
<a id="trunkLayoutTestsmediavideowithfileurlallowedbycspmediasrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledexpectedhtml"></a>
<div class="delfile"><h4>Deleted: trunk/LayoutTests/media/video-with-file-url-allowed-by-csp-media-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html (202149 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/media/video-with-file-url-allowed-by-csp-media-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html        2016-06-17 00:00:40 UTC (rev 202149)
+++ trunk/LayoutTests/media/video-with-file-url-allowed-by-csp-media-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -1,31 +0,0 @@
</span><del>-<!DOCTYPE html>
-<html>
-<head>
-<script src="media-file.js"></script>
-<script>
-if (window.testRunner)
- testRunner.waitUntilDone();
-
-function testFinished()
-{
- if (window.testRunner)
- testRunner.notifyDone();
-}
-
-window.onload = function ()
-{
- var video = document.getElementById("video");
- video.oncanplaythrough = function () {
- // Use a zero timer to ensure that the first frame of the video is drawn.
- window.setTimeout(testFinished, 0);
- }
- video.onerror = testFinished;
- video.src = findMediaFile("video", "content/test");
-}
-</script>
-</head>
-<body>
-<p>This tests that loading a video with a file URL is allowed when the page has Content Security Policy &quot;media-src *&quot; and the WebKit setting AllowContentSecurityPolicySourceStarToMatchAnyProtocol is enabled. This test PASSED if the video loads. Otherwise, it FAILED.</p>
-<video id="video"></video>
-</body>
-</html>
</del></span></pre></div>
<a id="trunkLayoutTestsmediavideowithfileurlallowedbycspmediasrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledhtml"></a>
<div class="delfile"><h4>Deleted: trunk/LayoutTests/media/video-with-file-url-allowed-by-csp-media-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html (202149 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/media/video-with-file-url-allowed-by-csp-media-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html        2016-06-17 00:00:40 UTC (rev 202149)
+++ trunk/LayoutTests/media/video-with-file-url-allowed-by-csp-media-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -1,35 +0,0 @@
</span><del>-<!DOCTYPE html>
-<html>
-<head>
-<meta http-equiv="Content-Security-Policy" content="media-src *">
-<script src="media-file.js"></script>
-<script>
-if (window.testRunner)
- testRunner.waitUntilDone();
-
-if (window.internals && window.internals.settings)
- internals.settings.setAllowContentSecurityPolicySourceStarToMatchAnyProtocol(true);
-
-function testFinished()
-{
- if (window.testRunner)
- testRunner.notifyDone();
-}
-
-window.onload = function ()
-{
- var video = document.getElementById("video");
- video.oncanplaythrough = function () {
- // Use a zero timer to ensure that the first frame of the video is drawn.
- window.setTimeout(testFinished, 0);
- }
- video.onerror = testFinished;
- video.src = findMediaFile("video", "content/test");
-}
-</script>
-</head>
-<body>
-<p>This tests that loading a video with a file URL is allowed when the page has Content Security Policy &quot;media-src *&quot; and the WebKit setting AllowContentSecurityPolicySourceStarToMatchAnyProtocol is enabled. This test PASSED if the video loads. Otherwise, it FAILED.</p>
-<video id="video"></video>
-</body>
-</html>
</del></span></pre></div>
<a id="trunkLayoutTestsmediavideowithfileurlblockedbycspmediasrcstarexpectedhtml"></a>
<div class="delfile"><h4>Deleted: trunk/LayoutTests/media/video-with-file-url-blocked-by-csp-media-src-star-expected.html (202149 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/media/video-with-file-url-blocked-by-csp-media-src-star-expected.html        2016-06-17 00:00:40 UTC (rev 202149)
+++ trunk/LayoutTests/media/video-with-file-url-blocked-by-csp-media-src-star-expected.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -1,16 +0,0 @@
</span><del>-<!DOCTYPE html>
-<html>
-<head>
-<style>
-#equivalent-expected-result {
- background-color: green;
- width: 128px;
- height: 128px;
-}
-</style>
-</head>
-<body>
-<p>This tests that loading a video with a file URL is blocked when the page has Content Security Policy &quot;media-src *&quot;. This test PASSED if you see a solid green square. Otherwise, it FAILED.</p>
-<div id="equivalent-expected-result"></div>
-</body>
-</html>
</del></span></pre></div>
<a id="trunkLayoutTestsmediavideowithfileurlblockedbycspmediasrcstarhtml"></a>
<div class="delfile"><h4>Deleted: trunk/LayoutTests/media/video-with-file-url-blocked-by-csp-media-src-star.html (202149 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/media/video-with-file-url-blocked-by-csp-media-src-star.html        2016-06-17 00:00:40 UTC (rev 202149)
+++ trunk/LayoutTests/media/video-with-file-url-blocked-by-csp-media-src-star.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -1,39 +0,0 @@
</span><del>-<!DOCTYPE html>
-<html>
-<head>
-<meta http-equiv="Content-Security-Policy" content="media-src *">
-<style>
-video {
- background-color: green;
- width: 128px;
- height: 128px;
-}
-</style>
-<script src="media-file.js"></script>
-<script>
-if (window.testRunner)
- testRunner.waitUntilDone();
-
-function testFinished()
-{
- if (window.testRunner)
- testRunner.notifyDone();
-}
-
-window.onload = function ()
-{
- var video = document.getElementById("video");
- video.oncanplaythrough = function () {
- // Use a zero timer to ensure that the first frame of the video is drawn.
- window.setTimeout(testFinished, 0);
- }
- video.onerror = testFinished;
- video.src = findMediaFile("video", "content/test");
-}
-</script>
-</head>
-<body>
-<p>This tests that loading a video with a file URL is blocked when the page has Content Security Policy &quot;media-src *&quot;. This test PASSED if you see a solid green square. Otherwise, it FAILED.</p>
-<video id="video"></video>
-</body>
-</html>
</del></span></pre></div>
<a id="trunkLayoutTestsplatformmacTestExpectations"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/platform/mac/TestExpectations (202149 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/platform/mac/TestExpectations        2016-06-17 00:00:40 UTC (rev 202149)
+++ trunk/LayoutTests/platform/mac/TestExpectations        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -1355,7 +1355,7 @@
</span><span class="cx">
</span><span class="cx"> webkit.org/b/156320 fast/regions/inline-block-inside-anonymous-overflow.html [ ImageOnlyFailure ]
</span><span class="cx">
</span><del>-webkit.org/b/155196 media/video-with-file-url-allowed-by-csp-media-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html [ Skip ]
</del><ins>+webkit.org/b/155196 security/contentSecurityPolicy/video-with-file-url-allowed-by-media-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html [ Skip ]
</ins><span class="cx">
</span><span class="cx"> webkit.org/b/158101 imported/blink/http/tests/plugins/get-url-notify-on-removal.html [ Pass Timeout ]
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestsplatformmacwk1TestExpectations"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/platform/mac-wk1/TestExpectations (202149 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/platform/mac-wk1/TestExpectations        2016-06-17 00:00:40 UTC (rev 202149)
+++ trunk/LayoutTests/platform/mac-wk1/TestExpectations        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -60,8 +60,8 @@
</span><span class="cx">
</span><span class="cx"> webkit.org/b/154297 [ Debug ] fast/events/keydown-1.html [ Pass Failure ]
</span><span class="cx">
</span><del>-webkit.org/b/155196 media/video-with-blob-url-allowed-by-csp-media-src-star.html [ Skip ]
-webkit.org/b/155196 media/video-with-data-url-allowed-by-csp-media-src-star.html [ Skip ]
</del><ins>+webkit.org/b/155196 security/contentSecurityPolicy/video-with-blob-url-allowed-by-media-src-star.html [ Skip ]
+webkit.org/b/155196 security/contentSecurityPolicy/video-with-data-url-allowed-by-media-src-star.html [ Skip ]
</ins><span class="cx">
</span><span class="cx"> webkit.org/b/153143 [ Yosemite ] media/track/track-in-band-style.html [ Pass Crash ]
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestsplatformwk2TestExpectations"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/platform/wk2/TestExpectations (202149 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/platform/wk2/TestExpectations        2016-06-17 00:00:40 UTC (rev 202149)
+++ trunk/LayoutTests/platform/wk2/TestExpectations        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -621,8 +621,6 @@
</span><span class="cx"> # https://bugs.webkit.org/show_bug.cgi?id=64285
</span><span class="cx"> editing/pasteboard/file-drag-to-editable.html
</span><span class="cx"> editing/pasteboard/file-input-files-access.html
</span><del>-fast/dom/HTMLImageElement/image-with-blob-url-blocked-by-csp-img-src-star.html
-fast/dom/HTMLImageElement/image-with-blob-url-allowed-by-csp-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html
</del><span class="cx"> fast/dom/Window/window-postmessage-clone-frames.html
</span><span class="cx"> fast/dom/Window/window-postmessage-clone.html
</span><span class="cx"> fast/events/data-transfer-files-attribute-identity.html
</span><span class="lines">@@ -677,8 +675,10 @@
</span><span class="cx"> http/tests/security/clipboard/clipboard-file-access.html
</span><span class="cx"> imported/blink/storage/indexeddb/blob-basics-metadata.html
</span><span class="cx"> imported/blink/storage/indexeddb/empty-blob-file.html
</span><del>-media/video-with-blob-url-allowed-by-csp-media-src-star.html
</del><span class="cx"> media/video-src-blob.html
</span><ins>+security/contentSecurityPolicy/image-with-blob-url-allowed-by-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html
+security/contentSecurityPolicy/image-with-blob-url-blocked-by-img-src-star.html
+security/contentSecurityPolicy/video-with-blob-url-allowed-by-media-src-star.html
</ins><span class="cx"> storage/indexeddb/structured-clone.html
</span><span class="cx"> storage/indexeddb/structured-clone-private.html
</span><span class="cx">
</span></span></pre></div>
<a id="trunkLayoutTestssecuritycontentSecurityPolicyblocksvideoexpectedtxtfromrev202149trunkLayoutTestsmediacspblocksvideoexpectedtxt"></a>
<div class="copfile"><h4>Copied: trunk/LayoutTests/security/contentSecurityPolicy/blocks-video-expected.txt (from rev 202149, trunk/LayoutTests/media/csp-blocks-video-expected.txt) (0 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/security/contentSecurityPolicy/blocks-video-expected.txt         (rev 0)
+++ trunk/LayoutTests/security/contentSecurityPolicy/blocks-video-expected.txt        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -0,0 +1,4 @@
</span><ins>+CONSOLE MESSAGE: Refused to load test.mp4 because it does not appear in the media-src directive of the Content Security Policy.
