mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-30 05:35:31 +00:00
169 lines
5.2 KiB
HTML
169 lines
5.2 KiB
HTML
<!DOCTYPE HTML>
|
|
<html>
|
|
<head>
|
|
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=utf-8">
|
|
<title>Test for Cross Site XMLHttpRequest</title>
|
|
<script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
|
|
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
|
|
</head>
|
|
<body onload="gen.next()">
|
|
<p id="display">
|
|
<iframe id=loader></iframe>
|
|
</p>
|
|
<div id="content" style="display: none">
|
|
|
|
</div>
|
|
<pre id="test">
|
|
<script class="testbody" type="application/javascript;version=1.8">
|
|
|
|
SimpleTest.waitForExplicitFinish();
|
|
|
|
var origins =
|
|
[{ server: 'http://example.org' },
|
|
{ server: 'http://example.org:80',
|
|
origin: 'http://example.org'
|
|
},
|
|
{ server: 'http://sub1.test1.example.org' },
|
|
{ server: 'http://test2.example.org:8000' },
|
|
{ server: 'http://sub1.\xe4lt.example.org:8000',
|
|
origin: 'http://sub1.xn--lt-uia.example.org:8000'
|
|
},
|
|
{ server: 'http://sub2.\xe4lt.example.org',
|
|
origin: 'http://sub2.xn--lt-uia.example.org'
|
|
},
|
|
{ server: 'http://ex\xe4mple.test',
|
|
origin: 'http://xn--exmple-cua.test'
|
|
},
|
|
{ server: 'http://xn--exmple-cua.test' },
|
|
{ server: 'http://\u03c0\u03b1\u03c1\u03ac\u03b4\u03b5\u03b9\u03b3\u03bc\u03b1.\u03b4\u03bf\u03ba\u03b9\u03bc\u03ae',
|
|
origin: 'http://xn--hxajbheg2az3al.xn--jxalpdlp'
|
|
},
|
|
{ origin: 'http://example.org',
|
|
file: 'jar:http://example.org/tests/content/base/test/file_CrossSiteXHR_inner.jar!/file_CrossSiteXHR_inner.html'
|
|
},
|
|
{ origin: 'null',
|
|
file: 'http://example.org/tests/content/base/test/file_CrossSiteXHR_inner_data.sjs'
|
|
},
|
|
];
|
|
|
|
//['https://example.com:443'],
|
|
//['https://sub1.test1.example.com:443'],
|
|
|
|
window.addEventListener("message", function(e) {
|
|
gen.send(e.data);
|
|
}, false);
|
|
|
|
gen = runTest();
|
|
|
|
function runTest() {
|
|
var loader = document.getElementById('loader');
|
|
var loaderWindow = loader.contentWindow;
|
|
loader.onload = function () { gen.next() };
|
|
|
|
// Test preflight-less requests
|
|
basePath = "/tests/content/base/test/file_CrossSiteXHR_server.sjs?"
|
|
baseURL = "http://mochi.test:8888" + basePath;
|
|
|
|
for (originEntry of origins) {
|
|
origin = originEntry.origin || originEntry.server;
|
|
|
|
loader.src = originEntry.file ||
|
|
(originEntry.server + "/tests/content/base/test/file_CrossSiteXHR_inner.html");
|
|
yield undefined;
|
|
|
|
var isNullOrigin = origin == "null";
|
|
|
|
port = /:\d+/;
|
|
passTests = [
|
|
origin,
|
|
"*",
|
|
" \t " + origin + "\t \t",
|
|
"\t \t* \t ",
|
|
];
|
|
failTests = [
|
|
"",
|
|
" ",
|
|
port.test(origin) ? origin.replace(port, "")
|
|
: origin + ":1234",
|
|
port.test(origin) ? origin.replace(port, ":")
|
|
: origin + ":",
|
|
origin + ".",
|
|
origin + "/",
|
|
origin + "#",
|
|
origin + "?",
|
|
origin + "\\",
|
|
origin + "%",
|
|
origin + "@",
|
|
origin + "/hello",
|
|
"foo:bar@" + origin,
|
|
"* " + origin,
|
|
origin + " " + origin,
|
|
"allow <" + origin + ">",
|
|
"<" + origin + ">",
|
|
"<*>",
|
|
origin.substr(0, 5) == "https" ? origin.replace("https", "http")
|
|
: origin.replace("http", "https"),
|
|
origin.replace("://", "://www."),
|
|
origin.replace("://", ":// "),
|
|
origin.replace(/\/[^.]+\./, "/"),
|
|
];
|
|
|
|
if (isNullOrigin) {
|
|
passTests = ["*", "\t \t* \t ", "null"];
|
|
failTests = failTests.filter(function(v) { return v != origin });
|
|
}
|
|
|
|
for (allowOrigin of passTests) {
|
|
req = {
|
|
url: baseURL +
|
|
"allowOrigin=" + escape(allowOrigin) +
|
|
"&origin=" + escape(origin),
|
|
method: "GET",
|
|
};
|
|
loaderWindow.postMessage(req.toSource(), isNullOrigin ? "*" : origin);
|
|
|
|
res = eval(yield);
|
|
is(res.didFail, false, "shouldn't have failed for " + allowOrigin);
|
|
is(res.status, 200, "wrong status for " + allowOrigin);
|
|
is(res.statusText, "OK", "wrong status text for " + allowOrigin);
|
|
is(res.responseXML,
|
|
"<res>hello pass</res>",
|
|
"wrong responseXML in test for " + allowOrigin);
|
|
is(res.responseText, "<res>hello pass</res>\n",
|
|
"wrong responseText in test for " + allowOrigin);
|
|
is(res.events.join(","),
|
|
"opening,rs1,sending,loadstart,rs2,rs3,rs4,load,loadend",
|
|
"wrong responseText in test for " + allowOrigin);
|
|
}
|
|
|
|
for (allowOrigin of failTests) {
|
|
req = {
|
|
url: baseURL + "allowOrigin=" + escape(allowOrigin),
|
|
method: "GET",
|
|
};
|
|
loaderWindow.postMessage(req.toSource(), isNullOrigin ? "*" : origin);
|
|
|
|
res = eval(yield);
|
|
is(res.didFail, true, "should have failed for " + allowOrigin);
|
|
is(res.responseText, "", "should have no text for " + allowOrigin);
|
|
is(res.status, 0, "should have no status for " + allowOrigin);
|
|
is(res.statusText, "", "wrong status text for " + allowOrigin);
|
|
is(res.responseXML, null, "should have no XML for " + allowOrigin);
|
|
is(res.events.join(","),
|
|
"opening,rs1,sending,loadstart,rs2,rs4,error,loadend",
|
|
"wrong events in test for " + allowOrigin);
|
|
is(res.progressEvents, 0,
|
|
"wrong events in test for " + allowOrigin);
|
|
}
|
|
}
|
|
|
|
SimpleTest.finish();
|
|
|
|
yield undefined;
|
|
}
|
|
|
|
</script>
|
|
</pre>
|
|
</body>
|
|
</html>
|