From 8277ab37b8f87edd8871a0754e8a833dcf8924c8 Mon Sep 17 00:00:00 2001
From: "pamg@google.com" <pamg@google.com@0039d316-1c4b-4281-b951-d872f2087c98>
Date: Tue, 9 Dec 2008 21:49:54 +0000
Subject: Remove pending http security tests that have been fixed in the
 mainline versions and update tests_fixable.txt correspondingly.

BUG=4391
TEST=covered by layout tests
Review URL: http://codereview.chromium.org/11016

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@6632 0039d316-1c4b-4281-b951-d872f2087c98
---
 .../pending/http/tests/misc/README.txt             |   5 -
 .../frame-default-enc-same-domain-expected.txt     |   1 -
 .../tests/misc/frame-default-enc-same-domain.html  |  14 ---
 .../misc/resources/frame-default-enc-frame.html    |  17 ---
 .../pending/http/tests/security/README             |  12 --
 ...frame-access-child-explicit-domain-expected.txt |  10 --
 .../cross-frame-access-child-explicit-domain.html  |  17 ---
 .../cross-frame-access-frames-expected.txt         |  11 --
 .../tests/security/cross-frame-access-frames.html  |  30 -----
 ...rame-access-parent-explicit-domain-expected.txt |  10 --
 .../cross-frame-access-parent-explicit-domain.html |  19 ---
 .../security/cross-frame-access-port-expected.txt  |  10 --
 ...-frame-access-port-explicit-domain-expected.txt |  12 --
 .../cross-frame-access-port-explicit-domain.html   |  20 ---
 .../tests/security/cross-frame-access-port.html    |  16 ---
 .../cross-frame-access-protocol-expected.txt       |  10 --
 ...me-access-protocol-explicit-domain-expected.txt |  12 --
 ...ross-frame-access-protocol-explicit-domain.html |  20 ---
 .../security/cross-frame-access-protocol.html      |  16 ---
 .../pending/http/tests/security/pass-expected.txt  |   1 -
 .../pending/http/tests/security/pass.html          |  13 --
 .../protocol-compare-case-insensitive-expected.txt |  10 --
 .../protocol-compare-case-insensitive.html         |  16 ---
 .../tests/security/resources/cross-frame-access.js | 134 ---------------------
 .../resources/cross-frame-iframe-for-get-test.html |   7 --
 ...ross-frame-iframe-with-explicit-domain-set.html |  11 --
 .../security/resources/cross-frame-iframe.html     |  15 ---
 .../layout_tests/test_lists/tests_fixable.txt      |  20 ++-
 28 files changed, 9 insertions(+), 480 deletions(-)
 delete mode 100644 webkit/data/layout_tests/pending/http/tests/misc/README.txt
 delete mode 100644 webkit/data/layout_tests/pending/http/tests/misc/frame-default-enc-same-domain-expected.txt
 delete mode 100644 webkit/data/layout_tests/pending/http/tests/misc/frame-default-enc-same-domain.html
 delete mode 100644 webkit/data/layout_tests/pending/http/tests/misc/resources/frame-default-enc-frame.html
 delete mode 100644 webkit/data/layout_tests/pending/http/tests/security/README
 delete mode 100644 webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-child-explicit-domain-expected.txt
 delete mode 100644 webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-child-explicit-domain.html
 delete mode 100644 webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-frames-expected.txt
 delete mode 100644 webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-frames.html
 delete mode 100644 webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-parent-explicit-domain-expected.txt
 delete mode 100644 webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-parent-explicit-domain.html
 delete mode 100644 webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-port-expected.txt
 delete mode 100644 webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-port-explicit-domain-expected.txt
 delete mode 100644 webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-port-explicit-domain.html
 delete mode 100644 webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-port.html
 delete mode 100644 webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-protocol-expected.txt