+
+END OF TEST
+This test passes if it doesn't alert failure.
</ins></span></pre></div>
<a id="trunkLayoutTestssecuritycontentSecurityPolicyblocksvideohtmlfromrev202149trunkLayoutTestsmediacspblocksvideohtml"></a>
<div class="copfile"><h4>Copied: trunk/LayoutTests/security/contentSecurityPolicy/blocks-video.html (from rev 202149, trunk/LayoutTests/media/csp-blocks-video.html) (0 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/security/contentSecurityPolicy/blocks-video.html         (rev 0)
+++ trunk/LayoutTests/security/contentSecurityPolicy/blocks-video.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -0,0 +1,16 @@
</span><ins>+<meta http-equiv="Content-Security-Policy" content="media-src 'none'">
+<video controls></video>
+<script src=../../media/media-file.js></script>
+<script src=../../media/video-test.js></script>
+<p>This test passes if it doesn't alert failure.</p>
+<script>
+var mediaFile = "../../media/" + findMediaFile("video", "content/test");
+video.src = mediaFile;
+
+waitForEvent('loadedmetadata', function () {
+ alert('FAIL');
+ endTest();
+} );
+video.load();
+addEventListener('load', endTest, false);
+</script>
</ins></span></pre></div>
<a id="trunkLayoutTestssecuritycontentSecurityPolicyfontloadingblockallexpectedtxtfromrev202149trunkLayoutTestsfasttextfontloadingcspblockallexpectedtxt"></a>
<div class="copfile"><h4>Copied: trunk/LayoutTests/security/contentSecurityPolicy/font-loading-block-all-expected.txt (from rev 202149, trunk/LayoutTests/fast/text/font-loading-csp-block-all-expected.txt) (0 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/security/contentSecurityPolicy/font-loading-block-all-expected.txt         (rev 0)
+++ trunk/LayoutTests/security/contentSecurityPolicy/font-loading-block-all-expected.txt        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -0,0 +1,11 @@
</span><ins>+CONSOLE MESSAGE: Refused to load Ahem.woff because it does not appear in the font-src directive of the Content Security Policy.
+This test makes sure that the promise of a FontFace with no FontFaceSources gets rejected.
+
+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+
+
+PASS rejectedException.code is rejectedException.NETWORK_ERR
+PASS successfullyParsed is true
+
+TEST COMPLETE
+
</ins></span></pre></div>
<a id="trunkLayoutTestssecuritycontentSecurityPolicyfontloadingblockallhtmlfromrev202149trunkLayoutTestsfasttextfontloadingcspblockallhtml"></a>
<div class="copfile"><h4>Copied: trunk/LayoutTests/security/contentSecurityPolicy/font-loading-block-all.html (from rev 202149, trunk/LayoutTests/fast/text/font-loading-csp-block-all.html) (0 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/security/contentSecurityPolicy/font-loading-block-all.html         (rev 0)
+++ trunk/LayoutTests/security/contentSecurityPolicy/font-loading-block-all.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -0,0 +1,26 @@
</span><ins>+<!DOCTYPE html>
+<html>
+<head>
+<meta http-equiv="Content-Security-Policy" content="font-src 'none'">
+<script src="../../resources/js-test-pre.js"></script>
+</head>
+<body>
+<script>
+description("This test makes sure that the promise of a FontFace with no FontFaceSources gets rejected.")
+
+window.jsTestIsAsync = true;
+
+var face = new FontFace("WebFont", "url(../../resources/Ahem.woff) format('woff')", { });
+
+var rejectedException;
+var loading = face.load().then(function() {
+ testFailed("Promise should not resolve successfully.");
+ finishJSTest();
+}, function(e) {
+ rejectedException = e;
+ shouldBe("rejectedException.code", "rejectedException.NETWORK_ERR");
+ finishJSTest();
+});
+</script>
+<script src="../../resources/js-test-post.js"></script>
+</body>
</ins></span></pre></div>
<a id="trunkLayoutTestssecuritycontentSecurityPolicyimagewithbloburlallowedbyimgsrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledexpectedhtmlfromrev202149trunkLayoutTestsfastdomHTMLImageElementimagewithbloburlallowedbycspimgsrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledexpectedhtml"></a>
<div class="copfile"><h4>Copied: trunk/LayoutTests/security/contentSecurityPolicy/image-with-blob-url-allowed-by-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html (from rev 202149, trunk/LayoutTests/fast/dom/HTMLImageElement/image-with-blob-url-allowed-by-csp-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html) (0 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/security/contentSecurityPolicy/image-with-blob-url-allowed-by-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html         (rev 0)
+++ trunk/LayoutTests/security/contentSecurityPolicy/image-with-blob-url-allowed-by-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -0,0 +1,7 @@
</span><ins>+<!DOCTYPE html>
+<html>
+<body>
+<p>This tests that loading image with a blob URL is allowed when the page has Content Security Policy &quot;image-src *&quot; and the WebKit setting AllowContentSecurityPolicySourceStarToMatchAnyProtocol is enabled. To run this test by hand, select an image file. This test PASSED if the image loads. Otherwise, it FAILED.</p>
+<img width="128" height="128" src="../../fast/dom/resources/abe.png">
+</body>
+</html>
</ins></span></pre></div>
<a id="trunkLayoutTestssecuritycontentSecurityPolicyimagewithbloburlallowedbyimgsrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledhtmlfromrev202149trunkLayoutTestsfastdomHTMLImageElementimagewithbloburlallowedbycspimgsrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledhtml"></a>
<div class="copfile"><h4>Copied: trunk/LayoutTests/security/contentSecurityPolicy/image-with-blob-url-allowed-by-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html (from rev 202149, trunk/LayoutTests/fast/dom/HTMLImageElement/image-with-blob-url-allowed-by-csp-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html) (0 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/security/contentSecurityPolicy/image-with-blob-url-allowed-by-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html         (rev 0)
+++ trunk/LayoutTests/security/contentSecurityPolicy/image-with-blob-url-allowed-by-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -0,0 +1,59 @@
</span><ins>+<!DOCTYPE html>
+<html>
+<head>
+<meta http-equiv="Content-Security-Policy" content="img-src *">
+</head>
+<script>
+if (window.testRunner)
+ testRunner.waitUntilDone();
+
+if (window.internals && window.internals.settings)
+ internals.settings.setAllowContentSecurityPolicySourceStarToMatchAnyProtocol(true);
+
+var fileInput;
+
+function testFinished()
+{
+ if (window.testRunner)
+ testRunner.notifyDone();
+}
+
+function loadImage(event)
+{
+ var image = document.createElement("img");
+ image.height = "128";
+ image.width = "128";
+ image.alt = "FAIL";
+ image.onload = testFinished;
+ image.onerror = testFinished;
+ image.src = window.URL.createObjectURL(event.target.files[0]);
+
+ document.body.removeChild(fileInput);
+ document.body.appendChild(image);
+}
+
+function runTest()
+{
+ if (!window.eventSender)
+ return;
+
+ var x = fileInput.offsetLeft + fileInput.offsetWidth / 2;
+ var y = fileInput.offsetTop + fileInput.offsetHeight / 2;
+
+ eventSender.beginDragWithFiles(["../../fast/dom/resources/abe.png"]);
+ eventSender.mouseMoveTo(x, y);
+ eventSender.mouseUp();
+}
+
+window.onload = function ()
+{
+ fileInput = document.getElementById("file");
+ fileInput.onchange = loadImage;
+ runTest();
+}
+</script>
+<body>
+<p>This tests that loading image with a blob URL is allowed when the page has Content Security Policy &quot;image-src *&quot; and the WebKit setting AllowContentSecurityPolicySourceStarToMatchAnyProtocol is enabled. To run this test by hand, select an image file. This test PASSED if the image loads. Otherwise, it FAILED.</p>
+<input type="file" id="file" accept="image/*">
+</body>
+</html>
</ins></span></pre></div>
<a id="trunkLayoutTestssecuritycontentSecurityPolicyimagewithbloburlblockedbyimgsrcstarexpectedhtmlfromrev202149trunkLayoutTestsfastdomHTMLImageElementimagewithbloburlblockedbycspimgsrcstarexpectedhtml"></a>
<div class="copfile"><h4>Copied: trunk/LayoutTests/security/contentSecurityPolicy/image-with-blob-url-blocked-by-img-src-star-expected.html (from rev 202149, trunk/LayoutTests/fast/dom/HTMLImageElement/image-with-blob-url-blocked-by-csp-img-src-star-expected.html) (0 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/security/contentSecurityPolicy/image-with-blob-url-blocked-by-img-src-star-expected.html         (rev 0)
+++ trunk/LayoutTests/security/contentSecurityPolicy/image-with-blob-url-blocked-by-img-src-star-expected.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -0,0 +1,7 @@
</span><ins>+<!DOCTYPE html>
+<html>
+<body>
+<p>This tests that loading image with a blob URL is blocked when the page has Content Security Policy &quot;image-src *&quot;. To run this test by hand, select an image file. This test PASSED if you see the word PASS below. Otherwise, it FAILED.</p>
+<img width="128" height="128" alt="PASS">
+</body>
+</html>
</ins></span></pre></div>
