1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
|
<!DOCTYPE html>
<meta charset=utf-8>
<title>CORS and Client Hints</title>
<script src=/resources/testharness.js></script>
<script src=/resources/testharnessreport.js></script>
<script src=support.js?pipe=sub></script>
<h1>Request headers</h1>
<div id=log></div>
<script>
test(function() {
var client = new XMLHttpRequest()
client.open('GET', CROSSDOMAIN + 'resources/cors-makeheader.py?headers=x-print', false)
client.setRequestHeader('x-print', 'unicorn')
client.setRequestHeader('y-print', 'unicorn')
assert_throws_dom("NetworkError", function() { client.send(null) })
}, 'Unspecified request headers are disallowed')
test(function() {
var client = new XMLHttpRequest()
client.open('GET', CROSSDOMAIN + 'resources/cors-makeheader.py?headers=x-print', false)
client.setRequestHeader('device-memory', '')
assert_throws_dom("NetworkError", function() { client.send(null) })
}, 'Unextractable device-memory client hint header is disallowed')
test(function() {
var client = new XMLHttpRequest()
client.open('GET', CROSSDOMAIN + 'resources/cors-makeheader.py?headers=x-print', false)
client.setRequestHeader('dpr', '')
assert_throws_dom("NetworkError", function() { client.send(null) })
}, 'Unextractable DPR client hint header is disallowed')
test(function() {
var client = new XMLHttpRequest()
client.open('GET', CROSSDOMAIN + 'resources/cors-makeheader.py?headers=x-print', false)
client.setRequestHeader('width', '')
assert_throws_dom("NetworkError", function() { client.send(null) })
}, 'Unextractable width client hint header is disallowed')
test(function() {
var client = new XMLHttpRequest()
client.open('GET', CROSSDOMAIN + 'resources/cors-makeheader.py?headers=x-print', false)
client.setRequestHeader('viewport-width', '')
assert_throws_dom("NetworkError", function() { client.send(null) })
}, 'Unextractable viewport-width client hint header is disallowed')
test(function() {
var client = new XMLHttpRequest()
client.open('GET', CROSSDOMAIN + 'resources/cors-makeheader.py?headers=x-print', false)
client.setRequestHeader('rtt', '')
assert_throws_dom("NetworkError", function() { client.send(null) })
client = new XMLHttpRequest()
client.open('GET', CROSSDOMAIN + 'resources/cors-makeheader.py?headers=x-print', false)
client.setRequestHeader('rtt', '-1')
assert_throws_dom("NetworkError", function() { client.send(null) })
}, 'Test invalid rtt value is disallowed')
test(function() {
var client = new XMLHttpRequest()
client.open('GET', CROSSDOMAIN + 'resources/cors-makeheader.py?headers=x-print', false)
client.setRequestHeader('downlink', '')
assert_throws_dom("NetworkError", function() { client.send(null) })
client = new XMLHttpRequest()
client.open('GET', CROSSDOMAIN + 'resources/cors-makeheader.py?headers=x-print', false)
client.setRequestHeader('downlink', '-1.0')
assert_throws_dom("NetworkError", function() { client.send(null) })
}, 'Test invalid downlink value is disallowed')
test(function() {
var client = new XMLHttpRequest()
client.open('GET', CROSSDOMAIN + 'resources/cors-makeheader.py?headers=x-print', false)
client.setRequestHeader('ect', '')
assert_throws_dom("NetworkError", function() { client.send(null) })
client = new XMLHttpRequest()
client.open('GET', CROSSDOMAIN + 'resources/cors-makeheader.py?headers=x-print', false)
client.setRequestHeader('ect', '6g')
assert_throws_dom("NetworkError", function() { client.send(null) })
}, 'Test invalid ect value is disallowed')
</script>
|