 delete mode 100644 webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-protocol-explicit-domain-expected.txt
 delete mode 100644 webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-protocol-explicit-domain.html
 delete mode 100644 webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-protocol.html
 delete mode 100644 webkit/data/layout_tests/pending/http/tests/security/pass-expected.txt
 delete mode 100644 webkit/data/layout_tests/pending/http/tests/security/pass.html
 delete mode 100644 webkit/data/layout_tests/pending/http/tests/security/protocol-compare-case-insensitive-expected.txt
 delete mode 100644 webkit/data/layout_tests/pending/http/tests/security/protocol-compare-case-insensitive.html
 delete mode 100644 webkit/data/layout_tests/pending/http/tests/security/resources/cross-frame-access.js
 delete mode 100644 webkit/data/layout_tests/pending/http/tests/security/resources/cross-frame-iframe-for-get-test.html
 delete mode 100644 webkit/data/layout_tests/pending/http/tests/security/resources/cross-frame-iframe-with-explicit-domain-set.html
 delete mode 100644 webkit/data/layout_tests/pending/http/tests/security/resources/cross-frame-iframe.html

diff --git a/webkit/data/layout_tests/pending/http/tests/misc/README.txt b/webkit/data/layout_tests/pending/http/tests/misc/README.txt
deleted file mode 100644
index 44517c6b..0000000
--- a/webkit/data/layout_tests/pending/http/tests/misc/README.txt
+++ /dev/null
@@ -1,5 +0,0 @@
-frame-default-enc-same-domain.html
-resources/frame-default-enc-frame.html
--------------------------------------------
-This test should be removed once the patch for webkit bug 21581
-(https://bugs.webkit.org/show_bug.cgi?id=21581) is accepted in the upstream.
diff --git a/webkit/data/layout_tests/pending/http/tests/misc/frame-default-enc-same-domain-expected.txt b/webkit/data/layout_tests/pending/http/tests/misc/frame-default-enc-same-domain-expected.txt
deleted file mode 100644
index d1ab9e3..0000000
--- a/webkit/data/layout_tests/pending/http/tests/misc/frame-default-enc-same-domain-expected.txt
+++ /dev/null
@@ -1 +0,0 @@
-ALERT: windows-1256
diff --git a/webkit/data/layout_tests/pending/http/tests/misc/frame-default-enc-same-domain.html b/webkit/data/layout_tests/pending/http/tests/misc/frame-default-enc-same-domain.html
deleted file mode 100644
index 5ef955a..0000000
--- a/webkit/data/layout_tests/pending/http/tests/misc/frame-default-enc-same-domain.html
+++ /dev/null
@@ -1,14 +0,0 @@
-<html>
-<head>
-<meta http-equiv="content-type" content="text/html; charset=windows-1256">
-<title>Frames and encodings</title>
-<script>
-if (window.layoutTestController)
-    layoutTestController.dumpAsText();
-</script>
-</head>
-<frameset rows="0,*">
-    <frame src="about:" scrolling=no marginwidth=0 marginheight=0>
-    <frame src="resources/frame-default-enc-frame.html">
-</frameset>
-</html>
diff --git a/webkit/data/layout_tests/pending/http/tests/misc/resources/frame-default-enc-frame.html b/webkit/data/layout_tests/pending/http/tests/misc/resources/frame-default-enc-frame.html
deleted file mode 100644
index 5cd955a..0000000
--- a/webkit/data/layout_tests/pending/http/tests/misc/resources/frame-default-enc-frame.html
+++ /dev/null
@@ -1,17 +0,0 @@
-<html>
-<head>
-<title>Frame</title>
-</head>
-<body>
-<script>
-    chs = document.inputEncoding;
-    if (!chs)
-        chs = document.charset;
-    if (!chs)
-        chs = document.characterSet;
-
-    alert(chs);
-</script>
-
-</body>
-</html>
diff --git a/webkit/data/layout_tests/pending/http/tests/security/README b/webkit/data/layout_tests/pending/http/tests/security/README
deleted file mode 100644
index 6b63383..0000000
--- a/webkit/data/layout_tests/pending/http/tests/security/README
+++ /dev/null
@@ -1,12 +0,0 @@
-cross-frame-access-frames.html: added a check to make sure that
-targetWindow.frames.private is undefined.