<a id="trunkLayoutTestssecuritycontentSecurityPolicyimagewithbloburlblockedbyimgsrcstarhtmlfromrev202149trunkLayoutTestsfastdomHTMLImageElementimagewithbloburlblockedbycspimgsrcstarhtml"></a>
<div class="copfile"><h4>Copied: trunk/LayoutTests/security/contentSecurityPolicy/image-with-blob-url-blocked-by-img-src-star.html (from rev 202149, trunk/LayoutTests/fast/dom/HTMLImageElement/image-with-blob-url-blocked-by-csp-img-src-star.html) (0 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/security/contentSecurityPolicy/image-with-blob-url-blocked-by-img-src-star.html         (rev 0)
+++ trunk/LayoutTests/security/contentSecurityPolicy/image-with-blob-url-blocked-by-img-src-star.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -0,0 +1,56 @@
</span><ins>+<!DOCTYPE html>
+<html>
+<head>
+<meta http-equiv="Content-Security-Policy" content="img-src *">
+</head>
+<script>
+if (window.testRunner)
+ testRunner.waitUntilDone();
+
+var fileInput;
+
+function testFinished()
+{
+ if (window.testRunner)
+ testRunner.notifyDone();
+}
+
+function loadImage(event)
+{
+ var image = document.createElement("img");
+ image.height = "128";
+ image.width = "128";
+ image.alt = "PASS";
+ image.onload = testFinished;
+ image.onerror = testFinished;
+ image.src = window.URL.createObjectURL(event.target.files[0]);
+
+ document.body.removeChild(fileInput);
+ document.body.appendChild(image);
+}
+
+function runTest()
+{
+ if (!window.eventSender)
+ return;
+
+ var x = fileInput.offsetLeft + fileInput.offsetWidth / 2;
+ var y = fileInput.offsetTop + fileInput.offsetHeight / 2;
+
+ eventSender.beginDragWithFiles(["../../fast/dom/resources/abe.png"]);
+ eventSender.mouseMoveTo(x, y);
+ eventSender.mouseUp();
+}
+
+window.onload = function ()
+{
+ fileInput = document.getElementById("file");
+ fileInput.onchange = loadImage;
+ runTest();
+}
+</script>
+<body>
+<p>This tests that loading image with a blob URL is blocked when the page has Content Security Policy &quot;image-src *&quot;. To run this test by hand, select an image file. This test PASSED if you see the word PASS below. Otherwise, it FAILED.</p>
+<input type="file" id="file" accept="image/*">
+</body>
+</html>
</ins></span></pre></div>
<a id="trunkLayoutTestssecuritycontentSecurityPolicyimagewithdataurlallowedbyimgsrcstarexpectedhtmlfromrev202149trunkLayoutTestsfastdomHTMLImageElementimagewithdataurlallowedbycspimgsrcstarexpectedhtml"></a>
<div class="copfile"><h4>Copied: trunk/LayoutTests/security/contentSecurityPolicy/image-with-data-url-allowed-by-img-src-star-expected.html (from rev 202149, trunk/LayoutTests/fast/dom/HTMLImageElement/image-with-data-url-allowed-by-csp-img-src-star-expected.html) (0 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/security/contentSecurityPolicy/image-with-data-url-allowed-by-img-src-star-expected.html         (rev 0)
+++ trunk/LayoutTests/security/contentSecurityPolicy/image-with-data-url-allowed-by-img-src-star-expected.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -0,0 +1,7 @@
</span><ins>+<!DOCTYPE html>
+<html>
+<body>
+<p>This tests that loading image with a data URL is blocked when the page has Content Security Policy &quot;image-src *&quot;. This test PASSED if you see a green square below. Otherwise, it FAILED.</p>
+<img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAADwAAAA8CAIAAAC1nk4lAAAAAXNSR0IArs4c6QAAAAlwSFlzAAALEwAACxMBAJqcGAAAAAd0SU1FB9oFFQg4GNq2yCEAAAAZdEVYdENvbW1lbnQAQ3JlYXRlZCB3aXRoIEdJTVBXgQ4XAAAAR0lEQVRo3u3OQQ0AAAgEoNPkRjeFDzdIQGXyTifS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0vcWUo0A+IZA5H8AAAAASUVORK5CYII=" width="128" height="128">
+</body>
+</html>
</ins></span></pre></div>
<a id="trunkLayoutTestssecuritycontentSecurityPolicyimagewithdataurlallowedbyimgsrcstarhtmlfromrev202149trunkLayoutTestsfastdomHTMLImageElementimagewithdataurlallowedbycspimgsrcstarhtml"></a>
<div class="copfile"><h4>Copied: trunk/LayoutTests/security/contentSecurityPolicy/image-with-data-url-allowed-by-img-src-star.html (from rev 202149, trunk/LayoutTests/fast/dom/HTMLImageElement/image-with-data-url-allowed-by-csp-img-src-star.html) (0 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/security/contentSecurityPolicy/image-with-data-url-allowed-by-img-src-star.html         (rev 0)
+++ trunk/LayoutTests/security/contentSecurityPolicy/image-with-data-url-allowed-by-img-src-star.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -0,0 +1,10 @@
</span><ins>+<!DOCTYPE html>
+<html>
+<head>
+<meta http-equiv="Content-Security-Policy" content="img-src *">
+</head>
+<body>
+<p>This tests that loading image with a data URL is blocked when the page has Content Security Policy &quot;image-src *&quot;. This test PASSED if you see a green square below. Otherwise, it FAILED.</p>
+<img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAADwAAAA8CAIAAAC1nk4lAAAAAXNSR0IArs4c6QAAAAlwSFlzAAALEwAACxMBAJqcGAAAAAd0SU1FB9oFFQg4GNq2yCEAAAAZdEVYdENvbW1lbnQAQ3JlYXRlZCB3aXRoIEdJTVBXgQ4XAAAAR0lEQVRo3u3OQQ0AAAgEoNPkRjeFDzdIQGXyTifS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0vcWUo0A+IZA5H8AAAAASUVORK5CYII=" width="128" height="128">
+</body>
+</html>
</ins></span></pre></div>
<a id="trunkLayoutTestssecuritycontentSecurityPolicyimagewithfileurlallowedbyimgsrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledexpectedhtmlfromrev202149trunkLayoutTestsfastdomHTMLImageElementimagewithfileurlallowedbycspimgsrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledexpectedhtml"></a>
<div class="copfile"><h4>Copied: trunk/LayoutTests/security/contentSecurityPolicy/image-with-file-url-allowed-by-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html (from rev 202149, trunk/LayoutTests/fast/dom/HTMLImageElement/image-with-file-url-allowed-by-csp-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html) (0 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/security/contentSecurityPolicy/image-with-file-url-allowed-by-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html         (rev 0)
+++ trunk/LayoutTests/security/contentSecurityPolicy/image-with-file-url-allowed-by-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -0,0 +1,7 @@
</span><ins>+<!DOCTYPE html>
+<html>
+<body>
+<p>This tests that loading image with a file URL is allowed when the page has Content Security Policy &quot;image-src *&quot; and the WebKit setting AllowContentSecurityPolicySourceStarToMatchAnyProtocol is enabled. This test PASSED if you see a green square below. Otherwise, it FAILED.</p>
+<img src="../../fast/dom/HTMLImageElement/resources/green.png" width="128" height="128">
+</body>
+</html>
</ins></span></pre></div>
<a id="trunkLayoutTestssecuritycontentSecurityPolicyimagewithfileurlallowedbyimgsrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledhtmlfromrev202149trunkLayoutTestsfastdomHTMLImageElementimagewithfileurlallowedbycspimgsrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledhtml"></a>
<div class="copfile"><h4>Copied: trunk/LayoutTests/security/contentSecurityPolicy/image-with-file-url-allowed-by-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html (from rev 202149, trunk/LayoutTests/fast/dom/HTMLImageElement/image-with-file-url-allowed-by-csp-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html) (0 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/security/contentSecurityPolicy/image-with-file-url-allowed-by-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html         (rev 0)
+++ trunk/LayoutTests/security/contentSecurityPolicy/image-with-file-url-allowed-by-img-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -0,0 +1,14 @@
</span><ins>+<!DOCTYPE html>
+<html>
+<head>
+<meta http-equiv="Content-Security-Policy" content="img-src *">
+<script>
+if (window.internals && window.internals.settings)
+ internals.settings.setAllowContentSecurityPolicySourceStarToMatchAnyProtocol(true);
+</script>
+</head>
+<body>
+<p>This tests that loading image with a file URL is allowed when the page has Content Security Policy &quot;image-src *&quot; and the WebKit setting AllowContentSecurityPolicySourceStarToMatchAnyProtocol is enabled. This test PASSED if you see a green square below. Otherwise, it FAILED.</p>
+<img src="../../fast/dom/HTMLImageElement/resources/green.png" width="128" height="128" alt="FAIL">
+</body>
+</html>
</ins></span></pre></div>
<a id="trunkLayoutTestssecuritycontentSecurityPolicyimagewithfileurlblockedbyimgsrcstarexpectedhtmlfromrev202149trunkLayoutTestsfastdomHTMLImageElementimagewithfileurlblockedbycspimgsrcstarexpectedhtml"></a>
<div class="copfile"><h4>Copied: trunk/LayoutTests/security/contentSecurityPolicy/image-with-file-url-blocked-by-img-src-star-expected.html (from rev 202149, trunk/LayoutTests/fast/dom/HTMLImageElement/image-with-file-url-blocked-by-csp-img-src-star-expected.html) (0 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/security/contentSecurityPolicy/image-with-file-url-blocked-by-img-src-star-expected.html         (rev 0)
+++ trunk/LayoutTests/security/contentSecurityPolicy/image-with-file-url-blocked-by-img-src-star-expected.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -0,0 +1,7 @@
