From d8bbc7858622b6d9c278469aab701ca0b609cddf Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Wed, 15 May 2024 05:35:49 +0200 Subject: Merging upstream version 126.0. Signed-off-by: Daniel Baumann --- .../tests/browser_default_credentialless_fetch.js | 46 ++++++++++++++++++++++ 1 file changed, 46 insertions(+) create mode 100644 dom/fetch/tests/browser_default_credentialless_fetch.js (limited to 'dom/fetch/tests/browser_default_credentialless_fetch.js') diff --git a/dom/fetch/tests/browser_default_credentialless_fetch.js b/dom/fetch/tests/browser_default_credentialless_fetch.js new file mode 100644 index 0000000000..1c7e820d5f --- /dev/null +++ b/dom/fetch/tests/browser_default_credentialless_fetch.js @@ -0,0 +1,46 @@ +/* Any copyright is dedicated to the Public Domain. + https://creativecommons.org/publicdomain/zero/1.0/ */ + +"use strict"; + +const RESOURCE_URL = + getRootDirectory(gTestPath).replace( + "chrome://mochitests/content", + "https://example.com" + ) + "store_header.sjs"; + +add_task(async function test_fetch_defaults_to_credentialless() { + // Ensure cookie is set up: + let expiry = Date.now() / 1000 + 24 * 60 * 60; + Services.cookies.add( + "example.com", + "/", + "foo", + "bar", + false, + false, + false, + expiry, + {}, + Ci.nsICookie.SAMESITE_NONE, + Ci.nsICookie.SCHEME_HTTPS + ); + + // Explicitly send cookie header by using `same-origin` in the init dict, to + // ensure cookies are stored correctly and can be sent. + await fetch(RESOURCE_URL + "?checkheader", { credentials: "same-origin" }); + + Assert.equal( + await fetch(RESOURCE_URL + "?getstate").then(r => r.text()), + "hasCookie", + "Should have cookie when explicitly passing credentials info in 'checkheader' request." + ); + + // Check the default behaviour. + await fetch(RESOURCE_URL + "?checkheader"); + Assert.equal( + await fetch(RESOURCE_URL + "?getstate").then(r => r.text()), + "noCookie", + "Should not have cookie in the default case (no explicit credentials mode) for chrome privileged requests." + ); +}); -- cgit v1.2.3