// META: script=/common/get-host-info.sub.js

const crossOriginURL = get_host_info().HTTP_REMOTE_ORIGIN + "/fetch/cross-origin-resource-policy/resources/hello.py?corp=";

[
  "same",
  "same, same-origin",
  "SAME-ORIGIN",
  "Same-Origin",
  "same-origin, <>",
  "same-origin, same-origin",
  "https://www.example.com",  // See https://github.com/whatwg/fetch/issues/760
].forEach(incorrectHeaderValue => {
  // Note: an incorrect value results in a successful load, so this test is only meaningful in
  // implementations with support for the header.
  promise_test(t => {
    return fetch(crossOriginURL + encodeURIComponent(incorrectHeaderValue), { mode: "no-cors" });
  }, "Parsing Cross-Origin-Resource-Policy: " + incorrectHeaderValue);
});