</span><ins>+<!DOCTYPE html>
+<html>
+<body>
+<p>This tests that loading image with a file URL is blocked when the page has Content Security Policy &quot;image-src *&quot;. This test PASSED if you see the word PASS below. Otherwise, it FAILED.</p>
+<img src="" width="128" height="128" alt="PASS">
+</body>
+</html>
</ins></span></pre></div>
<a id="trunkLayoutTestssecuritycontentSecurityPolicyimagewithfileurlblockedbyimgsrcstarhtmlfromrev202149trunkLayoutTestsfastdomHTMLImageElementimagewithfileurlblockedbycspimgsrcstarhtml"></a>
<div class="copfile"><h4>Copied: trunk/LayoutTests/security/contentSecurityPolicy/image-with-file-url-blocked-by-img-src-star.html (from rev 202149, trunk/LayoutTests/fast/dom/HTMLImageElement/image-with-file-url-blocked-by-csp-img-src-star.html) (0 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/security/contentSecurityPolicy/image-with-file-url-blocked-by-img-src-star.html         (rev 0)
+++ trunk/LayoutTests/security/contentSecurityPolicy/image-with-file-url-blocked-by-img-src-star.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -0,0 +1,10 @@
</span><ins>+<!DOCTYPE html>
+<html>
+<head>
+<meta http-equiv="Content-Security-Policy" content="img-src *">
+</head>
+<body>
+<p>This tests that loading image with a file URL is blocked when the page has Content Security Policy &quot;image-src *&quot;. This test PASSED if you see the word PASS below. Otherwise, it FAILED.</p>
+<img src="resources/green.png" width="128" height="128" alt="PASS">
+</body>
+</html>
</ins></span></pre></div>
<a id="trunkLayoutTestssecuritycontentSecurityPolicylinkwithbloburlallowedbystylesrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledexpectedhtmlfromrev202149trunkLayoutTestsfastdomHTMLLinkElementlinkwithbloburlallowedbycspstylesrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledexpectedhtml"></a>
<div class="copfile"><h4>Copied: trunk/LayoutTests/security/contentSecurityPolicy/link-with-blob-url-allowed-by-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html (from rev 202149, trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-blob-url-allowed-by-csp-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html) (0 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/security/contentSecurityPolicy/link-with-blob-url-allowed-by-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html         (rev 0)
+++ trunk/LayoutTests/security/contentSecurityPolicy/link-with-blob-url-allowed-by-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -0,0 +1,7 @@
</span><ins>+<!DOCTYPE html>
+<html>
+<body>
+<p>This tests that loading a stylesheet with a blob URL is allowed when the page has Content Security Policy &quot;style-src *&quot; and the WebKit setting AllowContentSecurityPolicySourceStarToMatchAnyProtocol is enabled. This test PASSED if you see a green square below. Otherwise, it FAILED.</p>
+<div style="background-color: green; height: 128px; width: 128px"></div>
+</body>
+</html>
</ins></span></pre></div>
<a id="trunkLayoutTestssecuritycontentSecurityPolicylinkwithbloburlallowedbystylesrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledhtmlfromrev202149trunkLayoutTestsfastdomHTMLLinkElementlinkwithbloburlallowedbycspstylesrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledhtml"></a>
<div class="copfile"><h4>Copied: trunk/LayoutTests/security/contentSecurityPolicy/link-with-blob-url-allowed-by-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html (from rev 202149, trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-blob-url-allowed-by-csp-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html) (0 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/security/contentSecurityPolicy/link-with-blob-url-allowed-by-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html         (rev 0)
+++ trunk/LayoutTests/security/contentSecurityPolicy/link-with-blob-url-allowed-by-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -0,0 +1,32 @@
</span><ins>+<!DOCTYPE html>
+<html>
+<head>
+<style>
+#test {
+ background-color: red;
+ height: 128px;
+ width: 128px;
+}
+</style>
+<meta http-equiv="Content-Security-Policy" content="style-src *">
+<script>
+if (window.internals && window.internals.settings)
+ internals.settings.setAllowContentSecurityPolicySourceStarToMatchAnyProtocol(true);
+
+function createLinkElementWithStylesheet(stylesheetURL)
+{
+ var link = document.createElement("link");
+ link.rel = "stylesheet";
+ link.href = stylesheetURL;
+ return link;
+}
+
+var blobURL = window.URL.createObjectURL(new Blob(["#test { background-color: green !important; }"], {type: "text/css"}));
+document.head.appendChild(createLinkElementWithStylesheet(blobURL));
+</script>
+</head>
+<body>
+<p>This tests that loading a stylesheet with a blob URL is allowed when the page has Content Security Policy &quot;style-src *&quot; and the WebKit setting AllowContentSecurityPolicySourceStarToMatchAnyProtocol is enabled. This test PASSED if you see a green square below. Otherwise, it FAILED.</p>
+<div id="test"></div>
+</body>
+</html>
</ins></span></pre></div>
<a id="trunkLayoutTestssecuritycontentSecurityPolicylinkwithbloburlblockedbystylesrcstarexpectedhtmlfromrev202149trunkLayoutTestsfastdomHTMLLinkElementlinkwithbloburlblockedbycspstylesrcstarexpectedhtml"></a>
<div class="copfile"><h4>Copied: trunk/LayoutTests/security/contentSecurityPolicy/link-with-blob-url-blocked-by-style-src-star-expected.html (from rev 202149, trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-blob-url-blocked-by-csp-style-src-star-expected.html) (0 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/security/contentSecurityPolicy/link-with-blob-url-blocked-by-style-src-star-expected.html         (rev 0)
+++ trunk/LayoutTests/security/contentSecurityPolicy/link-with-blob-url-blocked-by-style-src-star-expected.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -0,0 +1,7 @@
</span><ins>+<!DOCTYPE html>
+<html>
+<body>
+<p>This tests that loading a stylesheet with a blob URL is blocked when the page has Content Security Policy &quot;style-src *&quot;. This test PASSED if you see a green square below. Otherwise, it FAILED.</p>
+<div style="background-color: green; height: 128px; width: 128px"></div>
+</body>
+</html>
</ins></span></pre></div>
<a id="trunkLayoutTestssecuritycontentSecurityPolicylinkwithbloburlblockedbystylesrcstarhtmlfromrev202149trunkLayoutTestsfastdomHTMLLinkElementlinkwithbloburlblockedbycspstylesrcstarhtml"></a>
<div class="copfile"><h4>Copied: trunk/LayoutTests/security/contentSecurityPolicy/link-with-blob-url-blocked-by-style-src-star.html (from rev 202149, trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-blob-url-blocked-by-csp-style-src-star.html) (0 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/security/contentSecurityPolicy/link-with-blob-url-blocked-by-style-src-star.html         (rev 0)
+++ trunk/LayoutTests/security/contentSecurityPolicy/link-with-blob-url-blocked-by-style-src-star.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -0,0 +1,29 @@
</span><ins>+<!DOCTYPE html>
+<html>
+<head>
+<style>
+#test {
+ background-color: green;
+ height: 128px;
+ width: 128px;
+}
+</style>
+<meta http-equiv="Content-Security-Policy" content="style-src *">
+<script>
+function createLinkElementWithStylesheet(stylesheetURL)
+{
+ var link = document.createElement("link");
+ link.rel = "stylesheet";
+ link.href = stylesheetURL;
+ return link;
+}
+
+var blobURL = window.URL.createObjectURL(new Blob(["#test { background-color: red !important; }"], {type: "text/css"}));
+document.head.appendChild(createLinkElementWithStylesheet(blobURL));
+</script>
+</head>
+<body>
+<p>This tests that loading a stylesheet with a blob URL is blocked when the page has Content Security Policy &quot;style-src *&quot;. This test PASSED if you see a green square below. Otherwise, it FAILED.</p>
+<div id="test"></div>
+</body>
+</html>
</ins></span></pre></div>
<a id="trunkLayoutTestssecuritycontentSecurityPolicylinkwithdataurlallowedbystylesrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledexpectedhtmlfromrev202149trunkLayoutTestsfastdomHTMLLinkElementlinkwithdataurlallowedbycspstylesrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledexpectedhtml"></a>
<div class="copfile"><h4>Copied: trunk/LayoutTests/security/contentSecurityPolicy/link-with-data-url-allowed-by-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html (from rev 202149, trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-data-url-allowed-by-csp-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html) (0 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/security/contentSecurityPolicy/link-with-data-url-allowed-by-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html         (rev 0)
+++ trunk/LayoutTests/security/contentSecurityPolicy/link-with-data-url-allowed-by-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -0,0 +1,7 @@
</span><ins>+<!DOCTYPE html>
+<html>
+<body>
