[webkit-changes] [WebKit/WebKit] dbc4c9: [Site Isolation] Fix macOS SI mixed content test f...

[Ruthvik Konda]

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: dbc4c9cf299a895d33426e3eb6be8011ef082495
      
https://github.com/WebKit/WebKit/commit/dbc4c9cf299a895d33426e3eb6be8011ef082495
  Author: Ruthvik Konda <rkon...@apple.com>
  Date:   2025-12-10 (Wed, 10 Dec 2025)

  Changed paths:
    M 
LayoutTests/http/tests/security/mixedContent/data-url-script-in-iframe-expected.txt
    M 
LayoutTests/http/tests/security/mixedContent/data-url-script-in-iframe.html
    M 
LayoutTests/http/tests/security/mixedContent/empty-url-plugin-in-frame-expected.txt
    M 
LayoutTests/http/tests/security/mixedContent/empty-url-plugin-in-frame.html
    M 
LayoutTests/http/tests/security/mixedContent/insecure-css-in-iframe-expected.txt
    M LayoutTests/http/tests/security/mixedContent/insecure-css-in-iframe.html
    M 
LayoutTests/http/tests/security/mixedContent/insecure-iframe-in-iframe-expected.txt
    M 
LayoutTests/http/tests/security/mixedContent/insecure-iframe-in-iframe.html
    M 
LayoutTests/http/tests/security/mixedContent/insecure-iframe-in-main-frame-UpgradeMixedContent-expected.txt
    M 
LayoutTests/http/tests/security/mixedContent/insecure-iframe-in-main-frame-UpgradeMixedContent.html
    M 
LayoutTests/http/tests/security/mixedContent/insecure-iframe-in-sandboxed-iframe-UpgradeMixedContent-expected.txt
    M 
LayoutTests/http/tests/security/mixedContent/insecure-iframe-in-sandboxed-iframe-UpgradeMixedContent.html
    M 
LayoutTests/http/tests/security/mixedContent/insecure-image-in-iframe-UpgradeMixedContent-expected.txt
    M 
LayoutTests/http/tests/security/mixedContent/insecure-image-in-iframe-UpgradeMixedContent.html
    M 
LayoutTests/http/tests/security/mixedContent/redirect-http-to-https-iframe-in-main-frame-expected.txt
    M 
LayoutTests/http/tests/security/mixedContent/redirect-http-to-https-iframe-in-main-frame.html
    M 
LayoutTests/http/tests/security/mixedContent/redirect-http-to-https-script-in-iframe-UpgradeMixedContent-expected.txt
    M 
LayoutTests/http/tests/security/mixedContent/redirect-http-to-https-script-in-iframe-UpgradeMixedContent.html
    M 
LayoutTests/http/tests/security/mixedContent/redirect-https-to-http-script-in-iframe-UpgradeMixedContent-expected.txt
    M 
LayoutTests/http/tests/security/mixedContent/redirect-https-to-http-script-in-iframe-UpgradeMixedContent.html
    M 
LayoutTests/http/tests/security/mixedContent/resources/frame-with-empty-url-plugin.html
    M 
LayoutTests/http/tests/security/mixedContent/resources/frame-with-insecure-css.html
    M 
LayoutTests/http/tests/security/mixedContent/resources/frame-with-insecure-frame.html
    M 
LayoutTests/http/tests/security/mixedContent/resources/frame-with-insecure-iframe.html
    M 
LayoutTests/http/tests/security/mixedContent/resources/frame-with-redirect-http-to-https-frame.html
    R 
LayoutTests/http/tests/site-isolation/mixedContent/insecure-css-in-iframe-expected.txt
    R 
LayoutTests/http/tests/site-isolation/mixedContent/insecure-css-in-iframe.html
    R 
LayoutTests/http/tests/site-isolation/mixedContent/insecure-iframe-in-iframe-expected.txt
    R 
LayoutTests/http/tests/site-isolation/mixedContent/insecure-iframe-in-iframe.html
    R 
LayoutTests/http/tests/site-isolation/mixedContent/insecure-iframe-in-main-frame-UpgradeMixedContent-expected.txt
    R 
LayoutTests/http/tests/site-isolation/mixedContent/insecure-iframe-in-main-frame-UpgradeMixedContent.html
    R 
LayoutTests/http/tests/site-isolation/mixedContent/insecure-iframe-in-sandboxed-iframe-UpgradeMixedContent-expected.txt
    R 
LayoutTests/http/tests/site-isolation/mixedContent/insecure-iframe-in-sandboxed-iframe-UpgradeMixedContent.html
    R 
LayoutTests/http/tests/site-isolation/mixedContent/insecure-image-in-iframe-UpgradeMixedContent-expected.txt
    R 
LayoutTests/http/tests/site-isolation/mixedContent/insecure-image-in-iframe-UpgradeMixedContent.html
    R 
LayoutTests/http/tests/site-isolation/mixedContent/redirect-http-to-https-iframe-in-main-frame-expected.txt
    R 
LayoutTests/http/tests/site-isolation/mixedContent/redirect-http-to-https-iframe-in-main-frame.html
    R 
LayoutTests/http/tests/site-isolation/mixedContent/resources/frame-with-insecure-css.html
    R 
LayoutTests/http/tests/site-isolation/mixedContent/resources/frame-with-insecure-frame.html
    R 
LayoutTests/http/tests/site-isolation/mixedContent/resources/frame-with-insecure-iframe.html
    R 
LayoutTests/http/tests/site-isolation/mixedContent/resources/frame-with-redirect-http-to-https-frame.html
    M LayoutTests/platform/ios-site-isolation/TestExpectations
    M LayoutTests/platform/mac-site-isolation/TestExpectations
    R 
LayoutTests/platform/mac-wk1/http/tests/security/mixedContent/insecure-iframe-in-iframe-expected.txt
    R 
LayoutTests/platform/mac-wk1/http/tests/security/mixedContent/insecure-iframe-in-main-frame-UpgradeMixedContent-expected.txt
    R 
LayoutTests/platform/mac-wk1/http/tests/security/mixedContent/insecure-iframe-in-sandboxed-iframe-UpgradeMixedContent-expected.txt
    R 
LayoutTests/platform/mac-wk1/http/tests/security/mixedContent/insecure-image-in-iframe-UpgradeMixedContent-expected.txt
    R 
LayoutTests/platform/mac-wk1/http/tests/security/mixedContent/redirect-http-to-https-script-in-iframe-UpgradeMixedContent-expected.txt
    R 
LayoutTests/platform/mac-wk1/http/tests/security/mixedContent/redirect-https-to-http-script-in-iframe-UpgradeMixedContent-expected.txt
    R 
LayoutTests/platform/wk2/http/tests/security/mixedContent/data-url-script-in-iframe-expected.txt
    R 
LayoutTests/platform/wk2/http/tests/security/mixedContent/empty-url-plugin-in-frame-expected.txt
    R 
LayoutTests/platform/wk2/http/tests/security/mixedContent/insecure-css-in-iframe-expected.txt
    R 
LayoutTests/platform/wk2/http/tests/security/mixedContent/redirect-http-to-https-iframe-in-main-frame-expected.txt

