Bug 1260515. Start allowing sync XHR with credentials in window scopes again, since no one except for us bothered to implement the spec. r=smaug

This commit is contained in:
Boris Zbarsky 2016-05-04 20:41:32 -04:00
parent b7c851c9c2
commit 6205a2679f
5 changed files with 9 additions and 33 deletions

View File

@ -1508,15 +1508,11 @@ nsXMLHttpRequest::Open(const nsACString& inMethod, const nsACString& url,
return rv;
}
// sync request is not allowed using withCredential or responseType
// sync request is not allowed to use responseType or timeout
// in window context
if (!async && HasOrHasHadOwner() &&
(mState & XML_HTTP_REQUEST_AC_WITH_CREDENTIALS ||
mTimeoutMilliseconds ||
(mTimeoutMilliseconds ||
mResponseType != XML_HTTP_RESPONSE_TYPE_DEFAULT)) {
if (mState & XML_HTTP_REQUEST_AC_WITH_CREDENTIALS) {
LogMessage("WithCredentialsSyncXHRWarning", GetOwner());
}
if (mTimeoutMilliseconds) {
LogMessage("TimeoutSyncXHRWarning", GetOwner());
}
@ -3205,14 +3201,6 @@ nsXMLHttpRequest::SetWithCredentials(bool aWithCredentials, ErrorResult& aRv)
return;
}
// sync request is not allowed setting withCredentials in window context
if (HasOrHasHadOwner() &&
!(mState & (XML_HTTP_REQUEST_UNSENT | XML_HTTP_REQUEST_ASYNC))) {
LogMessage("WithCredentialsSyncXHRWarning", GetOwner());
aRv.Throw(NS_ERROR_DOM_INVALID_ACCESS_ERR);
return;
}
if (aWithCredentials) {
mState |= XML_HTTP_REQUEST_AC_WITH_CREDENTIALS;
} else {

View File

@ -18,15 +18,11 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=814050
<pre id="test">
<script type="application/javascript">
/** Test for Bug 814050 **/
/** Test for Bug 814050, but modified now that the spec has changed **/
var xhr = new XMLHttpRequest();
xhr.open("GET", "", false);
try {
xhr.withCredentials = true;
ok(false, "Should throw on withCredentials sets for sync XHR");
} catch (e) {
ok(true, "Should throw on withCredentials sets for sync XHR");
}
xhr.withCredentials = true;
ok(true, "Should not throw on withCredentials sets for sync XHR");
var xhr = new XMLHttpRequest();
xhr.open("GET", "", true);

View File

@ -79,7 +79,6 @@ FocusedWindowedPluginWhileFullscreen=Exited fullscreen because windowed plugin w
HTMLSyncXHRWarning=HTML parsing in XMLHttpRequest is not supported in the synchronous mode.
InvalidRedirectChannelWarning=Unable to redirect to %S because the channel doesnt implement nsIWritablePropertyBag2.
ResponseTypeSyncXHRWarning=Use of XMLHttpRequests responseType attribute is no longer supported in the synchronous mode in window context.
WithCredentialsSyncXHRWarning=Use of XMLHttpRequests withCredentials attribute is no longer supported in the synchronous mode in window context.
TimeoutSyncXHRWarning=Use of XMLHttpRequests timeout attribute is not supported in the synchronous mode in window context.
JSONCharsetWarning=An attempt was made to declare a non-UTF-8 encoding for JSON retrieved using XMLHttpRequest. Only UTF-8 is supported for decoding JSON.
# LOCALIZATION NOTE: Do not translate AudioBufferSourceNode

View File

@ -16,15 +16,8 @@ function test_withCredentials(worker) {
test(function() {
var client = new XMLHttpRequest()
client.open("GET", "resources/delay.py?ms=1000", false)
if (worker) {
client.withCredentials = true
assert_true(client.withCredentials, "set in OPEN state")
} else {
assert_throws("InvalidAccessError", function() {
client.withCredentials = true
})
assert_false(client.withCredentials, "set in OPEN state")
}
client.withCredentials = true
assert_true(client.withCredentials, "set in OPEN state")
}, "setting on synchronous XHR")
async_test(function() {

View File

@ -20,8 +20,8 @@ var url = CROSSDOMAIN + 'resources/cors-cookie.py?ident='
test(function () {
var client = new XMLHttpRequest()
client.open('GET', CROSSDOMAIN, false)
assert_throws(null, function() { client.withCredentials = true; }, 'setting withCredentials')
}, 'Setting withCredentials on a sync XHR object should throw')
client.withCredentials = true;
}, 'Setting withCredentials on a sync XHR object should not throw')
async_test(function () {
var id = new Date().getTime() + '_1',