From df996dfcecb8de0077e33b36ed129bf9e7b840bb Mon Sep 17 00:00:00 2001
From: lyavor <lyavor@mozilla.com>
Date: Tue, 13 Dec 2022 11:57:01 +0000
Subject: [PATCH] Bug 1672106 - enable mixed content level 2 in beta and
nightly. r=freddyb,necko-reviewers,kershaw
Differential Revision: https://phabricator.services.mozilla.com/D160885
---
modules/libpref/init/StaticPrefList.yaml | 2 +-
netwerk/test/browser/browser_103_preload.js | 5 +++++
.../css-images.https.sub.tentative.html.ini | 22 +++++++++++++++++++
.../element-audio.https.sub.html.ini | 10 +++++++++
.../generated/element-img.https.sub.html.ini | 9 ++++++++
.../element-input-image.https.sub.html.ini | 6 +++++
.../element-input-image.sub.html.ini | 7 +++++-
.../element-video-poster.https.sub.html.ini | 20 +++++++++++++++++
.../element-video-poster.sub.html.ini | 5 +++++
.../element-video.https.sub.html.ini | 12 +++++++++-
.../generated/svg-image.https.sub.html.ini | 5 +++++
11 files changed, 100 insertions(+), 3 deletions(-)
create mode 100644 testing/web-platform/meta/fetch/metadata/generated/element-input-image.https.sub.html.ini
create mode 100644 testing/web-platform/meta/fetch/metadata/generated/element-video-poster.https.sub.html.ini
diff --git a/modules/libpref/init/StaticPrefList.yaml b/modules/libpref/init/StaticPrefList.yaml
index f0b624af46bc5..e5f1b142cca0c 100644
--- a/modules/libpref/init/StaticPrefList.yaml
+++ b/modules/libpref/init/StaticPrefList.yaml
@@ -12867,7 +12867,7 @@
# Pref for mixed display content upgrading (images, audio, video).
- name: security.mixed_content.upgrade_display_content
type: bool
- value: false
+ value: @IS_NIGHTLY_BUILD@
mirror: always
# Whether strict file origin policy is in effect. "False" is traditional.
diff --git a/netwerk/test/browser/browser_103_preload.js b/netwerk/test/browser/browser_103_preload.js
index 32fc1e2724ab7..b177297ba57bb 100644
--- a/netwerk/test/browser/browser_103_preload.js
+++ b/netwerk/test/browser/browser_103_preload.js
@@ -5,6 +5,11 @@
"use strict";
Services.prefs.setBoolPref("network.early-hints.enabled", true);
+// Disable mixed-content upgrading as this test is expecting HTTP image loads
+Services.prefs.setBoolPref(
+ "security.mixed_content.upgrade_display_content",
+ false
+);
const {
request_count_checking,
diff --git a/testing/web-platform/meta/fetch/metadata/generated/css-images.https.sub.tentative.html.ini b/testing/web-platform/meta/fetch/metadata/generated/css-images.https.sub.tentative.html.ini
index 8425f5bdf3f98..342f3199936c7 100644
--- a/testing/web-platform/meta/fetch/metadata/generated/css-images.https.sub.tentative.html.ini
+++ b/testing/web-platform/meta/fetch/metadata/generated/css-images.https.sub.tentative.html.ini
@@ -50,3 +50,25 @@
[background-image sec-fetch-dest]
expected: TIMEOUT
+
+ # Mixed content level 2 is upgrading resources like audio, img and video. For that reason we expect it to fail.