-
-cross-frame-access-child-explicit-domain.html
-cross-frame-access-parent-explicit-domain.html
-cross-frame-access-port-explicit-domain.html
-cross-frame-access-port.html
-cross-frame-access-protocol-explicit-domain.html
-cross-frame-access-protocol.html
-protocol-compare-case-insensitive.html
-----------------------------------------------------------------------
-Forked users of flakey can/cannotAccessFrame.  Bug 1143337.
diff --git a/webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-child-explicit-domain-expected.txt b/webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-child-explicit-domain-expected.txt
deleted file mode 100644
index ef8b34a..0000000
--- a/webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-child-explicit-domain-expected.txt
+++ /dev/null
@@ -1,10 +0,0 @@
-CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL http://127.0.0.1:9000/security/resources/cross-frame-iframe-with-explicit-domain-set.html from frame with URL http://127.0.0.1:9000/security/cross-frame-access-child-explicit-domain.html. Domains, protocols and ports must match.
-
-
-PASS: Cross frame access to frame explicitly setting document.domain was denied.
-
-
---------
-Frame: 'aFrame'
---------
-Inner iframe with explicit document.domain set.
diff --git a/webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-child-explicit-domain.html b/webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-child-explicit-domain.html
deleted file mode 100644
index 341da38..0000000
--- a/webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-child-explicit-domain.html
+++ /dev/null
@@ -1,17 +0,0 @@
-<html>
-<head>
-    <script src="resources/cross-frame-access.js"></script>
-</head>
-<body>
-<iframe id="aFrame"></iframe>
-<pre id="console"></pre>
-<script>
-    var url = "http://127.0.0.1:9000/security/resources/cross-frame-iframe-with-explicit-domain-set.html";
-    var iframeId ="aFrame";
-    var passMessage = "PASS: Cross frame access to frame explicitly setting document.domain was denied.";
-    var failMessage = "Fail: Cross frame access to frame explicitly setting document.domain was allowed.";
-    cannotAccessFrame(url, iframeId, passMessage, failMessage);
-</script>
-</body>
-</html>
-<html>
diff --git a/webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-frames-expected.txt b/webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-frames-expected.txt
deleted file mode 100644
index 6bf5e34..0000000
--- a/webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-frames-expected.txt
+++ /dev/null
@@ -1,11 +0,0 @@
-CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL http://localhost:9000/security/resources/cross-frame-iframe-for-get-test.html from frame with URL http://127.0.0.1:9000/security/cross-frame-access-frames.html. Domains, protocols and ports must match.
-
-
-
------ tests for getting/setting the frames array access and the properties associated with it -----
-
-PASS: targetWindow.frames.length should be '1' and is.
-PASS: canGet('targetWindow.frames[0]') should be 'true' and is.
-PASS: canGet('targetWindow[0]') should be 'true' and is.
-PASS: targetWindow.frames.private should be 'undefined' and is.
-
diff --git a/webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-frames.html b/webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-frames.html
deleted file mode 100644
index 4fcb8516..0000000
--- a/webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-frames.html
+++ /dev/null
@@ -1,30 +0,0 @@
-<html>
-<head>
-    <script src="resources/cross-frame-access.js"></script>
-</head>
-<body>
-<iframe src="http://localhost:9000/security/resources/cross-frame-iframe-for-get-test.html" style=""></iframe>
-<pre id="console"></pre>
-<script>
-
-window.targetWindow = frames[0];
-
-window.onload = function()
-{
-    if (window.layoutTestController)
-        layoutTestController.dumpAsText();
-
-    log("\n----- tests for getting/setting the frames array access and the properties associated with it -----\n");
-
-    // frames array
-    shouldBe("targetWindow.frames.length", 1);
-    shouldBeTrue("canGet('targetWindow.frames[0]')");
-    shouldBeTrue("canGet('targetWindow[0]')");
-    shouldBe("targetWindow.frames.private", undefined);
-
-    // Work around DRT bug that causes subsequent tests to fail.
-    window.stop();
-}
-</script>
-</body>
-</html>
diff --git a/webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-parent-explicit-domain-expected.txt b/webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-parent-explicit-domain-expected.txt
deleted file mode 100644
index 3fbaeb3..0000000
--- a/webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-parent-explicit-domain-expected.txt
+++ /dev/null
@@ -1,10 +0,0 @@
-CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL http://127.0.0.1:9000/security/resources/cross-frame-iframe.html from frame with URL http://127.0.0.1:9000/security/cross-frame-access-parent-explicit-domain.html. Domains, protocols and ports must match.
-
-
-PASS: Cross frame access from frame explicitly setting document.domain was denied.
