File: iframe-top-navigation-upgrade-meta.sub.html

package info (click to toggle)

thunderbird 1%3A128.14.0esr-1~deb13u1

links: PTS, VCS
area: main
in suites: trixie
size: 4,334,960 kB
sloc: cpp: 7,391,917; javascript: 5,617,271; ansic: 3,833,216; python: 1,230,742; xml: 619,690; asm: 456,020; java: 179,892; sh: 118,796; makefile: 21,906; perl: 14,825; objc: 12,399; yacc: 4,583; pascal: 2,973; lex: 1,720; ruby: 1,190; exp: 762; sql: 674; awk: 580; php: 436; lisp: 430; sed: 70; csh: 10

file content (31 lines) | stat: -rw-r--r-- 1,356 bytes

parent folder | download | duplicates (31)

<html>
  <head>
    <title>Upgrade Insecure Requests: top-frame navigation inside iframe (upgrade expected)</title>
    <script>
      function iframe_onload() {
        var iframe = document.getElementsByTagName("iframe")[0];
        iframe.onload = null;

        // Enable upgrade-insecure-requests dynamically.
        var meta = document.createElement('meta');
        meta.httpEquiv = "Content-Security-Policy";
        meta.content = "upgrade-insecure-requests";
        document.getElementsByTagName('head')[0].appendChild(meta);

        // This is a bit of a hack. UPGRADE doesn't upgrade the port number,
        // so we specify this non-existent URL ('http' over port https port). If
        // UPGRADE doesn't work, it won't load. The expected behavior is that
        // the url is upgraded and the page loads.
        iframe.src =
          "https://{{domains[www]}}:{{ports[https][0]}}/upgrade-insecure-requests/link-upgrade/resources/navigate-top-frame.sub.html?url=http://{{host}}:{{ports[https][0]}}/upgrade-insecure-requests/link-upgrade/resources/post-message-to-opener.sub.html%3Fmessage=iframe-top-navigation-upgrade-meta"
      }
    </script>
  </head>
  <body>
    <iframe
      sandbox = "allow-scripts allow-top-navigation"
      src = "./resources/dummy.html"
      onload = "iframe_onload()"
    ></iframe>
  </body>
</html>