File: request-headers.htm

package info (click to toggle)
firefox-esr 68.10.0esr-1~deb9u1
  • links: PTS, VCS
  • area: main
  • in suites: stretch
  • size: 3,143,932 kB
  • sloc: cpp: 5,227,879; javascript: 4,315,531; ansic: 2,467,042; python: 794,975; java: 349,993; asm: 232,034; xml: 228,320; sh: 82,008; lisp: 41,202; makefile: 22,347; perl: 15,555; objc: 5,277; cs: 4,725; yacc: 1,778; ada: 1,681; pascal: 1,673; lex: 1,417; exp: 527; php: 436; ruby: 225; awk: 162; sed: 53; csh: 44
file content (80 lines) | stat: -rw-r--r-- 2,912 bytes parent folder | download | duplicates (4) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
 
<!DOCTYPE html>
<meta charset=utf-8>
<title>CORS - request headers - Access-Control-Allow-Headers</title>
<meta name=author title="Odin Hørthe Omdal" href="mailto:odiho@opera.com">

<script src=/resources/testharness.js></script>
<script src=/resources/testharnessreport.js></script>
<script src=support.js?pipe=sub></script>

<h1>Request headers</h1>
<div id=log></div>
<script>

/*
 * Request Headers
 */

test(function() {
    var client = new XMLHttpRequest()
    client.open('GET', CROSSDOMAIN + 'resources/cors-makeheader.py?headers=x-print', false)
    client.setRequestHeader('x-print', 'unicorn')
    client.send(null)

    res = JSON.parse(client.response)
    assert_equals(res['x-print'], 'unicorn')
}, 'basic request header')

test(function() {
    var client = new XMLHttpRequest()
    client.open('GET', CROSSDOMAIN + 'resources/cors-makeheader.py?headers=x-print,', false)
    client.setRequestHeader('x-print', 'unicorn')
    client.setRequestHeader('content-type', 'text/plain')
    client.setRequestHeader('accept', 'test')
    client.setRequestHeader('accept-language', 'nn')
    client.setRequestHeader('content-language', 'nn')
    client.send(null)

    res = JSON.parse(client.response)
    assert_equals(res['x-print'], 'unicorn')
    assert_equals(res['content-type'], 'text/plain')
    assert_equals(res['accept'], 'test')
    assert_equals(res['accept-language'], 'nn')
    assert_equals(res['content-language'], 'nn')
}, 'Simple request headers need not be in allow-headers')

test(function() {
    var client = new XMLHttpRequest()
    client.open('GET', CROSSDOMAIN + 'resources/cors-makeheader.py?headers=x-print', false)
    client.setRequestHeader('x-print', 'unicorn')
    client.setRequestHeader('y-print', 'unicorn')
    assert_throws("NetworkError", function() { client.send(null) })
}, 'Unspecified request headers are disallowed')

test(function() {
    var client = new XMLHttpRequest()
    client.open('GET', CROSSDOMAIN + 'resources/cors-makeheader.py?headers=,y-lol,x-PriNT,%20,,,Y-PRINT', false)
    client.setRequestHeader('x-print', 'unicorn')
    client.setRequestHeader('y-print', 'narwhal')
    client.send(null)

    res = JSON.parse(client.response)
    assert_equals(res['x-print'], 'unicorn')
    assert_equals(res['y-print'], 'narwhal')
}, 'Strange allowheaders (case insensitive)')

test(function() {
    var client = new XMLHttpRequest()
    assert_throws('INVALID_STATE_ERR', function() { client.setRequestHeader('x-print', 'unicorn') })
},
'INVALID_STATE_ERR on setRequestHeader before open()')

test(function() {
    var client = new XMLHttpRequest()
    client.open('GET', CROSSDOMAIN + 'resources/cors-makeheader.py?headers=,y-lol,x-PriNT,%20,,,Y-PRINT', false)
    client.send()
    assert_throws('INVALID_STATE_ERR', function() { client.setRequestHeader('x-print', 'unicorn') })
},
'INVALID_STATE_ERR on setRequestHeader after send()')

</script>