-
-
---------
-Frame: 'aFrame'
---------
-Inner iframe.
diff --git a/webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-parent-explicit-domain.html b/webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-parent-explicit-domain.html
deleted file mode 100644
index 716a139..0000000
--- a/webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-parent-explicit-domain.html
+++ /dev/null
@@ -1,19 +0,0 @@
-<html>
-<head>
-    <script src="resources/cross-frame-access.js"></script>
-</head>
-<body>
-<iframe id="aFrame"></iframe>
-<pre id="console"></pre>
-<script>
-    // Explicitly set the domain.
-    document.domain = "127.0.0.1";
-
-    var url = "http://127.0.0.1:9000/security/resources/cross-frame-iframe.html";
-    var iframeId ="aFrame";
-    var passMessage = "PASS: Cross frame access from frame explicitly setting document.domain was denied.";
-    var failMessage = "Fail: Cross frame access from frame explicitly setting document.domain was allowed.";
-    cannotAccessFrame(url, iframeId, passMessage, failMessage);
-</script>
-</body>
-</html>
diff --git a/webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-port-expected.txt b/webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-port-expected.txt
deleted file mode 100644
index b2e06e8..0000000
--- a/webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-port-expected.txt
+++ /dev/null
@@ -1,10 +0,0 @@
-CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL http://127.0.0.1:9080/security/resources/cross-frame-iframe.html from frame with URL http://127.0.0.1:9000/security/cross-frame-access-port.html. Domains, protocols and ports must match.
-
-
-PASS: Cross frame access to different port was denied!
-
-
---------
-Frame: 'aFrame'
---------
-Inner iframe.
diff --git a/webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-port-explicit-domain-expected.txt b/webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-port-explicit-domain-expected.txt
deleted file mode 100644
index a0a4330..0000000
--- a/webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-port-explicit-domain-expected.txt
+++ /dev/null
@@ -1,12 +0,0 @@
-This test currently fails because we check the port and protocol even if document.domain is explicitly set (rdar://problem/5366437).
-
-
-PASS: Cross frame access to a different port, after explicitly setting document.domain, was allowed!
-
-
---------
-Frame: 'aFrame'
---------
-PASS: Cross frame access to a different port, after explicitly setting document.domain, was allowed!
-
-Inner iframe with explicit document.domain set.
diff --git a/webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-port-explicit-domain.html b/webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-port-explicit-domain.html
deleted file mode 100644
index fb9afa8..0000000
--- a/webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-port-explicit-domain.html
+++ /dev/null
@@ -1,20 +0,0 @@
-<html>
-<head>
-    <script src="resources/cross-frame-access.js"></script>
-</head>
-<body>
-<p>This test currently fails because we check the port and protocol even if document.domain is explicitly set (rdar://problem/5366437).</p> 
-<iframe id="aFrame"></iframe>
-<pre id="console"></pre>
-<script>
-    // Explicitly set the domain.
-    document.domain = "127.0.0.1";
-
-    var url = "http://127.0.0.1:9080/security/resources/cross-frame-iframe-with-explicit-domain-set.html";
-    var iframeId ="aFrame";
-    var passMessage = "PASS: Cross frame access to a different port, after explicitly setting document.domain, was allowed!";
-    var failMessage = "Fail: Cross frame access to a different port, after explicitly setting document.domain, was denied.";
-    canAccessFrame(url, iframeId, passMessage, failMessage);
-</script>
-</body>
-</html>
diff --git a/webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-port.html b/webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-port.html
deleted file mode 100644
index 9b3a4ad..0000000
--- a/webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-port.html
+++ /dev/null
@@ -1,16 +0,0 @@
-<html>
-<head>
-    <script src="resources/cross-frame-access.js"></script>
-</head>
-<body>
-<iframe id="aFrame"></iframe>
-<pre id="console"></pre>
-<script>
-    var url = "http://127.0.0.1:9080/security/resources/cross-frame-iframe.html";
-    var iframeId ="aFrame";
-    var passMessage = "PASS: Cross frame access to different port was denied!";
-    var failMessage = "FAIL: Cross frame access to a different port was allowed.";
-    cannotAccessFrame(url, iframeId, passMessage, failMessage);
-</script>
-</body>
-</html>
diff --git a/webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-protocol-expected.txt b/webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-protocol-expected.txt
deleted file mode 100644
index 7185e21..0000000
--- a/webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-protocol-expected.txt
+++ /dev/null
@@ -1,10 +0,0 @@
-CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL https://127.0.0.1:9443/security/resources/cross-frame-iframe.html from frame with URL http://127.0.0.1:9000/security/cross-frame-access-protocol.html. Domains, protocols and ports must match.
