-
Notifications
You must be signed in to change notification settings - Fork 24
/
index.html
139 lines (125 loc) · 7.64 KB
/
index.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
<html>
<head>
<title>Trickuri test cases</title>
</head>
<style>
body {
font-family: Arial,sans-serif;
font-size: 13px;
}
</style>
<body>
<h1>Welcome to Trickuri!</h1>
<p>
Trickuri has two types of test cases: tricky URLs and web feature
tests. The web feature tests can be loaded under each of the tricky URLs
to test how each web feature displays the tricky URL.
</p>
<h2>Tricky URLs</h2>
<p>
Load these URLs in a web browser to test how the browser's main URL
display handles them.
</p>
<h3>Simple</h3>
<ul>
<li><a href="https://example.test">Baseline case (example.test) (https)</a></li>
<li><a href="http://example.test">Baseline case (example.test) (http)</a></li>
<li><a href="https://evil.test">Evil.test, for testing paths do not cause the evil.test origin to be hidden</a></li>
<li><a href="https://user:[email protected]">URL with username and password</a></li>
<li><a href="https://example.test:8080">URL with non-default port</a></li>
<li><a href="http://127.0.0.1">URL with IPv4 literal hostname</a></li>
<li><a href="http://[::1]">URL with IPv6 literal hostname</a></li>
<li><a href="data:,Hello">data: URL</a> (copy and paste URL in Chrome, which disallows top-level navigations to data: URLs)</a></li>
<li><a href="ftp://example.test">ftp:// URL</a></li>
</ul>
<h3>IDNs and homoglyphs</h3>
<h4>RTL</h4>
<ul>
<li><a href="https://مثال.com">RTL url with LTR tld (https)</a></li>
<li><a href="https://مثال.إختبار">RTL url with RTL tld (https)</a></li>
<li><a href="https://example.إختبار">LTR url with RTL tld (https)</a></li>
<li><a href="http://مثال.com">RTL url with LTR tld (http)</a></li>
<li><a href="http://مثال.إختبار">RTL url with RTL tld (http)</a></li>
<li><a href="http://example.إختبار">LTR url with RTL tld (http)</a></li>
</ul>
<h4>Homoglyphs</h4>
<ul>
<li><a href="https://еxample.test">URL uses Cyrillic е instead of e</a></li>
<li><a href="https://еxӑmple.test">URL uses Cyrillic ӑ instead of a</a></li>
<li><a href="https://а.example.test">URL uses Cyrillic а in its own label</a></li>
<li><a href="https://ӑ.example.test">URL uses Cyrillic ӑ in its own label</a></li>
<li><a href="https://examp1e.test">URL uses number one instead of l</a></li>
<li><a href="https://bankofthevvest.com">URL uses "vv" instead of "w"</a></li>
<li><a href="https://go0gle.com">URL uses "0" instead of "o"</a></li>
<li><a href="https://aO12.com">URL with a single letter and numbers uses "O" instead of "0"</a></li>
<li><a href="https://a0l2.com">URL with a single letter and numbers uses "l" instead of "1"</a></li>
<li><a href="https://а012.com">URL with a single letter and numbers uses Cyrillic а instead of Latin a</a></li>
<li><a href="https://α012.com">URL with a single letter and numbers uses Greek α instead of Latin a</a></li>
<li><a href="https://аррӏе.com">URL with entire domain name "аррӏе" as all Cyrillic characters</a></li>
</ul>
<h3>Unusual characters</h3>
<ul>
<li><a href="https://example.test/space-path-test ">URL with non-breaking space in path (U+202F)</a></li>
<li><a href="https://example.test/?space-path-test= ">URL with non-breaking space in query (U+202F)</a></li>
<li><a href="https://example.test/#space-path-test ">URL with non-breaking space in fragment (U+202F)</a></li>
<li><a href="https://xn--https-5w14d.com">URL with a lock emoji in the domain</a></li>
<li><a href="https://xn--banana-ox34e.com">URL with a banana emoji in the domain</a></li>
<li><a href="https://🍌.example.com">URL with an emoji in its own label</a></li>
