Source code
Revision control
Copy as Markdown
Other Tools
Test Info: Warnings
- This test gets skipped with pattern: http3 OR http2
- Manifest: dom/security/test/cors/mochitest.toml
<!DOCTYPE HTML>
<html>
<head>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=utf-8">
<title>Test for Cross Site XMLHttpRequest</title>
<script src="/tests/SimpleTest/SimpleTest.js"></script>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
</head>
<body>
<p id="display">
<iframe id=loader></iframe>
</p>
<div id="content" style="display: none">
</div>
<pre id="test">
<script class="testbody" type="application/javascript">
SimpleTest.waitForExplicitFinish();
SimpleTest.requestLongerTimeout(2);
var origins =
},
},
},
},
{ server: 'http://\u03c0\u03b1\u03c1\u03ac\u03b4\u03b5\u03b9\u03b3\u03bc\u03b1.\u03b4\u03bf\u03ba\u03b9\u03bc\u03ae',
},
{ origin: 'null',
},
];
function initTest() {
// Allow all cookies, then do the actual test initialization
SpecialPowers.pushPrefEnv({
"set": [
// Some of this test relies on redirecting to data: URLs from http.
["network.allow_redirect_to_data", true],
]
}).then(initTestCallback);
}
function initTestCallback() {
window.addEventListener("message", function(e) {
gen.next(e.data);
});
gen = runTest();
gen.next();
}
function* runTest() {
var loader = document.getElementById('loader');
var loaderWindow = loader.contentWindow;
loader.onload = function () { gen.next() };
// Test preflight-less requests
basePath = "/tests/dom/security/test/cors/file_CrossSiteXHR_server.sjs?"
for (originEntry of origins) {
origin = originEntry.origin || originEntry.server;
loader.src = originEntry.file ||
(originEntry.server + "/tests/dom/security/test/cors/file_CrossSiteXHR_inner.html");
yield undefined;
var isNullOrigin = origin == "null";
port = /:\d+/;
passTests = [
origin,
"*",
" \t " + origin + "\t \t",
"\t \t* \t ",
];
failTests = [
"",
" ",
port.test(origin) ? origin.replace(port, "")
: origin + ":1234",
port.test(origin) ? origin.replace(port, ":")
: origin + ":",
origin + ".",
origin + "/",
origin + "#",
origin + "?",
origin + "\\",
origin + "%",
origin + "@",
origin + "/hello",
"foo:bar@" + origin,
"* " + origin,
origin + " " + origin,
"allow <" + origin + ">",
"<" + origin + ">",
"<*>",
origin.substr(0, 5) == "https" ? origin.replace("https", "http")
: origin.replace("http", "https"),
origin.replace("://", "://www."),
origin.replace("://", ":// "),
origin.replace(/\/[^.]+\./, "/"),
];
if (isNullOrigin) {
passTests = ["*", "\t \t* \t ", "null"];
failTests = failTests.filter(function(v) { return v != origin });
}
for (allowOrigin of passTests) {
req = {
url: baseURL +
"allowOrigin=" + escape(allowOrigin) +
"&origin=" + escape(origin),
method: "GET",
};
loaderWindow.postMessage(JSON.stringify(req), isNullOrigin ? "*" : origin);
res = JSON.parse(yield);
is(res.didFail, false, "shouldn't have failed for " + allowOrigin);
is(res.status, 200, "wrong status for " + allowOrigin);
is(res.statusText, "OK", "wrong status text for " + allowOrigin);
is(res.responseXML,
"<res>hello pass</res>",
"wrong responseXML in test for " + allowOrigin);
is(res.responseText, "<res>hello pass</res>\n",
"wrong responseText in test for " + allowOrigin);
is(res.events.join(","),
"opening,rs1,sending,loadstart,rs2,rs3,rs4,load,loadend",
"wrong responseText in test for " + allowOrigin);
}
for (allowOrigin of failTests) {
req = {
url: baseURL + "allowOrigin=" + escape(allowOrigin),
method: "GET",
};
loaderWindow.postMessage(JSON.stringify(req), isNullOrigin ? "*" : origin);
res = JSON.parse(yield);
is(res.didFail, true, "should have failed for " + allowOrigin);
is(res.responseText, "", "should have no text for " + allowOrigin);
is(res.status, 0, "should have no status for " + allowOrigin);
is(res.statusText, "", "wrong status text for " + allowOrigin);
is(res.responseXML, null, "should have no XML for " + allowOrigin);
is(res.events.join(","),
"opening,rs1,sending,loadstart,rs4,error,loadend",
"wrong events in test for " + allowOrigin);
is(res.progressEvents, 0,
"wrong events in test for " + allowOrigin);
}
}
SimpleTest.finish();
}
addLoadEvent(initTest);
</script>
</pre>
</body>
</html>