-
-
-PASS: Cross frame access to https from http was denied!
-
-
---------
-Frame: 'aFrame'
---------
-Inner iframe.
diff --git a/webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-protocol-explicit-domain-expected.txt b/webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-protocol-explicit-domain-expected.txt
deleted file mode 100644
index cbfbee9..0000000
--- a/webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-protocol-explicit-domain-expected.txt
+++ /dev/null
@@ -1,12 +0,0 @@
-CONSOLE MESSAGE: line 1: Unsafe JavaScript attempt to access frame with URL https://127.0.0.1:9443/security/resources/cross-frame-iframe-with-explicit-domain-set.html from frame with URL http://127.0.0.1:9000/security/cross-frame-access-protocol-explicit-domain.html. Domains, protocols and ports must match.
-
-This test currently fails because we check the port and protocol even if document.domain is explicitly set (rdar://problem/5366437).
-
-
-PASS: Cross frame access to https from http, after explicitly setting document.domain, was denied.
-
-
---------
-Frame: 'aFrame'
---------
-Inner iframe with explicit document.domain set.
diff --git a/webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-protocol-explicit-domain.html b/webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-protocol-explicit-domain.html
deleted file mode 100644
index a903c71..0000000
--- a/webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-protocol-explicit-domain.html
+++ /dev/null
@@ -1,20 +0,0 @@
-<html>
-<head>
-    <script src="resources/cross-frame-access.js"></script>
-</head>
-<body>
-<p>This test currently fails because we check the port and protocol even if document.domain is explicitly set (rdar://problem/5366437).</p> 
-<iframe id="aFrame"></iframe>
-<pre id="console"></pre>
-<script>
-    // Explicitly set the domain.
-    document.domain = "127.0.0.1";
-
-    var url = "https://127.0.0.1:9443/security/resources/cross-frame-iframe-with-explicit-domain-set.html";
-    var iframeId ="aFrame";
-    var passMessage = "PASS: Cross frame access to https from http, after explicitly setting document.domain, was denied.";
-    var failMessage = "Fail: Cross frame access to https from http, after explicitly setting document.domain, was allowed.";
-    cannotAccessFrame(url, iframeId, passMessage, failMessage);
-</script>
-</body>
-</html>
diff --git a/webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-protocol.html b/webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-protocol.html
deleted file mode 100644
index ff09edb..0000000
--- a/webkit/data/layout_tests/pending/http/tests/security/cross-frame-access-protocol.html
+++ /dev/null
@@ -1,16 +0,0 @@
-<html>
-<head>
-    <script src="resources/cross-frame-access.js"></script>
-</head>
-<body>
-<iframe id="aFrame"></iframe>
-<pre id="console"></pre>
-<script>
-    var url = "https://127.0.0.1:9443/security/resources/cross-frame-iframe.html";
-    var iframeId ="aFrame";
-    var passMessage = "PASS: Cross frame access to https from http was denied!";
-    var failMessage = "FAIL: Cross frame access to https from http was allowed.";
-    cannotAccessFrame(url, iframeId, passMessage, failMessage);
-</script>
-</body>
-</html>
diff --git a/webkit/data/layout_tests/pending/http/tests/security/pass-expected.txt b/webkit/data/layout_tests/pending/http/tests/security/pass-expected.txt
deleted file mode 100644
index 1853caa..0000000
--- a/webkit/data/layout_tests/pending/http/tests/security/pass-expected.txt
+++ /dev/null
@@ -1 +0,0 @@
-PASS!
diff --git a/webkit/data/layout_tests/pending/http/tests/security/pass.html b/webkit/data/layout_tests/pending/http/tests/security/pass.html
deleted file mode 100644
index 990a7b6..0000000
--- a/webkit/data/layout_tests/pending/http/tests/security/pass.html
+++ /dev/null
@@ -1,13 +0,0 @@
-<html>
-<head>
-<script>
-window.onload = function() {
-  if (window.layoutTestController)
-    layoutTestController.dumpAsText();
-};
-</script>
-</head>
-<body>
-PASS!