+<p>This tests that loading a stylesheet with a data URL is allowed when the page has Content Security Policy &quot;style-src *&quot; and the WebKit setting AllowContentSecurityPolicySourceStarToMatchAnyProtocol is enabled. This test PASSED if you see a green square below. Otherwise, it FAILED.</p>
+<div style="background-color: green; height: 128px; width: 128px"></div>
+</body>
+</html>
</ins></span></pre></div>
<a id="trunkLayoutTestssecuritycontentSecurityPolicylinkwithdataurlallowedbystylesrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledhtmlfromrev202149trunkLayoutTestsfastdomHTMLLinkElementlinkwithdataurlallowedbycspstylesrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledhtml"></a>
<div class="copfile"><h4>Copied: trunk/LayoutTests/security/contentSecurityPolicy/link-with-data-url-allowed-by-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html (from rev 202149, trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-data-url-allowed-by-csp-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html) (0 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/security/contentSecurityPolicy/link-with-data-url-allowed-by-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html         (rev 0)
+++ trunk/LayoutTests/security/contentSecurityPolicy/link-with-data-url-allowed-by-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -0,0 +1,22 @@
</span><ins>+<!DOCTYPE html>
+<html>
+<head>
+<style>
+#test {
+ background-color: red;
+ height: 128px;
+ width: 128px;
+}
+</style>
+<meta http-equiv="Content-Security-Policy" content="style-src *">
+<script>
+if (window.internals && window.internals.settings)
+ internals.settings.setAllowContentSecurityPolicySourceStarToMatchAnyProtocol(true);
+</script>
+<link rel="stylesheet" href="data:text/css, #test { background-color: green !important; }">
+</head>
+<body>
+<p>This tests that loading a stylesheet with a data URL is allowed when the page has Content Security Policy &quot;style-src *&quot; and the WebKit setting AllowContentSecurityPolicySourceStarToMatchAnyProtocol is enabled. This test PASSED if you see a green square below. Otherwise, it FAILED.</p>
+<div id="test"></div>
+</body>
+</html>
</ins></span></pre></div>
<a id="trunkLayoutTestssecuritycontentSecurityPolicylinkwithdataurlblockedbystylesrcstarexpectedhtmlfromrev202149trunkLayoutTestsfastdomHTMLLinkElementlinkwithdataurlblockedbycspstylesrcstarexpectedhtml"></a>
<div class="copfile"><h4>Copied: trunk/LayoutTests/security/contentSecurityPolicy/link-with-data-url-blocked-by-style-src-star-expected.html (from rev 202149, trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-data-url-blocked-by-csp-style-src-star-expected.html) (0 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/security/contentSecurityPolicy/link-with-data-url-blocked-by-style-src-star-expected.html         (rev 0)
+++ trunk/LayoutTests/security/contentSecurityPolicy/link-with-data-url-blocked-by-style-src-star-expected.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -0,0 +1,7 @@
</span><ins>+<!DOCTYPE html>
+<html>
+<body>
+<p>This tests that loading a stylesheet with a data URL is blocked when the page has Content Security Policy &quot;style-src *&quot;. This test PASSED if you see a green square below. Otherwise, it FAILED.</p>
+<div style="background-color: green; height: 128px; width: 128px"></div>
+</body>
+</html>
</ins></span></pre></div>
<a id="trunkLayoutTestssecuritycontentSecurityPolicylinkwithdataurlblockedbystylesrcstarhtmlfromrev202149trunkLayoutTestsfastdomHTMLLinkElementlinkwithdataurlblockedbycspstylesrcstarhtml"></a>
<div class="copfile"><h4>Copied: trunk/LayoutTests/security/contentSecurityPolicy/link-with-data-url-blocked-by-style-src-star.html (from rev 202149, trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-data-url-blocked-by-csp-style-src-star.html) (0 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/security/contentSecurityPolicy/link-with-data-url-blocked-by-style-src-star.html         (rev 0)
+++ trunk/LayoutTests/security/contentSecurityPolicy/link-with-data-url-blocked-by-style-src-star.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -0,0 +1,18 @@
</span><ins>+<!DOCTYPE html>
+<html>
+<head>
+<style>
+#test {
+ background-color: green;
+ height: 128px;
+ width: 128px;
+}
+</style>
+<meta http-equiv="Content-Security-Policy" content="style-src *">
+<link rel="stylesheet" href="data:text/css, #test { background-color: red !important; }">
+</head>
+<body>
+<p>This tests that loading a stylesheet with a data URL is blocked when the page has Content Security Policy &quot;style-src *&quot;. This test PASSED if you see a green square below. Otherwise, it FAILED.</p>
+<div id="test"></div>
+</body>
+</html>
</ins></span></pre></div>
<a id="trunkLayoutTestssecuritycontentSecurityPolicylinkwithfileurlallowedbystylesrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledexpectedhtmlfromrev202149trunkLayoutTestsfastdomHTMLLinkElementlinkwithfileurlallowedbycspstylesrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledexpectedhtml"></a>
<div class="copfile"><h4>Copied: trunk/LayoutTests/security/contentSecurityPolicy/link-with-file-url-allowed-by-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html (from rev 202149, trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-file-url-allowed-by-csp-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html) (0 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/security/contentSecurityPolicy/link-with-file-url-allowed-by-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html         (rev 0)
+++ trunk/LayoutTests/security/contentSecurityPolicy/link-with-file-url-allowed-by-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -0,0 +1,7 @@
</span><ins>+<!DOCTYPE html>
+<html>
+<body>
+<p>This tests that loading a stylesheet with a file URL is allowed when the page has Content Security Policy &quot;style-src *&quot; and the WebKit setting AllowContentSecurityPolicySourceStarToMatchAnyProtocol is enabled. This test PASSED if you see a green square below. Otherwise, it FAILED.</p>
+<div style="background-color: green; height: 128px; width: 128px"></div>
+</body>
+</html>
</ins></span></pre></div>
<a id="trunkLayoutTestssecuritycontentSecurityPolicylinkwithfileurlallowedbystylesrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledhtmlfromrev202149trunkLayoutTestsfastdomHTMLLinkElementlinkwithfileurlallowedbycspstylesrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledhtml"></a>
<div class="copfile"><h4>Copied: trunk/LayoutTests/security/contentSecurityPolicy/link-with-file-url-allowed-by-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html (from rev 202149, trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-file-url-allowed-by-csp-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html) (0 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/security/contentSecurityPolicy/link-with-file-url-allowed-by-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html         (rev 0)
+++ trunk/LayoutTests/security/contentSecurityPolicy/link-with-file-url-allowed-by-style-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -0,0 +1,22 @@
</span><ins>+<!DOCTYPE html>
+<html>
+<head>
+<style>
+#test {
+ background-color: red;
+ height: 128px;
+ width: 128px;
+}
+</style>
+<meta http-equiv="Content-Security-Policy" content="style-src *">
+<script>
+if (window.internals && window.internals.settings)
+ internals.settings.setAllowContentSecurityPolicySourceStarToMatchAnyProtocol(true);
+</script>
+<link rel="stylesheet" href="../../fast/dom/HTMLLinkElement/resources/green-background-color.css">
+</head>
+<body>
+<p>This tests that loading a stylesheet with a file URL is allowed when the page has Content Security Policy &quot;style-src *&quot; and the WebKit setting AllowContentSecurityPolicySourceStarToMatchAnyProtocol is enabled. This test PASSED if you see a green square below. Otherwise, it FAILED.</p>
+<div id="test"></div>
+</body>
+</html>
</ins></span></pre></div>
<a id="trunkLayoutTestssecuritycontentSecurityPolicylinkwithfileurlblockedbystylesrcstarexpectedhtmlfromrev202149trunkLayoutTestsfastdomHTMLLinkElementlinkwithfileurlblockedbycspstylesrcstarexpectedhtml"></a>
<div class="copfile"><h4>Copied: trunk/LayoutTests/security/contentSecurityPolicy/link-with-file-url-blocked-by-style-src-star-expected.html (from rev 202149, trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-file-url-blocked-by-csp-style-src-star-expected.html) (0 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/security/contentSecurityPolicy/link-with-file-url-blocked-by-style-src-star-expected.html         (rev 0)
+++ trunk/LayoutTests/security/contentSecurityPolicy/link-with-file-url-blocked-by-style-src-star-expected.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -0,0 +1,7 @@
</span><ins>+<!DOCTYPE html>
+<html>
+<body>
+<p>This tests that loading a stylesheet with a file URL is blocked when the page has Content Security Policy &quot;style-src *&quot;. This test PASSED if you see a green square below. Otherwise, it FAILED.</p>
+<div style="background-color: green; height: 128px; width: 128px"></div>