  Log Message:
  -----------
  [Site Isolation] Fix macOS SI mixed content test failures
https://bugs.webkit.org/show_bug.cgi?id=303862
rdar://166160126

Reviewed by Sihui Liu.

Most of these mixed content tests were failing with SI on because with site 
isolation on, frame load order output
is less deterministic. Frame load callbacks are currently present in a lot of 
mixed content tests because the tests were
written 15+ years ago (for example, https://commits.webkit.org/39853@main). In 
the past, the frame load output was probably
used for debugging or another reason when WKTR infrastructure was different. 
Today, the frame load callbacks do not contribute
anything useful to mixed content tests and they should be removed. The actual 
upgrade/block mechanism of mixed content is tested
via the mixed content violation console message in the expected.txt.

A few other tests were timing out because when resource loads are blocked, 
onload doesn't fire leading to timeouts.
This is tracked in rdar://161348735. We fix this by using settimeout instead 
for now. The timeout is set to 2000ms to compensate
for slower EWS configs and to allow us to catch regressions where mixed content 
is incorrectly fully loaded.
https://github.com/WebKit/WebKit/pull/51676 already did a lot of this work by 
creating copies of existing mixed content tests for
SI. But now that post commit SI bot runs correctly (runs existing tests with SI 
on), these copies are now unnecessary so
we delete them.