-</body>
-</html>
diff --git a/webkit/data/layout_tests/pending/http/tests/security/protocol-compare-case-insensitive-expected.txt b/webkit/data/layout_tests/pending/http/tests/security/protocol-compare-case-insensitive-expected.txt
deleted file mode 100644
index 3dc5ec1..0000000
--- a/webkit/data/layout_tests/pending/http/tests/security/protocol-compare-case-insensitive-expected.txt
+++ /dev/null
@@ -1,10 +0,0 @@
-
-PASS: Protocol name compare is case insensitive!
-
-
---------
-Frame: 'aFrame'
---------
-PASS: Protocol name compare is case insensitive!
-
-Inner iframe.
diff --git a/webkit/data/layout_tests/pending/http/tests/security/protocol-compare-case-insensitive.html b/webkit/data/layout_tests/pending/http/tests/security/protocol-compare-case-insensitive.html
deleted file mode 100644
index 1ceaccd..0000000
--- a/webkit/data/layout_tests/pending/http/tests/security/protocol-compare-case-insensitive.html
+++ /dev/null
@@ -1,16 +0,0 @@
-<html>
-<head>
-    <script src="resources/cross-frame-access.js"></script>
-</head>
-<body>
-<iframe id="aFrame"></iframe>
-<pre id="console"></pre>
-<script>
-    var url = "HTTP://127.0.0.1:9000/security/resources/cross-frame-iframe.html";
-    var iframeId ="aFrame";
-    var passMessage = "PASS: Protocol name compare is case insensitive!";
-    var failMessage = "FAIL: Protocol name compare is case sensitive, should be case insensitive.";
-    canAccessFrame(url, iframeId, passMessage, failMessage);
-</script>
-</body>
-</html>
diff --git a/webkit/data/layout_tests/pending/http/tests/security/resources/cross-frame-access.js b/webkit/data/layout_tests/pending/http/tests/security/resources/cross-frame-access.js
deleted file mode 100644
index d395d60..0000000
--- a/webkit/data/layout_tests/pending/http/tests/security/resources/cross-frame-access.js
+++ /dev/null
@@ -1,134 +0,0 @@
-function log(s)
-{
-    document.getElementById("console").appendChild(document.createTextNode(s + "\n"));
-}
-
-function shouldBe(a, b)
-{
-    var evalA, evalB;
-    try {
-        evalA = eval(a);
-        evalB = eval(b);
-    } catch(e) {
-        evalA = e;
-    }
-
-    var message = (evalA === evalB)
-                    ? "PASS: " + a + " should be '" + evalB + "' and is."
-                    : "*** FAIL: " + a + " should be '" + evalB + "' but instead is " + evalA + ". ***";
-    log(message);
-}
-
-function shouldBeTrue(a) 
-{ 
-    shouldBe(a, "true"); 
-}
-
-function shouldBeFalse(b) 
-{ 
-    shouldBe(b, "false"); 
-}
-
-function canGet(keyPath)
-{
-    try {
-        return eval("window." + keyPath) !== undefined;
-    } catch(e) {
-        return false;
-    }
-}
-
-window.marker = { };
-
-function canSet(keyPath, valuePath)
-{
-    if (valuePath === undefined)
-        valuePath = "window.marker";
-
-    try {
-        eval("window." + keyPath + " = " + valuePath);
-        return eval("window." + keyPath) === eval("window." + valuePath);
-    } catch(e) {
-        return false;
-    }
-}
-
-function canCall(keyPath, argumentString)
-{
-    try {
-        eval("window." + keyPath + "(" + (argumentString === undefined ? "" : "'" + argumentString + "'") + ")");
-        return true;
-    } catch(e) {
-        return false;
-    }
-}
-
-function toString(expression, valueForException)
-{
-    if (valueForException === undefined)
-        valueForException = "[exception]";
-        
-    try {
-        var evalExpression = eval(expression);
-        if (evalExpression === undefined)
-            throw null;
-        return String(evalExpression);
-    } catch(e) {
-        return valueForException;
-    }
-}
-
-// Frame Access Tests
-
-function canAccessFrame(iframeURL, iframeId, passMessage, failMessage) {
-    if (window.layoutTestController) {
-        layoutTestController.dumpAsText();
-        layoutTestController.dumpChildFramesAsText();
-        layoutTestController.waitUntilDone();
-    }
-
