The test LayoutTests/http/tests/security/contentSecurityPolicy/media-src-track-block.html will always pass regardless of presence of the Content Security Policy <meta> tag in it because the referenced external text track file, <http://trac.webkit.org/browser/trunk/LayoutTests/http/tests/security/contentSecurityPolicy/resources/track.vtt?rev=138820>, is not a valid WebVTT-formatted file. Steps to reproduce: 1. Run, Tools/Scripts/run-webkit-tests LayoutTests/http/tests/security/contentSecurityPolicy/media-src-track-block.html Notice that the test passes. 2. Open the file LayoutTests/http/tests/security/contentSecurityPolicy/media-src-track-block.html in a text editor, remove the following line, and save the file: <meta http-equiv="Content-Security-Policy" content="media-src 'none'"> LayoutTests/http/tests/security/contentSecurityPolicy/media-src-track-block.html 3. Run, Tools/Scripts/run-webkit-tests LayoutTests/http/tests/security/contentSecurityPolicy/media-src-track-block.html Notice that the test passes. But it should fail with JavaScript alert "FAIL".
By <https://html.spec.whatwg.org/multipage/embedded-content.html#text-track-failed-to-load>, "failed to load" for an external text track "indicates that the text track was enabled, but when the user agent attempted to obtain it, this failed in some way (e.g. URL could not be resolved, network error, unknown text track format). Some or all of the cues are likely missing and will not be obtained." In particular, an external text track is considered to have "failed to load" if it has an "unknown text track format".
Created attachment 255470 [details] Patch
Comment on attachment 255470 [details] Patch Clearing flags on attachment: 255470 Committed r185910: <http://trac.webkit.org/changeset/185910>
All reviewed patches have been landed. Closing bug.