+ # See https://github.com/web-platform-tests/wpt/issues/37080
+ [sec-fetch-site - HTTPS downgrade-upgrade no attributes]
+ expected:
+ if nightly_build: FAIL
+
+ [border-image sec-fetch-site - HTTPS downgrade-upgrade]
+ expected:
+ if nightly_build: FAIL
+
+ [content sec-fetch-site - HTTPS downgrade-upgrade]
+ expected:
+ if nightly_build: FAIL
+
+ [cursor sec-fetch-site - HTTPS downgrade-upgrade]
+ expected:
+ if nightly_build: FAIL
+
+ [list-style-image sec-fetch-site - HTTPS downgrade-upgrade]
+ expected:
+ if nightly_build: FAIL
diff --git a/testing/web-platform/meta/fetch/metadata/generated/element-audio.https.sub.html.ini b/testing/web-platform/meta/fetch/metadata/generated/element-audio.https.sub.html.ini
index 1994656dafd0b..78e7ab7fd8c7f 100644
--- a/testing/web-platform/meta/fetch/metadata/generated/element-audio.https.sub.html.ini
+++ b/testing/web-platform/meta/fetch/metadata/generated/element-audio.https.sub.html.ini
@@ -1,3 +1,13 @@
[element-audio.https.sub.html]
expected:
if (os == "android") and fission: [OK, TIMEOUT]
+
+ # Mixed content level 2 is upgrading resources like audio, img and video. For that reason we expect it to fail.
+ # See https://github.com/web-platform-tests/wpt/issues/37080
+ [sec-fetch-site - HTTPS downgrade-upgrade no attributes]
+ expected:
+ if nightly_build: FAIL
+
+ [sec-fetch-site - HTTPS downgrade-upgrade, no attributes]
+ expected:
+ if nightly_build: FAIL
diff --git a/testing/web-platform/meta/fetch/metadata/generated/element-img.https.sub.html.ini b/testing/web-platform/meta/fetch/metadata/generated/element-img.https.sub.html.ini
index 35640c554a5fb..7c8970d8d01bd 100644
--- a/testing/web-platform/meta/fetch/metadata/generated/element-img.https.sub.html.ini
+++ b/testing/web-platform/meta/fetch/metadata/generated/element-img.https.sub.html.ini
@@ -1,3 +1,12 @@
[element-img.https.sub.html]
expected:
if (os == "android") and fission: [OK, TIMEOUT]
+ # Mixed content level 2 is upgrading resources like audio, img and video. For that reason we expect it to fail.
+ # See https://github.com/web-platform-tests/wpt/issues/37080
+ [sec-fetch-site - HTTPS downgrade-upgrade no attributes]
+ expected:
+ if nightly_build: FAIL
+
+ [sec-fetch-site - src - HTTPS downgrade-upgrade, no attributes]
+ expected:
+ if nightly_build: FAIL
diff --git a/testing/web-platform/meta/fetch/metadata/generated/element-input-image.https.sub.html.ini b/testing/web-platform/meta/fetch/metadata/generated/element-input-image.https.sub.html.ini
new file mode 100644
index 0000000000000..17be64354138d
--- /dev/null
+++ b/testing/web-platform/meta/fetch/metadata/generated/element-input-image.https.sub.html.ini
@@ -0,0 +1,6 @@
+[element-input-image.https.sub.html]
+ # Mixed content level 2 is upgrading resources like audio, img and video. For that reason we expect it to fail.
+ # See https://github.com/web-platform-tests/wpt/issues/37080
+ [sec-fetch-site - HTTPS downgrade-upgrade, no attributes]
+ expected:
+ if nightly_build: FAIL
diff --git a/testing/web-platform/meta/fetch/metadata/generated/element-input-image.sub.html.ini b/testing/web-platform/meta/fetch/metadata/generated/element-input-image.sub.html.ini
index 7cfc2ed34d8d7..88d771548143b 100644
--- a/testing/web-platform/meta/fetch/metadata/generated/element-input-image.sub.html.ini
+++ b/testing/web-platform/meta/fetch/metadata/generated/element-input-image.sub.html.ini
@@ -1,3 +1,8 @@
[element-input-image.sub.html]
expected:
- if (os == "android") and fission: [OK, TIMEOUT]
+ if (os == "android") and fission: [TIMEOUT, OK]
+ # Mixed content level 2 is upgrading resources like audio, img and video. For that reason we expect it to fail.