-    var targetWindow = frames[0];
-    if (!targetWindow.document.body)
-        log("FAIL: targetWindow started with no document, we won't know if the test passed or failed.");
-
-    function test() {
-        try {
-            if (targetWindow.document.body) {
-                if (targetWindow.document.getElementById('accessMe')) {
-                    targetWindow.document.getElementById('accessMe').innerHTML = passMessage;
-                    log(passMessage);
-                    if (window.layoutTestController)
-                        layoutTestController.notifyDone();
-                    return;
-                }
-            }
-        } catch (e) { }
-
-        log(failMessage);
-        if (window.layoutTestController)
-            layoutTestController.notifyDone();
-    }
-
-    var iframe = document.getElementById(iframeId);
-    iframe.onload = test;
-    iframe.src = iframeURL;
-}
-
-function cannotAccessFrame(iframeURL, iframeId, passMessage, failMessage) {
-    return canAccessFrame(iframeURL, iframeId, failMessage, passMessage);
-}
-
-function closeWindowAndNotifyDone(win)
-{
-    win.close();
-    setTimeout(doneHandler, 1);
-    function doneHandler() {
-        if (win.closed) {
-            if (window.layoutTestController)
-                layoutTestController.notifyDone();
-            return;
-        }
-
-        setTimeout(doneHandler, 1);
-    }
-}
diff --git a/webkit/data/layout_tests/pending/http/tests/security/resources/cross-frame-iframe-for-get-test.html b/webkit/data/layout_tests/pending/http/tests/security/resources/cross-frame-iframe-for-get-test.html
deleted file mode 100644
index c0e0e75..0000000
--- a/webkit/data/layout_tests/pending/http/tests/security/resources/cross-frame-iframe-for-get-test.html
+++ /dev/null
@@ -1,7 +0,0 @@
-<iframe name="testiframe" src="data:text/html,<p>test iframe</p>"></iframe>
-<img name="testimage" src="data:image/jpg,">
-<script>
-window.existingCustomProperty = 1; 
-window.Object.prototype.prototypeCustomProperty = 1;
-window.frames.private = 1;
-</script>
diff --git a/webkit/data/layout_tests/pending/http/tests/security/resources/cross-frame-iframe-with-explicit-domain-set.html b/webkit/data/layout_tests/pending/http/tests/security/resources/cross-frame-iframe-with-explicit-domain-set.html
deleted file mode 100644
index 472da1c..0000000
--- a/webkit/data/layout_tests/pending/http/tests/security/resources/cross-frame-iframe-with-explicit-domain-set.html
+++ /dev/null
@@ -1,11 +0,0 @@
-<html>
-<head>
-    <script>
-        document.domain = "127.0.0.1";
-    </script>
-</head>
-<body>
-    <p id='accessMe'></p>
-    <p>Inner iframe with explicit document.domain set.</p>
-</body>
-</html>
diff --git a/webkit/data/layout_tests/pending/http/tests/security/resources/cross-frame-iframe.html b/webkit/data/layout_tests/pending/http/tests/security/resources/cross-frame-iframe.html
deleted file mode 100644
index ceb4ef5..0000000
--- a/webkit/data/layout_tests/pending/http/tests/security/resources/cross-frame-iframe.html
+++ /dev/null
@@ -1,15 +0,0 @@
-<html>
-<head>
-    <script>
-        function fireSentinel()
-        {
-            if (window.layoutTestController)
-                layoutTestController.globalFlag = true;
-        }
-    </script>
-</head>
-<body onload="fireSentinel();">
-    <p id='accessMe'></p>
-    <p>Inner iframe.</p>
-</body>
-</html>
diff --git a/webkit/tools/layout_tests/test_lists/tests_fixable.txt b/webkit/tools/layout_tests/test_lists/tests_fixable.txt
index 0ecd000..71aea73 100644
--- a/webkit/tools/layout_tests/test_lists/tests_fixable.txt
+++ b/webkit/tools/layout_tests/test_lists/tests_fixable.txt
@@ -129,12 +129,6 @@ LayoutTests/fast/repaint/bugzilla-6473.html = PASS FAIL
 // Bug 982608: test had a wrong result for one condition
 LayoutTests/plugins/destroy-stream-twice.html = FAIL TIMEOUT
 
-// Bug 1143337.  Forked to pending/http/tests/security/.
