Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(231)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: LayoutTests/http/tests/xmlhttprequest/access-control-and-redirects-async.html

Issue 9956108: Merge 112997 - REGRESSION (r112217): H&R Block tax site won't load (Closed) Base URL: http://svn.webkit.org/repository/webkit/branches/chromium/1084/
Patch Set: Created 8 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | LayoutTests/http/tests/xmlhttprequest/access-control-and-redirects-async-expected.txt » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: LayoutTests/http/tests/xmlhttprequest/access-control-and-redirects-async.html
===================================================================
--- LayoutTests/http/tests/xmlhttprequest/access-control-and-redirects-async.html (revision 113060)
+++ LayoutTests/http/tests/xmlhttprequest/access-control-and-redirects-async.html (working copy)
@@ -12,13 +12,13 @@
document.getElementById('console').appendChild(document.createTextNode(message + '\n'));
}
-function runTestAsync(url, forcePreflight, expectSuccess) {
+function runTestAsync(url, addCustomHeader, expectSuccess) {
log("Testing " + url);
log("Expecting success: " + expectSuccess);
xhr = new XMLHttpRequest();
xhr.open("GET", url, true);
- if (forcePreflight)
+ if (addCustomHeader)
xhr.setRequestHeader("x-webkit", "foo");
xhr.onload = function() {
@@ -32,8 +32,8 @@
xhr.send(null);
}
-var simple = false;
-var preflight = true;
+var noCustomHeader = false;
+var addCustomHeader = true;
var succeeds = true;
var fails = false;
@@ -41,59 +41,63 @@
// 1) Test simple same origin requests that receive cross origin redirects.
// Request receives a cross-origin redirect response without CORS headers. The redirect response fails the access check.
-["resources/redirect-cors.php?url=http://127.0.0.1:8000/xmlhttprequest/resources/access-control-basic-allow-star.cgi",
- simple, fails],
+["resources/redirect-cors.php?url=http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow-star.cgi",
+ noCustomHeader, fails],
// Request receives a cross-origin redirect response with CORS headers. The redirect response passes the access check,
// but the resource response fails its access check because the security origin is a globally unique identifier after
// the redirect and the same origin XHR has 'allowCredentials' true.
-["resources/redirect-cors.php?url=http://127.0.0.1:8000/xmlhttprequest/resources/access-control-basic-allow-star.cgi&\
+["resources/redirect-cors.php?url=http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow-star.cgi&\
access-control-allow-origin=http://localhost:8000&\
access-control-allow-credentials=true",
- simple, fails],
+ noCustomHeader, fails],
// Same as above, but to a less permissive resource that only allows the requesting origin.
-["resources/redirect-cors.php?url=http://127.0.0.1:8000/xmlhttprequest/resources/access-control-basic-allow.cgi&\
+["resources/redirect-cors.php?url=http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow.cgi&\
access-control-allow-origin=http://localhost:8000&\
access-control-allow-credentials=true",
- simple, fails],
+ noCustomHeader, fails],
// 2) Test simple cross origin requests that receive redirects.
// Receives a redirect response without CORS headers. The redirect response fails the access check.
-["http://127.0.0.1:8000/xmlhttprequest/resources/redirect-cors.php?url=http://127.0.0.1:8000/xmlhttprequest/resources/access-control-basic-allow-star.cgi",
- simple, fails],
+["http://localhost:8000/xmlhttprequest/resources/redirect-cors.php?url=http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow-star.cgi",
+ noCustomHeader, fails],
// Receives a redirect response with CORS headers. The redirect response passes the access check and the resource response
// passes the access check.
-["http://127.0.0.1:8000/xmlhttprequest/resources/redirect-cors.php?url=http://127.0.0.1:8000/xmlhttprequest/resources/access-control-basic-allow-star.cgi&\
+["http://localhost:8000/xmlhttprequest/resources/redirect-cors.php?url=http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow-star.cgi&\
access-control-allow-origin=http://localhost:8000",
- simple, succeeds],
+ noCustomHeader, succeeds],
// Receives a redirect response with a URL containing the userinfo production.
-["http://127.0.0.1:8000/xmlhttprequest/resources/redirect-cors.php?url=http://username:password@127.0.0.1:8000/xmlhttprequest/resources/access-control-basic-allow-star.cgi&\
+["http://localhost:8000/xmlhttprequest/resources/redirect-cors.php?url=http://username:password@localhost:8000/xmlhttprequest/resources/access-control-basic-allow-star.cgi&\
access-control-allow-origin=http://localhost:8000",
- simple, fails],
+ noCustomHeader, fails],
// Receives a redirect response with a URL with an unsupported scheme.
-["http://127.0.0.1:8000/xmlhttprequest/resources/redirect-cors.php?url=foo://bar.cgi&\
+["http://localhost:8000/xmlhttprequest/resources/redirect-cors.php?url=foo://bar.cgi&\
access-control-allow-origin=http://localhost:8000",
- simple, fails],
+ noCustomHeader, fails],
// 3) Test preflighted cross origin requests that receive redirects.
// Receives a redirect response to the preflight request and fails.
-["http://127.0.0.1:8000/xmlhttprequest/resources/redirect-cors.php?redirect-preflight=true&\
- url=http://127.0.0.1:8000/xmlhttprequest/resources/access-control-basic-allow-star.cgi&\
+["http://localhost:8000/xmlhttprequest/resources/redirect-cors.php?redirect-preflight=true&\
+ url=http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow-star.cgi&\
access-control-allow-origin=*",
- preflight, fails],
+ addCustomHeader, fails],
// Successful preflight and receives a redirect response to the actual request and fails.
-["http://127.0.0.1:8000/xmlhttprequest/resources/redirect-cors.php?redirect-preflight=false&\
- url=http://127.0.0.1:8000/xmlhttprequest/resources/access-control-basic-allow-star.cgi&\
+["http://localhost:8000/xmlhttprequest/resources/redirect-cors.php?redirect-preflight=false&\
+ url=http://localhost:8000/xmlhttprequest/resources/access-control-basic-allow-star.cgi&\
access-control-allow-origin=*&\
access-control-allow-headers=x-webkit",
- preflight, fails],
+ addCustomHeader, fails],
+
+// 4) Test same origin requests with a custom header that receive a same origin redirect.
+["resources/redirect-cors.php?url=http://127.0.0.1:8000/xmlhttprequest/resources/get.txt",
+ addCustomHeader, succeeds],
]
var currentTest = 0;
« no previous file with comments | « no previous file | LayoutTests/http/tests/xmlhttprequest/access-control-and-redirects-async-expected.txt » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698