+</body>
+</html>
</ins></span></pre></div>
<a id="trunkLayoutTestssecuritycontentSecurityPolicylinkwithfileurlblockedbystylesrcstarhtmlfromrev202149trunkLayoutTestsfastdomHTMLLinkElementlinkwithfileurlblockedbycspstylesrcstarhtml"></a>
<div class="copfile"><h4>Copied: trunk/LayoutTests/security/contentSecurityPolicy/link-with-file-url-blocked-by-style-src-star.html (from rev 202149, trunk/LayoutTests/fast/dom/HTMLLinkElement/link-with-file-url-blocked-by-csp-style-src-star.html) (0 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/security/contentSecurityPolicy/link-with-file-url-blocked-by-style-src-star.html         (rev 0)
+++ trunk/LayoutTests/security/contentSecurityPolicy/link-with-file-url-blocked-by-style-src-star.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -0,0 +1,18 @@
</span><ins>+<!DOCTYPE html>
+<html>
+<head>
+<style>
+#test {
+ background-color: green;
+ height: 128px;
+ width: 128px;
+}
+</style>
+<meta http-equiv="Content-Security-Policy" content="style-src *">
+<link rel="stylesheet" href="resources/red-background-color.css">
+</head>
+<body>
+<p>This tests that loading a stylesheet with a file URL is blocked when the page has Content Security Policy &quot;style-src *&quot;. This test PASSED if you see a green square below. Otherwise, it FAILED.</p>
+<div id="test"></div>
+</body>
+</html>
</ins></span></pre></div>
<a id="trunkLayoutTestssecuritycontentSecurityPolicyresourcesworkerinheritsblocksevaljsfromrev202149trunkLayoutTestsfastworkersresourcesworkerinheritscspblocksevaljs"></a>
<div class="copfile"><h4>Copied: trunk/LayoutTests/security/contentSecurityPolicy/resources/worker-inherits-blocks-eval.js (from rev 202149, trunk/LayoutTests/fast/workers/resources/worker-inherits-csp-blocks-eval.js) (0 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/security/contentSecurityPolicy/resources/worker-inherits-blocks-eval.js         (rev 0)
+++ trunk/LayoutTests/security/contentSecurityPolicy/resources/worker-inherits-blocks-eval.js        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -0,0 +1,14 @@
</span><ins>+var exception;
+try {
+ eval("1 + 0");
+} catch (e) {
+ exception = e;
+}
+if (!exception)
+ self.postMessage("FAIL should throw EvalError. But did not throw an exception.");
+else {
+ if (exception instanceof EvalError)
+ self.postMessage("PASS threw exception " + exception + ".");
+ else
+ self.postMessage("FAIL should throw EvalError. Threw exception " + exception + ".");
+}
</ins></span></pre></div>
<a id="trunkLayoutTestssecuritycontentSecurityPolicyresourcesworkerinheritsblocksxhrjsfromrev202149trunkLayoutTestsfastworkersresourcesworkerinheritscspblocksxhrjs"></a>
<div class="copfile"><h4>Copied: trunk/LayoutTests/security/contentSecurityPolicy/resources/worker-inherits-blocks-xhr.js (from rev 202149, trunk/LayoutTests/fast/workers/resources/worker-inherits-csp-blocks-xhr.js) (0 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/security/contentSecurityPolicy/resources/worker-inherits-blocks-xhr.js         (rev 0)
+++ trunk/LayoutTests/security/contentSecurityPolicy/resources/worker-inherits-blocks-xhr.js        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -0,0 +1,19 @@
</span><ins>+var exception;
+try {
+ var xhr = new XMLHttpRequest;
+ var isAsynchronous = false;
+ xhr.open("GET", "non-existent-file", isAsynchronous);
+ xhr.send();
+} catch (e) {
+ exception = e;
+}
+
+var expectedExceptionCode = 19; // DOMException.NETWORK_ERR
+if (!exception)
+ self.postMessage("FAIL should throw " + expectedExceptionCode + ". But did not throw an exception.");
+else {
+ if (exception.code === expectedExceptionCode)
+ self.postMessage("PASS threw exception " + exception + ".");
+ else
+ self.postMessage("FAIL should throw " + expectedExceptionCode + ". Threw exception " + exception + ".");
+}
</ins></span></pre></div>
<a id="trunkLayoutTestssecuritycontentSecurityPolicyvideowithbloburlallowedbymediasrcstarexpectedhtmlfromrev202149trunkLayoutTestsmediavideowithbloburlallowedbycspmediasrcstarexpectedhtml"></a>
<div class="copfile"><h4>Copied: trunk/LayoutTests/security/contentSecurityPolicy/video-with-blob-url-allowed-by-media-src-star-expected.html (from rev 202149, trunk/LayoutTests/media/video-with-blob-url-allowed-by-csp-media-src-star-expected.html) (0 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/security/contentSecurityPolicy/video-with-blob-url-allowed-by-media-src-star-expected.html         (rev 0)
+++ trunk/LayoutTests/security/contentSecurityPolicy/video-with-blob-url-allowed-by-media-src-star-expected.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -0,0 +1,28 @@
</span><ins>+<!DOCTYPE html>
+<html>
+<head>
+<script src="media-file.js"></script>
+<script>
+if (window.testRunner)
+ testRunner.waitUntilDone();
+
+function testFinished()
+{
+ if (window.testRunner)
+ testRunner.notifyDone();
+}
+
+window.onload = function ()
+{
+ var video = document.getElementById("video");
+ video.onloadedmetadata = testFinished;
+ video.onerror = testFinished;
+ video.src = findMediaFile("video", "content/test");
+}
+</script>
+</head>
+<body>
+<p>This tests that loading a video with a blob URL is allowed when the page has Content Security Policy &quot;media-src *&quot;. To run this test by hand, select a video file. This test PASSED if the video loads and its first frame is shown below. Otherwise, it FAILED.</p>
+<video id="video"></video>
+</body>
+</html>
</ins></span></pre></div>
<a id="trunkLayoutTestssecuritycontentSecurityPolicyvideowithbloburlallowedbymediasrcstarhtmlfromrev202149trunkLayoutTestsmediavideowithbloburlallowedbycspmediasrcstarhtml"></a>
<div class="copfile"><h4>Copied: trunk/LayoutTests/security/contentSecurityPolicy/video-with-blob-url-allowed-by-media-src-star.html (from rev 202149, trunk/LayoutTests/media/video-with-blob-url-allowed-by-csp-media-src-star.html) (0 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/security/contentSecurityPolicy/video-with-blob-url-allowed-by-media-src-star.html         (rev 0)
+++ trunk/LayoutTests/security/contentSecurityPolicy/video-with-blob-url-allowed-by-media-src-star.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -0,0 +1,54 @@
</span><ins>+<!DOCTYPE html>
+<html>
+<head>
+<meta http-equiv="Content-Security-Policy" content="media-src *">
+<script src="../../media/media-file.js"></script>
+<script>
+if (window.testRunner)
+ testRunner.waitUntilDone();
+
+var fileInput;
+
+function testFinished()
+{
+ if (window.testRunner)
+ testRunner.notifyDone();
+}
+
+function loadVideo(event)
+{
+ var video = document.createElement("video");
+ video.onloadedmetadata = testFinished;
+ video.onerror = testFinished;
+ video.src = window.URL.createObjectURL(event.target.files[0]);
+
+ document.body.removeChild(fileInput);
+ document.body.appendChild(video);
+}
+
+function runTest()
+{
+ if (!window.eventSender)
+ return;
+
+ var x = fileInput.offsetLeft + fileInput.offsetWidth / 2;
+ var y = fileInput.offsetTop + fileInput.offsetHeight / 2;
+
+ eventSender.beginDragWithFiles(["../../media/" + findMediaFile("video", "content/test")]);
+ eventSender.mouseMoveTo(x, y);
+ eventSender.mouseUp();
+}
+
+window.onload = function ()
+{
+ fileInput = document.getElementById("file");
+ fileInput.onchange = loadVideo;
+ runTest();
+}
+</script>
+</head>
+<body>
+<p>This tests that loading a video with a blob URL is allowed when the page has Content Security Policy &quot;media-src *&quot;. To run this test by hand, select a video file. This test PASSED if the video loads and its first frame is shown below. Otherwise, it FAILED.</p>
+<input type="file" id="file">
+</body>
+</html>
</ins></span></pre></div>
<a id="trunkLayoutTestssecuritycontentSecurityPolicyvideowithdataurlallowedbymediasrcstarexpectedhtmlfromrev202149trunkLayoutTestsmediavideowithdataurlallowedbycspmediasrcstarexpectedhtml"></a>
<div class="copfile"><h4>Copied: trunk/LayoutTests/security/contentSecurityPolicy/video-with-data-url-allowed-by-media-src-star-expected.html (from rev 202149, trunk/LayoutTests/media/video-with-data-url-allowed-by-csp-media-src-star-expected.html) (0 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/security/contentSecurityPolicy/video-with-data-url-allowed-by-media-src-star-expected.html         (rev 0)
+++ trunk/LayoutTests/security/contentSecurityPolicy/video-with-data-url-allowed-by-media-src-star-expected.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -0,0 +1,25 @@
</span><ins>+<!DOCTYPE html>
+<html>
+<head>
+<style>
+video {
+ width: 128px;
+ height: 128px;
+}
+</style>
+<script>
+if (window.testRunner)
+ testRunner.waitUntilDone();
+
+function testFinished()
+{
+ if (window.testRunner)
+ testRunner.notifyDone();
+}
+</script>
+</head>
+<body>
+<p>This tests that loading a video with a data URL is allowed when the page has Content Security Policy &quot;media-src *&quot;. This test PASSED if you see a square with a green-to-gray horizontal gradient. Otherwise, it FAILED.</p>