* 
LayoutTests/http/tests/security/mixedContent/data-url-script-in-iframe-expected.txt:
* LayoutTests/http/tests/security/mixedContent/data-url-script-in-iframe.html:
* 
LayoutTests/http/tests/security/mixedContent/empty-url-plugin-in-frame-expected.txt:
* LayoutTests/http/tests/security/mixedContent/empty-url-plugin-in-frame.html:
* 
LayoutTests/http/tests/security/mixedContent/insecure-css-in-iframe-expected.txt:
* LayoutTests/http/tests/security/mixedContent/insecure-css-in-iframe.html:
* 
LayoutTests/http/tests/security/mixedContent/insecure-iframe-in-iframe-expected.txt:
* LayoutTests/http/tests/security/mixedContent/insecure-iframe-in-iframe.html:
* 
LayoutTests/http/tests/security/mixedContent/insecure-iframe-in-main-frame-UpgradeMixedContent-expected.txt:
* 
LayoutTests/http/tests/security/mixedContent/insecure-iframe-in-main-frame-UpgradeMixedContent.html:
* 
LayoutTests/http/tests/security/mixedContent/insecure-iframe-in-sandboxed-iframe-UpgradeMixedContent-expected.txt:
* 
LayoutTests/http/tests/security/mixedContent/insecure-iframe-in-sandboxed-iframe-UpgradeMixedContent.html:
* 
LayoutTests/http/tests/security/mixedContent/insecure-image-in-iframe-UpgradeMixedContent-expected.txt:
* 
LayoutTests/http/tests/security/mixedContent/insecure-image-in-iframe-UpgradeMixedContent.html:
* 
LayoutTests/http/tests/security/mixedContent/redirect-http-to-https-iframe-in-main-frame-expected.txt:
* 
LayoutTests/http/tests/security/mixedContent/redirect-http-to-https-iframe-in-main-frame.html:
* 
LayoutTests/http/tests/security/mixedContent/redirect-http-to-https-script-in-iframe-UpgradeMixedContent-expected.txt:
* 
LayoutTests/http/tests/security/mixedContent/redirect-http-to-https-script-in-iframe-UpgradeMixedContent.html:
* 
LayoutTests/http/tests/security/mixedContent/redirect-https-to-http-script-in-iframe-UpgradeMixedContent-expected.txt:
* 
LayoutTests/http/tests/security/mixedContent/redirect-https-to-http-script-in-iframe-UpgradeMixedContent.html:
* 
LayoutTests/http/tests/security/mixedContent/resources/frame-with-empty-url-plugin.html:
* 
LayoutTests/http/tests/security/mixedContent/resources/frame-with-insecure-css.html:
* 
LayoutTests/http/tests/security/mixedContent/resources/frame-with-insecure-frame.html:
* 
LayoutTests/http/tests/security/mixedContent/resources/frame-with-insecure-iframe.html:
* 
LayoutTests/http/tests/security/mixedContent/resources/frame-with-redirect-http-to-https-frame.html:
* 
LayoutTests/http/tests/site-isolation/mixedContent/insecure-css-in-iframe-expected.txt:
 Removed.
* 
LayoutTests/http/tests/site-isolation/mixedContent/insecure-css-in-iframe.html: 
Removed.
* 
LayoutTests/http/tests/site-isolation/mixedContent/insecure-iframe-in-iframe-expected.txt:
 Removed.
* 
LayoutTests/http/tests/site-isolation/mixedContent/insecure-iframe-in-iframe.html:
 Removed.
* 
LayoutTests/http/tests/site-isolation/mixedContent/insecure-iframe-in-main-frame-UpgradeMixedContent-expected.txt:
 Removed.
* 
LayoutTests/http/tests/site-isolation/mixedContent/insecure-iframe-in-main-frame-UpgradeMixedContent.html:
 Removed.
* 
LayoutTests/http/tests/site-isolation/mixedContent/insecure-iframe-in-sandboxed-iframe-UpgradeMixedContent-expected.txt:
 Removed.
* 
LayoutTests/http/tests/site-isolation/mixedContent/insecure-iframe-in-sandboxed-iframe-UpgradeMixedContent.html:
 Removed.
* 
LayoutTests/http/tests/site-isolation/mixedContent/insecure-image-in-iframe-UpgradeMixedContent-expected.txt:
 Removed.
* 
LayoutTests/http/tests/site-isolation/mixedContent/insecure-image-in-iframe-UpgradeMixedContent.html:
 Removed.
* 
LayoutTests/http/tests/site-isolation/mixedContent/redirect-http-to-https-iframe-in-main-frame-expected.txt:
 Removed.
* 
LayoutTests/http/tests/site-isolation/mixedContent/redirect-http-to-https-iframe-in-main-frame.html:
 Removed.
* 
LayoutTests/http/tests/site-isolation/mixedContent/resources/frame-with-insecure-css.html:
 Removed.
* 
LayoutTests/http/tests/site-isolation/mixedContent/resources/frame-with-insecure-frame.html:
 Removed.
* 
LayoutTests/http/tests/site-isolation/mixedContent/resources/frame-with-insecure-iframe.html:
 Removed.
* 
LayoutTests/http/tests/site-isolation/mixedContent/resources/frame-with-redirect-http-to-https-frame.html:
 Removed.
* LayoutTests/platform/ios-site-isolation/TestExpectations:
* LayoutTests/platform/mac-site-isolation/TestExpectations:
* 
LayoutTests/platform/mac-wk1/http/tests/security/mixedContent/insecure-iframe-in-iframe-expected.txt:
 Removed.
* 
LayoutTests/platform/mac-wk1/http/tests/security/mixedContent/insecure-iframe-in-main-frame-UpgradeMixedContent-expected.txt:
 Removed.
* 
LayoutTests/platform/mac-wk1/http/tests/security/mixedContent/insecure-iframe-in-sandboxed-iframe-UpgradeMixedContent-expected.txt:
 Removed.
* 
LayoutTests/platform/mac-wk1/http/tests/security/mixedContent/insecure-image-in-iframe-UpgradeMixedContent-expected.txt:
 Removed.
* 
LayoutTests/platform/mac-wk1/http/tests/security/mixedContent/redirect-http-to-https-script-in-iframe-UpgradeMixedContent-expected.txt:
 Removed.
* 
LayoutTests/platform/mac-wk1/http/tests/security/mixedContent/redirect-https-to-http-script-in-iframe-UpgradeMixedContent-expected.txt:
 Removed.
* 
LayoutTests/platform/wk2/http/tests/security/mixedContent/data-url-script-in-iframe-expected.txt:
 Removed.
* 
LayoutTests/platform/wk2/http/tests/security/mixedContent/empty-url-plugin-in-frame-expected.txt:
 Removed.
* 
LayoutTests/platform/wk2/http/tests/security/mixedContent/insecure-css-in-iframe-expected.txt:
 Removed.
* 
LayoutTests/platform/wk2/http/tests/security/mixedContent/redirect-http-to-https-iframe-in-main-frame-expected.txt:
 Removed.

Canonical link: https://commits.webkit.org/304243@main



To unsubscribe from these emails, change your notification settings at 
https://github.com/WebKit/WebKit/settings/notifications