-LINUX WIN : LayoutTests/http/tests/security/cross-frame-access-child-explicit-domain.html = FAIL
-LayoutTests/http/tests/security/cross-frame-access-parent-explicit-domain.html = FAIL
-LayoutTests/http/tests/security/cross-frame-access-protocol-explicit-domain.html = FAIL
-LayoutTests/http/tests/security/cross-frame-access-protocol.html = FAIL
-
 // Bug 1064038.  Image with border="1" drawn without the border.
 LINUX WIN : LayoutTests/fast/forms/image-border.html = FAIL
 
@@ -145,6 +139,15 @@ LINUX WIN : LayoutTests/fast/forms/textarea-scrollbar-height.html = FAIL
 // Other
 // -----------------------------------------------------------------
 
+
+// Bug 5248
+LayoutTests/http/tests/security/cross-frame-access-protocol-explicit-domain.html = FAIL
+LayoutTests/http/tests/security/cross-frame-access-protocol.html = FAIL
+
+// Bug 5247: regressed with the giant WebKit merge?
+LayoutTests/http/tests/security/cross-frame-access-child-explicit-domain.html = FAIL
+LayoutTests/http/tests/security/cross-frame-access-parent-explicit-domain.html = FAIL
+
 // Bug 865472, this should just need proper pixel test rebaselining.
 // Also skipped by Apple on Windows (rdar://5723191).
 LayoutTests/http/tests/navigation/javascriptlink-frames.html = FAIL
@@ -513,8 +516,6 @@ LINUX WIN : LayoutTests/fast/text/zero-width-characters.html = FAIL
 // HTTPS tests fail on the open source buildbot with error "cross-site not access allowed".
 // See bug # 2306
 LayoutTests/http/tests/ssl/verify-ssl-enabled.php = FAIL PASS
-pending/http/tests/security/cross-frame-access-protocol-explicit-domain.html = PASS TIMEOUT
-pending/http/tests/security/cross-frame-access-protocol.html = CRASH PASS TIMEOUT
 
 // V8 doesn't stable sort. This is not required and may never be fixed. It is
 // tracked by: http://code.google.com/p/v8/issues/detail?id=90
@@ -759,8 +760,6 @@ LINUX WIN : LayoutTests/tables/mozilla/bugs/bug43854-1.html = FAIL
 LINUX WIN : LayoutTests/tables/mozilla_expected_failures/bugs/bug14007-2.html = FAIL
 chrome/fast/dom/domListEnumeration.html = FAIL
 chrome/fast/forms/basic-textareas-quirks.html = FAIL
-pending/http/tests/security/cross-frame-access-child-explicit-domain.html = FAIL
-pending/http/tests/security/cross-frame-access-parent-explicit-domain.html = FAIL
 
 // This test seems to fail on the builders but not locally.
 WIN : LayoutTests/fast/css/font-face-multiple-faces.html = FAIL
@@ -1786,7 +1785,6 @@ MAC : LayoutTests/http/tests/security/aboutBlank/xss-DENIED-navigate-opener-docu
 MAC : LayoutTests/http/tests/security/aboutBlank/xss-DENIED-navigate-opener-javascript-url.html = FAIL
 MAC : LayoutTests/http/tests/security/aboutBlank/xss-DENIED-set-opener.html = FAIL
 MAC : LayoutTests/http/tests/security/cross-frame-access-call.html = FAIL TIMEOUT
-MAC : LayoutTests/http/tests/security/cross-frame-access-child-explicit-domain.html = FAIL
 MAC : LayoutTests/http/tests/security/cross-frame-access-custom.html = FAIL
 MAC : LayoutTests/http/tests/security/cross-frame-access-get-override.html = FAIL
 MAC : LayoutTests/http/tests/security/cross-frame-access-get.html = FAIL
-- 
cgit v1.1