Source code

Revision control

Copy as Markdown

Other Tools

Test Info: Warnings

<!DOCTYPE HTML>
<html>
<!--
-->
<head>
<meta charset="utf-8">
<title>Test for Bug 713980</title>
<script src="/tests/SimpleTest/SimpleTest.js"></script>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
<!-- Load a cross-origin webfont without CORS (common pain point) and some
other styles that require anonymous CORS -->
<style>
@font-face {
font-family: "bad_cross_origin_webfont";
}
div#bad_webfont { font-family: "bad_cross_origin_webfont"; }
</style>
</head>
<body>
<pre id="test">
<script class="testbody" type="text/javascript">
SimpleTest.waitForExplicitFinish();
var tests = {
xhr : {
uri_test : "http://invalid",
result : null,
category: "CORSAllowOriginNotMatchingOrigin"
},
font : {
uri_test : "font_bad",
result : null,
category: "CORSMissingAllowOrigin2",
},
shape_outside : {
uri_test : "bad_shape_outside",
result : null,
category: "CORSMissingAllowOrigin2",
ignore_windowID: true,
},
mask_image : {
uri_test : "bad_mask_image",
result : null,
category: "CORSMissingAllowOrigin2",
ignore_windowID: true,
},
}
function testsComplete() {
for (var testName in tests) {
var test = tests[testName];
if (test.result == null) {
info("Still waiting on (at least) " + testName + ".");
return false;
}
}
return true;
}
SpecialPowers.registerConsoleListener(function CORSMsgListener(aMsg) {
if (!/Cross-Origin Request Blocked/.test(aMsg.message))
return;
for (var testName in tests) {
var test = tests[testName];
var category = test.category;
if (test.result != null)
continue;
var testRegexp = new RegExp(test.uri_test);
if (testRegexp.test(aMsg.message)) {
test.result = true;
ok(true, "Got \"Cross-site request blocked\" warning message for " + testName);
ok(aMsg.category == category,
"Got warning message with category \"" + aMsg.category + "\", expected \"" + category + "\"");
// Got the message we wanted - make sure it is destined for a valid inner window
if(!test.ignore_windowID) {
ok(aMsg.windowID != 0, "Valid (non-zero) windowID for the cross-site request blocked message.");
}
break;
}
}
if (testsComplete()) {
SimpleTest.executeSoon(cleanup);
}
});
function cleanup() {
SpecialPowers.postConsoleSentinel();
SimpleTest.finish();
}
// Send a cross-origin XHR request without CORS
var xhr = new XMLHttpRequest();
xhr.send(null);
let badDiv;
// Create a div that triggers a cross-origin webfont request
// We do this in Javascript in order to guarantee the console listener has
// already been registered; otherwise, there could be a race.
badDiv = document.createElement('div');
badDiv.setAttribute('id', 'bad_webfont');
document.body.appendChild(badDiv);
// Create a div that triggers a cross-origin request for a shape-outside image
badDiv = document.createElement('div');
badDiv.setAttribute('id', 'bad_shape_outside');
document.body.appendChild(badDiv);
// Create a div that triggers a cross-origin request for a mask-image
badDiv = document.createElement('div');
badDiv.setAttribute('id', 'bad_mask_image');
document.body.appendChild(badDiv);
</script>
</pre>
</body>
</html>