+<video src="data:video/mp4;base64,AAAAGGZ0eXBtcDQyAAAAAW1wNDJtcDQxAAACrW1vb3YAAABsbXZoZAAAAADTABd80wAXfAAAAlgAAAAoAAEAAAEAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAAI5dHJhawAAAFx0a2hkAAAAAdMAF3zTABd8AAAAAQAAAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAQAAAAAAyAAAAMgAAAAAAJGVkdHMAAAAcZWxzdAAAAAAAAAABAAAAKAAAAAAAAQAAAAABsW1kaWEAAAAgbWRoZAAAAADTABd80wAXfAAAAlgAAAJYFccAAAAAADpoZGxyAAAAAAAAAAB2aWRlAAAAAAAAAAAAAAAAQXBwbGUgVmlkZW8gTWVkaWEgSGFuZGxlcgAAAAFPbWluZgAAABR2bWhkAAAAAQAAAAAAAAAAAAAAJGRpbmYAAAAcZHJlZgAAAAAAAAABAAAADHVybCAAAAABAAABD3N0YmwAAACrc3RzZAAAAAAAAAABAAAAm21wNHYAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAMgAyAEgAAABIAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAY//8AAABFZXNkcwAAAAADNwAAHwQvIBEALuAAAH0AAAB9AAUgAAABsPMAAAG1DuBAwM8AAAEAAAABIACEQPooDKAyox8GAQIAAAAYc3R0cwAAAAAAAAABAAAAAQAAAlgAAAAcc3RzYwAAAAAAAAABAAAAAQAAAAEAAAABAAAAFHN0c3oAAAAAAAACxQAAAAEAAAAUc3RjbwAAAAAAAAABAAAC7QA
AAAhmcmVlAAAACGZyZWUAAALdbWRhdAAAAAh3aWRlAAAAAG1kYXQAAAG2EAMJjF7bCAFgRvbfiNzb8MqOhJBwKtkGGQPFwBJgwxJBwKtkGGQPFwBJhh2CkikFCCBi64HxGi1uVcfsItzm5SWWWEAMwPAQHYPB/5YKAHh/9cQgeL/6wGCNbb+PNv4225srB4D+rB4P/DEcHiIBMHi4BkFk2DwH9WDwf+GI4PEQCYPFwDILJwHgILEHg/1sHgIJcHh/4MHgIGUHi/70HwICPB4CCxB4P9bB4CCXB4f+DB4CBlB4v+9B8CAjjbb+Ntv422/ZWDwH9WDwf+GI4PEQCYPFwDILJsHgP6sHg/8MRweIgEweLgGQWTweAgsQeD/WweAglweH/gweAgZQeL/vQfAgI6DwEFPlbB4D9lB4CCN9jP02/B4D+LB4CBdzFbA4raq6DwH+CIUjLUVtK1V+0N8EFhlrsD1r+dx7IOgeB/qweA/wweF/4weKgEx0D5sAiweB/qweA/wweF/4weKgEx0D5sAiYYMwPA/44KUHhf88A8Hif+Eeg+b/7g3g8D/bg8B/dg8L/hgoweJ/2RJB83/zZGDwP9WDwH+GDwv/GDxUAmOgfNgEWDwP9WDwH+GDwv/GDxUAmOgfNgEW8Hgf8cFKDwv+eAeDxP/CPQfN/98Hgf7cHgP7sHhf8MFGDxP+yJIPm/+bIweB/qweA/wweF/4weKgEx0D5sAiweB/qweA/wweF/4weKgEx0D5sAi3g8D/jgpQeF/zwDweJ/4R6D5v/vg8D/bg8B/dg8L/hgoweJ/2RJB83/zYSw/H6cS0/y8v+OU7agt+o9nSz09hV6Zg2yRaBW23Hw/H4jD8uEkSC9OOhLHSdUPx0Ox8rbSD8fD9I3GUheXJWLjKZOmZzG1Strcbabyf9ZrjR8Px+Iw/LhJEgvTjoSx0nVD8dDsfK20g/Hw/SNxlIXlyVi4ymTpmcxtUra3G
2m8n/Wa5" oncanplay="testFinished()"></video>
+</body>
+</html>
</ins></span></pre></div>
<a id="trunkLayoutTestssecuritycontentSecurityPolicyvideowithdataurlallowedbymediasrcstarhtmlfromrev202149trunkLayoutTestsmediavideowithdataurlallowedbycspmediasrcstarhtml"></a>
<div class="copfile"><h4>Copied: trunk/LayoutTests/security/contentSecurityPolicy/video-with-data-url-allowed-by-media-src-star.html (from rev 202149, trunk/LayoutTests/media/video-with-data-url-allowed-by-csp-media-src-star.html) (0 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/security/contentSecurityPolicy/video-with-data-url-allowed-by-media-src-star.html         (rev 0)
+++ trunk/LayoutTests/security/contentSecurityPolicy/video-with-data-url-allowed-by-media-src-star.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -0,0 +1,27 @@
</span><ins>+<!DOCTYPE html>
+<html>
+<head>
+<meta http-equiv="Content-Security-Policy" content="media-src *">
+<style>
+video {
+ background-color: red;
+ width: 128px;
+ height: 128px;
+}
+</style>
+<script>
+if (window.testRunner)
+ testRunner.waitUntilDone();
+
+function testFinished()
+{
+ if (window.testRunner)
+ testRunner.notifyDone();
+}
+</script>
+</head>
+<body>
+<p>This tests that loading a video with a data URL is allowed when the page has Content Security Policy &quot;media-src *&quot;. This test PASSED if you see a square with a green-to-gray horizontal gradient. Otherwise, it FAILED.</p>
+<video src="data:video/mp4;base64,AAAAGGZ0eXBtcDQyAAAAAW1wNDJtcDQxAAACrW1vb3YAAABsbXZoZAAAAADTABd80wAXfAAAAlgAAAAoAAEAAAEAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAAI5dHJhawAAAFx0a2hkAAAAAdMAF3zTABd8AAAAAQAAAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAQAAAAAAyAAAAMgAAAAAAJGVkdHMAAAAcZWxzdAAAAAAAAAABAAAAKAAAAAAAAQAAAAABsW1kaWEAAAAgbWRoZAAAAADTABd80wAXfAAAAlgAAAJYFccAAAAAADpoZGxyAAAAAAAAAAB2aWRlAAAAAAAAAAAAAAAAQXBwbGUgVmlkZW8gTWVkaWEgSGFuZGxlcgAAAAFPbWluZgAAABR2bWhkAAAAAQAAAAAAAAAAAAAAJGRpbmYAAAAcZHJlZgAAAAAAAAABAAAADHVybCAAAAABAAABD3N0YmwAAACrc3RzZAAAAAAAAAABAAAAm21wNHYAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAMgAyAEgAAABIAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAY//8AAABFZXNkcwAAAAADNwAAHwQvIBEALuAAAH0AAAB9AAUgAAABsPMAAAG1DuBAwM8AAAEAAAABIACEQPooDKAyox8GAQIAAAAYc3R0cwAAAAAAAAABAAAAAQAAAlgAAAAcc3RzYwAAAAAAAAABAAAAAQAAAAEAAAABAAAAFHN0c3oAAAAAAAACxQAAAAEAAAAUc3RjbwAAAAAAAAABAAAC7QA
AAAhmcmVlAAAACGZyZWUAAALdbWRhdAAAAAh3aWRlAAAAAG1kYXQAAAG2EAMJjF7bCAFgRvbfiNzb8MqOhJBwKtkGGQPFwBJgwxJBwKtkGGQPFwBJhh2CkikFCCBi64HxGi1uVcfsItzm5SWWWEAMwPAQHYPB/5YKAHh/9cQgeL/6wGCNbb+PNv4225srB4D+rB4P/DEcHiIBMHi4BkFk2DwH9WDwf+GI4PEQCYPFwDILJwHgILEHg/1sHgIJcHh/4MHgIGUHi/70HwICPB4CCxB4P9bB4CCXB4f+DB4CBlB4v+9B8CAjjbb+Ntv422/ZWDwH9WDwf+GI4PEQCYPFwDILJsHgP6sHg/8MRweIgEweLgGQWTweAgsQeD/WweAglweH/gweAgZQeL/vQfAgI6DwEFPlbB4D9lB4CCN9jP02/B4D+LB4CBdzFbA4raq6DwH+CIUjLUVtK1V+0N8EFhlrsD1r+dx7IOgeB/qweA/wweF/4weKgEx0D5sAiweB/qweA/wweF/4weKgEx0D5sAiYYMwPA/44KUHhf88A8Hif+Eeg+b/7g3g8D/bg8B/dg8L/hgoweJ/2RJB83/zZGDwP9WDwH+GDwv/GDxUAmOgfNgEWDwP9WDwH+GDwv/GDxUAmOgfNgEW8Hgf8cFKDwv+eAeDxP/CPQfN/98Hgf7cHgP7sHhf8MFGDxP+yJIPm/+bIweB/qweA/wweF/4weKgEx0D5sAiweB/qweA/wweF/4weKgEx0D5sAi3g8D/jgpQeF/zwDweJ/4R6D5v/vg8D/bg8B/dg8L/hgoweJ/2RJB83/zYSw/H6cS0/y8v+OU7agt+o9nSz09hV6Zg2yRaBW23Hw/H4jD8uEkSC9OOhLHSdUPx0Ox8rbSD8fD9I3GUheXJWLjKZOmZzG1Strcbabyf9ZrjR8Px+Iw/LhJEgvTjoSx0nVD8dDsfK20g/Hw/SNxlIXlyVi4ymTpmcxtUra3G
2m8n/Wa5" oncanplay="testFinished()" onerror="testFinished()"></video>
+</body>
+</html>
</ins></span></pre></div>
<a id="trunkLayoutTestssecuritycontentSecurityPolicyvideowithfileurlallowedbymediasrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledexpectedhtmlfromrev202149trunkLayoutTestsmediavideowithfileurlallowedbycspmediasrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledexpectedhtml"></a>
<div class="copfile"><h4>Copied: trunk/LayoutTests/security/contentSecurityPolicy/video-with-file-url-allowed-by-media-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html (from rev 202149, trunk/LayoutTests/media/video-with-file-url-allowed-by-csp-media-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html) (0 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/security/contentSecurityPolicy/video-with-file-url-allowed-by-media-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html         (rev 0)
+++ trunk/LayoutTests/security/contentSecurityPolicy/video-with-file-url-allowed-by-media-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled-expected.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -0,0 +1,31 @@
</span><ins>+<!DOCTYPE html>
+<html>
+<head>
+<script src="../../media/media-file.js"></script>
+<script>
+if (window.testRunner)
+ testRunner.waitUntilDone();
+
+function testFinished()
+{
+ if (window.testRunner)
+ testRunner.notifyDone();
+}
+
+window.onload = function ()
+{
+ var video = document.getElementById("video");
+ video.oncanplaythrough = function () {
+ // Use a zero timer to ensure that the first frame of the video is drawn.
+ window.setTimeout(testFinished, 0);
+ }
+ video.onerror = testFinished;
+ video.src = "../../media/" + findMediaFile("video", "content/test");
+}
+</script>
+</head>
+<body>
+<p>This tests that loading a video with a file URL is allowed when the page has Content Security Policy &quot;media-src *&quot; and the WebKit setting AllowContentSecurityPolicySourceStarToMatchAnyProtocol is enabled. This test PASSED if the video loads. Otherwise, it FAILED.</p>
+<video id="video"></video>
+</body>
+</html>
</ins></span></pre></div>
<a id="trunkLayoutTestssecuritycontentSecurityPolicyvideowithfileurlallowedbymediasrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledhtmlfromrev202149trunkLayoutTestsmediavideowithfileurlallowedbycspmediasrcstarwithAllowContentSecurityPolicySourceStarToMatchAnyProtocolenabledhtml"></a>
<div class="copfile"><h4>Copied: trunk/LayoutTests/security/contentSecurityPolicy/video-with-file-url-allowed-by-media-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html (from rev 202149, trunk/LayoutTests/media/video-with-file-url-allowed-by-csp-media-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html) (0 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/security/contentSecurityPolicy/video-with-file-url-allowed-by-media-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html         (rev 0)
+++ trunk/LayoutTests/security/contentSecurityPolicy/video-with-file-url-allowed-by-media-src-star-with-AllowContentSecurityPolicySourceStarToMatchAnyProtocol-enabled.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -0,0 +1,35 @@
</span><ins>+<!DOCTYPE html>
+<html>
+<head>
+<meta http-equiv="Content-Security-Policy" content="media-src *">
+<script src="../../media/media-file.js"></script>
+<script>
+if (window.testRunner)
+ testRunner.waitUntilDone();
+
+if (window.internals && window.internals.settings)
+ internals.settings.setAllowContentSecurityPolicySourceStarToMatchAnyProtocol(true);
+
+function testFinished()
+{
+ if (window.testRunner)
+ testRunner.notifyDone();
+}
+
+window.onload = function ()
+{
+ var video = document.getElementById("video");
+ video.oncanplaythrough = function () {
+ // Use a zero timer to ensure that the first frame of the video is drawn.