<li><a href="https://banana.🍌">URL with an emoji in its TLD</a></li>
<li><a href="https://example.com/🔒">URL with a lock emoji in the path</a></li>
<li><a href="https://example.com/🍌">URL with a banana emoji in the path</a></li>
<li><a href="https://example.com/?foo=🔒">URL with a lock emoji in the query</a></li>
<li><a href="https://example.com/?foo=🍌">URL with a banana emoji in the query</a></li>
<li><a href="https://example.com/foo#🔒">URL with a lock emoji in the fragment</a></li>
<li><a href="https://example.com/foo#🍌">URL with a banana emoji in the fragment</a></li>
<li><a href="https://example.com/foo bar">URL with spaces in the path</a></li>
<li><a href="https://example.com/?foo= bar">URL with spaces in the query</a></li>
<li><a href="https://example.com/#foo bar">URL with spaces in the fragment</a></li>
</ul>
<h3>Long URLs</h3>
<ul>
<li><a href="https://extremelylongurlmeanttotriggerelisionendinginadifferenturlextremelylongurlmeanttotriggerelisionendinginadifferenturlextremelylongurlmeanttotriggerelisionendinginadifferenturlexample.test">Extremely long URL to trigger elision, ending in an url that looks similar to example.test</a></li>
<li><a href="https://example.test----extremelylongurlmeanttotriggerelisionendinginadifferenturlextremelylongurlmeanttotriggerelisionendinginadifferenturlextremelylongurlmeanttotriggerelisionendinginadifferenturl.test">Extremely long URL to trigger elision, starting with a url that looks similar to example.test</a></li>
<li><a href="verylongpathverylongpathverylongpathverylongpathverylongpathverylongpathexample.test">A very long path ending in example.test</a></li>
<li><a href="?verylongpathverylongpathverylongpathverylongpathverylongpathverylongpathexample.test">A very long query ending in example.test</a></li>
<li><a href="#verylongpathverylongpathverylongpathverylongpathverylongpathverylongpathexample.test">A very long fragment ending in example.test</a></li>
<li><a href="https://example.example.example.example.example.example.example.example.example.example.example.test">URL with many subdomains</a></li>
</ul>
<h3>Short URLs</h3>
<ul>
<li><a href="https://a.com">Very short URL</a></li>
<li><a href="https://а.com">Very short URL that uses a Cyrillic a</a></li>
<li><a href="https://1.com">Very short URL that uses a number</a></li>
<li><a href="https://_.com">Very short URL that uses an underscore</a></li>
</ul>
<h2>Web feature tests</h2>
<p>
These tests exercise individual web platform features to test how they
display URLs. After loading one of the tricky URLs above, exercise these
web feature tests to observe how the individual features display the
tricky URL.
</p>
<h3>JavaScript dialogs</h3>
<ul>
<li><a href="/web-feature-tests/alert_test.html">alert</a></li>
<li><a href="/web-feature-tests/confirm_test.html">confirm</a></li>
<li><a href="/web-feature-tests/prompt_test.html">prompt</a></li>
</ul>
<h3>Permissions and permission-gated features</h3>
<ul>
<li><a href="/web-feature-tests/permissions_test.html">Permission prompt</a></li>
<li><a href="/web-feature-tests/notification.html">Notifications</a></li>
<li><a href="/web-feature-tests/webusb.html">WebUSB</a></li>
<li><a href="/web-feature-tests/webbluetooth.html">WebBluetooth</a></li>
</ul>
<h3>Authentication</h3>
<ul>
<li><a href="/web-feature-tests/http-auth/index.html">HTTP Auth</a></li>
<li><a href="/web-feature-tests/webauthn_test.html">WebAuthn</a></li>
</ul>
<h3>External protocol handlers</h3>
<ul>
<li><a href="/web-feature-tests/external_protocol_handler_test.html">External protocol handler</a></li>
</ul>
</body>
</html>