File: fetch.any.js

package info (click to toggle)
thunderbird 1%3A140.4.0esr-1~deb13u1
  • links: PTS, VCS
  • area: main
  • in suites: trixie
  • size: 4,609,412 kB
  • sloc: cpp: 7,672,442; javascript: 5,901,613; ansic: 3,898,954; python: 1,413,343; xml: 653,997; asm: 462,286; java: 180,927; sh: 113,489; makefile: 20,460; perl: 14,288; objc: 13,059; yacc: 4,583; pascal: 3,352; lex: 1,720; ruby: 1,222; exp: 762; sql: 715; awk: 580; php: 436; lisp: 430; sed: 70; csh: 10
file content (76 lines) | stat: -rw-r--r-- 4,311 bytes parent folder | download | duplicates (27) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
 
// META: timeout=long
// META: global=window,dedicatedworker,sharedworker
// META: script=/common/get-host-info.sub.js

const host = get_host_info();
const path = "/fetch/cross-origin-resource-policy/";
const localBaseURL = host.HTTP_ORIGIN + path;
const sameSiteBaseURL = "http://" + host.ORIGINAL_HOST + ":" + host.HTTP_PORT2 + path;
const notSameSiteBaseURL = host.HTTP_NOTSAMESITE_ORIGIN + path;
const httpsBaseURL = host.HTTPS_ORIGIN + path;

promise_test(async () => {
    const response = await fetch("./resources/hello.py?corp=same-origin");
    assert_equals(await response.text(), "hello");
}, "Same-origin fetch with a 'Cross-Origin-Resource-Policy: same-origin' response header.");

promise_test(async () => {
    const response = await fetch("./resources/hello.py?corp=same-site");
    assert_equals(await response.text(), "hello");
}, "Same-origin fetch with a 'Cross-Origin-Resource-Policy: same-site' response header.");

promise_test(async (test) => {
    const response = await fetch(notSameSiteBaseURL + "resources/hello.py?corp=same-origin");
    assert_equals(await response.text(), "hello");
}, "Cross-origin cors fetch with a 'Cross-Origin-Resource-Policy: same-origin' response header.");

promise_test(async (test) => {
    const response = await fetch(notSameSiteBaseURL + "resources/hello.py?corp=same-site");
    assert_equals(await response.text(), "hello");
}, "Cross-origin cors fetch with a 'Cross-Origin-Resource-Policy: same-site' response header.");

promise_test((test) => {
    const remoteURL = notSameSiteBaseURL + "resources/hello.py?corp=same-origin";
    return promise_rejects_js(test, TypeError, fetch(remoteURL, { mode : "no-cors" }));
}, "Cross-origin no-cors fetch with a 'Cross-Origin-Resource-Policy: same-origin' response header.");

promise_test((test) => {
    const remoteURL = notSameSiteBaseURL + "resources/hello.py?corp=same-site";
    return promise_rejects_js(test, TypeError, fetch(remoteURL, { mode: "no-cors" }));
}, "Cross-origin no-cors fetch with a 'Cross-Origin-Resource-Policy: same-site' response header.");

promise_test((test) => {
    const remoteURL = httpsBaseURL + "resources/hello.py?corp=same-site";
    return promise_rejects_js(test, TypeError, fetch(remoteURL, { mode: "no-cors" }));
}, "Cross-scheme (HTTP to HTTPS) no-cors fetch to a same-site URL with a 'Cross-Origin-Resource-Policy: same-site' response header.");

promise_test((test) => {
    const remoteURL = httpsBaseURL + "resources/hello.py?corp=same-origin";
    return promise_rejects_js(test, TypeError, fetch(remoteURL, { mode : "no-cors" }));
}, "Cross-origin no-cors fetch to a same-site URL with a 'Cross-Origin-Resource-Policy: same-origin' response header.");

promise_test(async (test) => {
    const remoteSameSiteURL = sameSiteBaseURL + "resources/hello.py?corp=same-site";

    await fetch(remoteSameSiteURL, { mode: "no-cors" });

    return promise_rejects_js(test, TypeError, fetch(sameSiteBaseURL + "resources/hello.py?corp=same-origin", { mode: "no-cors" }));
}, "Valid cross-origin no-cors fetch with a 'Cross-Origin-Resource-Policy: same-site' response header.");

promise_test((test) => {
    const finalURL = notSameSiteBaseURL + "resources/hello.py?corp=same-origin";
    return promise_rejects_js(test, TypeError, fetch("resources/redirect.py?redirectTo=" + encodeURIComponent(finalURL), { mode: "no-cors" }));
}, "Cross-origin no-cors fetch with a 'Cross-Origin-Resource-Policy: same-origin' response header after a redirection.");

promise_test((test) => {
    const finalURL = localBaseURL + "resources/hello.py?corp=same-origin";
    return fetch(notSameSiteBaseURL + "resources/redirect.py?redirectTo=" + encodeURIComponent(finalURL), { mode: "no-cors" });
}, "Cross-origin no-cors fetch with a 'Cross-Origin-Resource-Policy: same-origin' response header after a cross-origin redirection.");

promise_test(async (test) => {
    const finalURL = localBaseURL + "resources/hello.py?corp=same-origin";

    await fetch(finalURL, { mode: "no-cors" });

    return promise_rejects_js(test, TypeError, fetch(notSameSiteBaseURL + "resources/redirect.py?corp=same-origin&redirectTo=" + encodeURIComponent(finalURL), { mode: "no-cors" }));
}, "Cross-origin no-cors fetch with a 'Cross-Origin-Resource-Policy: same-origin' redirect response header.");