+ window.setTimeout(testFinished, 0);
+ }
+ video.onerror = testFinished;
+ video.src = "../../media/" + findMediaFile("video", "content/test");
+}
+</script>
+</head>
+<body>
+<p>This tests that loading a video with a file URL is allowed when the page has Content Security Policy &quot;media-src *&quot; and the WebKit setting AllowContentSecurityPolicySourceStarToMatchAnyProtocol is enabled. This test PASSED if the video loads. Otherwise, it FAILED.</p>
+<video id="video"></video>
+</body>
+</html>
</ins></span></pre></div>
<a id="trunkLayoutTestssecuritycontentSecurityPolicyvideowithfileurlblockedbymediasrcstarexpectedhtmlfromrev202149trunkLayoutTestsmediavideowithfileurlblockedbycspmediasrcstarexpectedhtml"></a>
<div class="copfile"><h4>Copied: trunk/LayoutTests/security/contentSecurityPolicy/video-with-file-url-blocked-by-media-src-star-expected.html (from rev 202149, trunk/LayoutTests/media/video-with-file-url-blocked-by-csp-media-src-star-expected.html) (0 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/security/contentSecurityPolicy/video-with-file-url-blocked-by-media-src-star-expected.html         (rev 0)
+++ trunk/LayoutTests/security/contentSecurityPolicy/video-with-file-url-blocked-by-media-src-star-expected.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -0,0 +1,16 @@
</span><ins>+<!DOCTYPE html>
+<html>
+<head>
+<style>
+#equivalent-expected-result {
+ background-color: green;
+ width: 128px;
+ height: 128px;
+}
+</style>
+</head>
+<body>
+<p>This tests that loading a video with a file URL is blocked when the page has Content Security Policy &quot;media-src *&quot;. This test PASSED if you see a solid green square. Otherwise, it FAILED.</p>
+<div id="equivalent-expected-result"></div>
+</body>
+</html>
</ins></span></pre></div>
<a id="trunkLayoutTestssecuritycontentSecurityPolicyvideowithfileurlblockedbymediasrcstarhtmlfromrev202149trunkLayoutTestsmediavideowithfileurlblockedbycspmediasrcstarhtml"></a>
<div class="copfile"><h4>Copied: trunk/LayoutTests/security/contentSecurityPolicy/video-with-file-url-blocked-by-media-src-star.html (from rev 202149, trunk/LayoutTests/media/video-with-file-url-blocked-by-csp-media-src-star.html) (0 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/security/contentSecurityPolicy/video-with-file-url-blocked-by-media-src-star.html         (rev 0)
+++ trunk/LayoutTests/security/contentSecurityPolicy/video-with-file-url-blocked-by-media-src-star.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -0,0 +1,39 @@
</span><ins>+<!DOCTYPE html>
+<html>
+<head>
+<meta http-equiv="Content-Security-Policy" content="media-src *">
+<style>
+video {
+ background-color: green;
+ width: 128px;
+ height: 128px;
+}
+</style>
+<script src="../../media/media-file.js"></script>
+<script>
+if (window.testRunner)
+ testRunner.waitUntilDone();
+
+function testFinished()
+{
+ if (window.testRunner)
+ testRunner.notifyDone();
+}
+
+window.onload = function ()
+{
+ var video = document.getElementById("video");
+ video.oncanplaythrough = function () {
+ // Use a zero timer to ensure that the first frame of the video is drawn.
+ window.setTimeout(testFinished, 0);
+ }
+ video.onerror = testFinished;
+ video.src = "../../media/" + findMediaFile("video", "content/test");
+}
+</script>
+</head>
+<body>
+<p>This tests that loading a video with a file URL is blocked when the page has Content Security Policy &quot;media-src *&quot;. This test PASSED if you see a solid green square. Otherwise, it FAILED.</p>
+<video id="video"></video>
+</body>
+</html>
</ins></span></pre></div>
<a id="trunkLayoutTestssecuritycontentSecurityPolicyworkerinheritsblocksevalexpectedtxtfromrev202149trunkLayoutTestsfastworkersworkerinheritscspblocksevalexpectedtxt"></a>
<div class="copfile"><h4>Copied: trunk/LayoutTests/security/contentSecurityPolicy/worker-inherits-blocks-eval-expected.txt (from rev 202149, trunk/LayoutTests/fast/workers/worker-inherits-csp-blocks-eval-expected.txt) (0 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/security/contentSecurityPolicy/worker-inherits-blocks-eval-expected.txt         (rev 0)
+++ trunk/LayoutTests/security/contentSecurityPolicy/worker-inherits-blocks-eval-expected.txt        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -0,0 +1,4 @@
</span><ins>+This tests that the Content Security Policy (CSP) of the owner document (this page) blocks a file-URL Web Worker from using eval() because the parent's CSP does not list unsafe-eval in script-src.
+
+PASS threw exception EvalError: Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'unsafe-inline'".
+.
</ins></span></pre></div>
<a id="trunkLayoutTestssecuritycontentSecurityPolicyworkerinheritsblocksevalhtmlfromrev202149trunkLayoutTestsfastworkersworkerinheritscspblocksevalhtml"></a>
<div class="copfile"><h4>Copied: trunk/LayoutTests/security/contentSecurityPolicy/worker-inherits-blocks-eval.html (from rev 202149, trunk/LayoutTests/fast/workers/worker-inherits-csp-blocks-eval.html) (0 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/security/contentSecurityPolicy/worker-inherits-blocks-eval.html         (rev 0)
+++ trunk/LayoutTests/security/contentSecurityPolicy/worker-inherits-blocks-eval.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -0,0 +1,32 @@
</span><ins>+<!DOCTYPE html>
+<html>
+<head>
+<meta http-equiv="Content-Security-Policy" content="script-src 'unsafe-inline'">
+<script>
+if (window.testRunner) {
+ testRunner.dumpAsText();
+ testRunner.waitUntilDone();
+}
+</script>
+</head>
+<body>
+<p>This tests that the Content Security Policy (CSP) of the owner document (this page) blocks a file-URL Web Worker from using <code>eval()</code> because the parent's CSP does not list <code>unsafe-eval</code> in script-src.</p>
+<pre id="result"></pre>
+<script>
+window.onmessage = function (event)
+{
+ document.getElementById("result").textContent = event.data;
+ if (window.testRunner)
+ testRunner.notifyDone();
+}
+
+var worker;
+try {
+ worker = new Worker("resources/worker-inherits-blocks-eval.js");
+ worker.onmessage = function (event) { window.postMessage(event.data, "*") };
+} catch (exception) {
+ window.postMessage("FAIL should not have thrown an exception when creating worker. Threw exception " + exception + ".", "*");
+}
+</script>
+</body>
+</html>
</ins></span></pre></div>
<a id="trunkLayoutTestssecuritycontentSecurityPolicyworkerinheritsblocksxhrexpectedtxtfromrev202149trunkLayoutTestsfastworkersworkerinheritscspblocksxhrexpectedtxt"></a>
<div class="copfile"><h4>Copied: trunk/LayoutTests/security/contentSecurityPolicy/worker-inherits-blocks-xhr-expected.txt (from rev 202149, trunk/LayoutTests/fast/workers/worker-inherits-csp-blocks-xhr-expected.txt) (0 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/security/contentSecurityPolicy/worker-inherits-blocks-xhr-expected.txt         (rev 0)
+++ trunk/LayoutTests/security/contentSecurityPolicy/worker-inherits-blocks-xhr-expected.txt        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -0,0 +1,4 @@
</span><ins>+CONSOLE MESSAGE: Refused to connect to non-existent-file because it does not appear in the connect-src directive of the Content Security Policy.
+This tests that the Content Security Policy (CSP) of the owner document (this page) blocks a file-URL Web Worker from making an XHR request because the parent's CSP contains "connect-src 'none'"
+
+PASS threw exception Error: NetworkError: DOM Exception 19.
</ins></span></pre></div>
<a id="trunkLayoutTestssecuritycontentSecurityPolicyworkerinheritsblocksxhrhtmlfromrev202149trunkLayoutTestsfastworkersworkerinheritscspblocksxhrhtml"></a>
<div class="copfile"><h4>Copied: trunk/LayoutTests/security/contentSecurityPolicy/worker-inherits-blocks-xhr.html (from rev 202149, trunk/LayoutTests/fast/workers/worker-inherits-csp-blocks-xhr.html) (0 => 202150)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/security/contentSecurityPolicy/worker-inherits-blocks-xhr.html         (rev 0)
+++ trunk/LayoutTests/security/contentSecurityPolicy/worker-inherits-blocks-xhr.html        2016-06-17 00:45:42 UTC (rev 202150)
</span><span class="lines">@@ -0,0 +1,32 @@
</span><ins>+<!DOCTYPE html>
+<html>
+<head>
+<meta http-equiv="Content-Security-Policy" content="script-src 'unsafe-inline'; connect-src 'none'">
+<script>
+if (window.testRunner) {
+ testRunner.dumpAsText();
+ testRunner.waitUntilDone();
+}
+</script>
+</head>
+<body>
+<p>This tests that the Content Security Policy (CSP) of the owner document (this page) blocks a file-URL Web Worker from making an XHR request because the parent's CSP contains &quot;connect-src 'none'&quot;</p>
+<pre id="result"></pre>
+<script>
+window.onmessage = function (event)
+{
+ document.getElementById("result").textContent = event.data;
+ if (window.testRunner)
+ testRunner.notifyDone();
+}
+
+var worker;
+try {
+ worker = new Worker("resources/worker-inherits-blocks-xhr.js");
+ worker.onmessage = function (event) { window.postMessage(event.data, "*") };
+} catch (exception) {
+ window.postMessage("FAIL should not have thrown an exception when creating worker. Threw exception " + exception + ".", "*");
+}
+</script>
+</body>
+</html>
</ins></span></pre>
</div>
</div>
</body>
</html>