mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-11-24 21:31:04 +00:00
Bug 1260515. Start allowing sync XHR with credentials in window scopes again, since no one except for us bothered to implement the spec. r=smaug
This commit is contained in:
parent
b7c851c9c2
commit
6205a2679f
@ -1508,15 +1508,11 @@ nsXMLHttpRequest::Open(const nsACString& inMethod, const nsACString& url,
|
||||
return rv;
|
||||
}
|
||||
|
||||
// sync request is not allowed using withCredential or responseType
|
||||
// sync request is not allowed to use responseType or timeout
|
||||
// in window context
|
||||
if (!async && HasOrHasHadOwner() &&
|
||||
(mState & XML_HTTP_REQUEST_AC_WITH_CREDENTIALS ||
|
||||
mTimeoutMilliseconds ||
|
||||
(mTimeoutMilliseconds ||
|
||||
mResponseType != XML_HTTP_RESPONSE_TYPE_DEFAULT)) {
|
||||
if (mState & XML_HTTP_REQUEST_AC_WITH_CREDENTIALS) {
|
||||
LogMessage("WithCredentialsSyncXHRWarning", GetOwner());
|
||||
}
|
||||
if (mTimeoutMilliseconds) {
|
||||
LogMessage("TimeoutSyncXHRWarning", GetOwner());
|
||||
}
|
||||
@ -3205,14 +3201,6 @@ nsXMLHttpRequest::SetWithCredentials(bool aWithCredentials, ErrorResult& aRv)
|
||||
return;
|
||||
}
|
||||
|
||||
// sync request is not allowed setting withCredentials in window context
|
||||
if (HasOrHasHadOwner() &&
|
||||
!(mState & (XML_HTTP_REQUEST_UNSENT | XML_HTTP_REQUEST_ASYNC))) {
|
||||
LogMessage("WithCredentialsSyncXHRWarning", GetOwner());
|
||||
aRv.Throw(NS_ERROR_DOM_INVALID_ACCESS_ERR);
|
||||
return;
|
||||
}
|
||||
|
||||
if (aWithCredentials) {
|
||||
mState |= XML_HTTP_REQUEST_AC_WITH_CREDENTIALS;
|
||||
} else {
|
||||
|
@ -18,15 +18,11 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=814050
|
||||
<pre id="test">
|
||||
<script type="application/javascript">
|
||||
|
||||
/** Test for Bug 814050 **/
|
||||
/** Test for Bug 814050, but modified now that the spec has changed **/
|
||||
var xhr = new XMLHttpRequest();
|
||||
xhr.open("GET", "", false);
|
||||
try {
|
||||
xhr.withCredentials = true;
|
||||
ok(false, "Should throw on withCredentials sets for sync XHR");
|
||||
} catch (e) {
|
||||
ok(true, "Should throw on withCredentials sets for sync XHR");
|
||||
}
|
||||
xhr.withCredentials = true;
|
||||
ok(true, "Should not throw on withCredentials sets for sync XHR");
|
||||
|
||||
var xhr = new XMLHttpRequest();
|
||||
xhr.open("GET", "", true);
|
||||
|
@ -79,7 +79,6 @@ FocusedWindowedPluginWhileFullscreen=Exited fullscreen because windowed plugin w
|
||||
HTMLSyncXHRWarning=HTML parsing in XMLHttpRequest is not supported in the synchronous mode.
|
||||
InvalidRedirectChannelWarning=Unable to redirect to %S because the channel doesn’t implement nsIWritablePropertyBag2.
|
||||
ResponseTypeSyncXHRWarning=Use of XMLHttpRequest’s responseType attribute is no longer supported in the synchronous mode in window context.
|
||||
WithCredentialsSyncXHRWarning=Use of XMLHttpRequest’s withCredentials attribute is no longer supported in the synchronous mode in window context.
|
||||
TimeoutSyncXHRWarning=Use of XMLHttpRequest’s timeout attribute is not supported in the synchronous mode in window context.
|
||||
JSONCharsetWarning=An attempt was made to declare a non-UTF-8 encoding for JSON retrieved using XMLHttpRequest. Only UTF-8 is supported for decoding JSON.
|
||||
# LOCALIZATION NOTE: Do not translate AudioBufferSourceNode
|
||||
|
@ -16,15 +16,8 @@ function test_withCredentials(worker) {
|
||||
test(function() {
|
||||
var client = new XMLHttpRequest()
|
||||
client.open("GET", "resources/delay.py?ms=1000", false)
|
||||
if (worker) {
|
||||
client.withCredentials = true
|
||||
assert_true(client.withCredentials, "set in OPEN state")
|
||||
} else {
|
||||
assert_throws("InvalidAccessError", function() {
|
||||
client.withCredentials = true
|
||||
})
|
||||
assert_false(client.withCredentials, "set in OPEN state")
|
||||
}
|
||||
client.withCredentials = true
|
||||
assert_true(client.withCredentials, "set in OPEN state")
|
||||
}, "setting on synchronous XHR")
|
||||
|
||||
async_test(function() {
|
||||
|
@ -20,8 +20,8 @@ var url = CROSSDOMAIN + 'resources/cors-cookie.py?ident='
|
||||
test(function () {
|
||||
var client = new XMLHttpRequest()
|
||||
client.open('GET', CROSSDOMAIN, false)
|
||||
assert_throws(null, function() { client.withCredentials = true; }, 'setting withCredentials')
|
||||
}, 'Setting withCredentials on a sync XHR object should throw')
|
||||
client.withCredentials = true;
|
||||
}, 'Setting withCredentials on a sync XHR object should not throw')
|
||||
|
||||
async_test(function () {
|
||||
var id = new Date().getTime() + '_1',
|
||||
|
Loading…
Reference in New Issue
Block a user