+ # See https://github.com/web-platform-tests/wpt/issues/37080
+ [sec-fetch-site - HTTPS downgrade-upgrade no attributes]
+ expected:
+ if nightly_build: FAIL
diff --git a/testing/web-platform/meta/fetch/metadata/generated/element-video-poster.https.sub.html.ini b/testing/web-platform/meta/fetch/metadata/generated/element-video-poster.https.sub.html.ini
new file mode 100644
index 0000000000000..73780d4094c36
--- /dev/null
+++ b/testing/web-platform/meta/fetch/metadata/generated/element-video-poster.https.sub.html.ini
@@ -0,0 +1,20 @@
+[element-video-poster.https.sub.html]
+ # Mixed content level 2 is upgrading resources like audio, img and video. For that reason we expect it to fail.
+ # See https://github.com/web-platform-tests/wpt/issues/37080
+ expected:
+ if nightly_build: TIMEOUT
+ [sec-fetch-site - HTTPS downgrade-upgrade]
+ expected:
+ if nightly_build: TIMEOUT
+
+ [sec-fetch-mode]
+ expected:
+ if nightly_build: NOTRUN
+
+ [sec-fetch-dest]
+ expected:
+ if nightly_build: NOTRUN
+
+ [sec-fetch-user]
+ expected:
+ if nightly_build: NOTRUN
diff --git a/testing/web-platform/meta/fetch/metadata/generated/element-video-poster.sub.html.ini b/testing/web-platform/meta/fetch/metadata/generated/element-video-poster.sub.html.ini
index f63603236e55a..3f9f22ea11c78 100644
--- a/testing/web-platform/meta/fetch/metadata/generated/element-video-poster.sub.html.ini
+++ b/testing/web-platform/meta/fetch/metadata/generated/element-video-poster.sub.html.ini
@@ -1,3 +1,8 @@
[element-video-poster.sub.html]
expected:
if (os == "android") and fission: [OK, TIMEOUT]
+ # Mixed content level 2 is upgrading resources like audio, img and video. For that reason we expect it to fail.
+ # See https://github.com/web-platform-tests/wpt/issues/37080
+ [sec-fetch-site - HTTPS downgrade-upgrade no attributes]
+ expected:
+ if nightly_build: FAIL
diff --git a/testing/web-platform/meta/fetch/metadata/generated/element-video.https.sub.html.ini b/testing/web-platform/meta/fetch/metadata/generated/element-video.https.sub.html.ini
index 56cc7d4183a10..f1759a8d7d3f9 100644
--- a/testing/web-platform/meta/fetch/metadata/generated/element-video.https.sub.html.ini
+++ b/testing/web-platform/meta/fetch/metadata/generated/element-video.https.sub.html.ini
@@ -1,3 +1,13 @@
[element-video.https.sub.html]
expected:
- if (os == "android") and fission: [OK, TIMEOUT]
+ if (os == "android") and fission: [TIMEOUT, OK]
+ # Mixed content level 2 is upgrading resources like audio, img and video. For that reason we expect it to fail.
+ # See https://github.com/web-platform-tests/wpt/issues/37080
+ # Which is only enabled for nightly.
+ [sec-fetch-site - HTTPS downgrade-upgrade no attributes]
+ expected:
+ if nightly_build: FAIL
+
+ [sec-fetch-site - HTTPS downgrade-upgrade, no attributes]
+ expected:
+ if nightly_build: FAIL
diff --git a/testing/web-platform/meta/fetch/metadata/generated/svg-image.https.sub.html.ini b/testing/web-platform/meta/fetch/metadata/generated/svg-image.https.sub.html.ini
index a1a419c8de0ed..51db42a9d74cc 100644
--- a/testing/web-platform/meta/fetch/metadata/generated/svg-image.https.sub.html.ini
+++ b/testing/web-platform/meta/fetch/metadata/generated/svg-image.https.sub.html.ini
@@ -12,3 +12,8 @@
[sec-fetch-dest no attributes]
expected: FAIL
+ # Mixed content level 2 is upgrading resources like audio, img and video. For that reason we expect it to fail.
+ # See https://github.com/web-platform-tests/wpt/issues/37080
+ [sec-fetch-site - HTTPS downgrade-upgrade no attributes]
+ expected:
+ if nightly_build: FAIL
--
GitLab