File: access-control-and-redirects.htm

package info (click to toggle)
firefox-esr 68.10.0esr-1~deb9u1
  • links: PTS, VCS
  • area: main
  • in suites: stretch
  • size: 3,143,932 kB
  • sloc: cpp: 5,227,879; javascript: 4,315,531; ansic: 2,467,042; python: 794,975; java: 349,993; asm: 232,034; xml: 228,320; sh: 82,008; lisp: 41,202; makefile: 22,347; perl: 15,555; objc: 5,277; cs: 4,725; yacc: 1,778; ada: 1,681; pascal: 1,673; lex: 1,417; exp: 527; php: 436; ruby: 225; awk: 162; sed: 53; csh: 44
file content (60 lines) | stat: -rw-r--r-- 2,560 bytes parent folder | download | duplicates (4) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
 
<!DOCTYPE html>
<html>
  <head>
    <title>Tests that redirects between origins are allowed when access control is involved.</title>
    <script src="/resources/testharness.js"></script>
    <script src="/resources/testharnessreport.js"></script>
    <script src="/common/get-host-info.sub.js"></script>
  </head>
  <body>
    <script>
    function runSync(test, url)
    {
      const xhr = new XMLHttpRequest();
      xhr.open("GET", url, false);
      xhr.send();
      assert_equals(xhr.responseText, "PASS: Cross-domain access allowed.");
      test.done();
    }
    function runAsync(test, url)
    {
      const xhr = new XMLHttpRequest();
      xhr.open("GET", url, true);
      xhr.onload = test.step_func_done(function() {
        assert_equals(xhr.responseText, "PASS: Cross-domain access allowed.");
      });
      xhr.onerror = test.unreached_func("Network error");
      xhr.send();
      test.done();
    }
    test(t => {
      runSync(t, "resources/redirect-cors.py?location=" + get_host_info().HTTP_REMOTE_ORIGIN +
          "/xhr/resources/access-control-basic-allow.py")
    }, "Local sync redirect to remote origin");
    async_test(t => {
      runAsync(t, "resources/redirect-cors.py?location=" + get_host_info().HTTP_REMOTE_ORIGIN +
          "/xhr/resources/access-control-basic-allow.py")
    }, "Local async redirect to remote origin");
    test(t => {
      runSync(t, get_host_info().HTTP_REMOTE_ORIGIN +
          "/xhr/resources/redirect-cors.py?location=" + get_host_info().HTTP_ORIGIN +
          "/xhr/resources/access-control-basic-allow.py&allow_origin=true")
    }, "Remote sync redirect to local origin");
    async_test(t => {
      runAsync(t, get_host_info().HTTP_REMOTE_ORIGIN +
          "/xhr/resources/redirect-cors.py?location=" + get_host_info().HTTP_ORIGIN +
          "/xhr/resources/access-control-basic-allow.py&allow_origin=true")
    }, "Remote async redirect to local origin");
    test(t => {
      runSync(t, get_host_info().HTTP_REMOTE_ORIGIN +
          "/xhr/resources/redirect-cors.py?location=" + get_host_info().HTTP_REMOTE_ORIGIN +
          "/xhr/resources/access-control-basic-allow.py&allow_origin=true")
    }, "Remote sync redirect to same remote origin");
    async_test(t => {
      runAsync(t, get_host_info().HTTP_REMOTE_ORIGIN +
          "/xhr/resources/redirect-cors.py?location=" + get_host_info().HTTP_REMOTE_ORIGIN +
          "/xhr/resources/access-control-basic-allow.py&allow_origin=true")
    }, "Remote async redirect to same remote origin");
    </script>
  </body>
</html>