diff options
Diffstat (limited to 'test/wpt/tests/xhr/send-redirect-to-cors.htm')
-rw-r--r-- | test/wpt/tests/xhr/send-redirect-to-cors.htm | 92 |
1 files changed, 92 insertions, 0 deletions
diff --git a/test/wpt/tests/xhr/send-redirect-to-cors.htm b/test/wpt/tests/xhr/send-redirect-to-cors.htm new file mode 100644 index 0000000..54d7eb5 --- /dev/null +++ b/test/wpt/tests/xhr/send-redirect-to-cors.htm @@ -0,0 +1,92 @@ +<!doctype html> +<html> + <head> + <title>XMLHttpRequest: send() - Redirect to CORS-enabled resource</title> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + </head> + <body> + <div id="log"></div> + <script> + function extractBody(body) { + if (body === null) { + return { body: "", type: "NO" }; + } + if (typeof body === "string") { + return { body: body, type: "text/plain;charset=UTF-8" }; + } + if (body instanceof Uint8Array) { + const arr = Array.prototype.slice.call(body); + return { body: String.fromCharCode.apply(null, arr), type: "NO" } + } + return { body: "EXTRACT NOT IMPLEMENTED", type: "EXTRACT NOT IMPLEMENTED" } + } + + function redirect(code, name = code, method = "GET", body = null, explicitType = null, safelistContentType = false) { + async_test(t => { + let { body: expectedBody, type: expectedType } = extractBody(body); + if (explicitType !== null) { + expectedType = explicitType; + } + let expectedMethod = method; + if (((code === "301" || code === "302") && method === "POST") || (code === "303" && method !== "GET" && method !== "HEAD")) { + expectedMethod = "GET"; + expectedBody = ""; + expectedType = "NO"; + } + const client = new XMLHttpRequest(); + client.onreadystatechange = t.step_func(() => { + if (client.readyState === 4) { + if ((expectedMethod === "GET" && expectedType === "NO") || explicitType !== "application/x-pony" || safelistContentType) { + assert_equals(client.status, 200); + assert_equals(client.getResponseHeader("x-request-method"), expectedMethod); + assert_equals(client.getResponseHeader("x-request-content-type"), expectedType); + assert_equals(client.getResponseHeader("x-request-data"), expectedBody); + } else { + // "application/x-pony" is not safelisted by corsenabled.py -> network error + assert_equals(client.status, 0); + assert_equals(client.statusText, ""); + assert_equals(client.responseText, ""); + assert_equals(client.responseXML, null); + } + t.done(); + } + }); + let safelist = ""; + if (safelistContentType) { + safelist = "?safelist_content_type"; + } + client.open(method, "resources/redirect.py?location="+encodeURIComponent("http://www2."+location.host+(location.pathname.replace(/[^\/]+$/, ''))+'resources/corsenabled.py')+safelist+"&code=" + code); + if (explicitType !== null) { + client.setRequestHeader("Content-Type", explicitType); + } + client.send(body); + }, document.title + " (" + name + ")"); + } + // corsenabled.py safelists methods GET, POST, PUT, and FOO + redirect("301") + redirect("301", "301 GET with explicit Content-Type", "GET", null, "application/x-pony") + redirect("301", "301 GET with explicit Content-Type safelisted", "GET", null, "application/x-pony", true) + redirect("303", "303 GET with explicit Content-Type safelisted", "GET", null, "application/x-pony", true) + redirect("302") + redirect("303") + redirect("302", "302 FOO with string and explicit Content-Type safelisted", "FOO", "test", "application/x-pony", true) + redirect("303", "303 FOO with string and explicit Content-Type safelisted", "FOO", "test", "application/x-pony", true) + redirect("307") + redirect("307", "307 post with null", "POST", null) + redirect("307", "307 post with string", "POST", "hello") + redirect("307", "307 post with typed array", "POST", new Uint8Array([65, 66, 67])) + redirect("301", "301 POST with string and explicit Content-Type", "POST", "yoyo", "application/x-pony") + redirect("301", "301 POST with string and explicit Content-Type safelisted", "POST", "yoyo", "application/x-pony", true) + redirect("302", "302 POST with string and explicit Content-Type", "POST", "yoyo", "application/x-pony") + redirect("307", "307 POST with string and explicit Content-Type", "POST", "yoyo", "application/x-pony") + redirect("307", "307 FOO with string and explicit Content-Type", "FOO", "yoyo", "application/x-pony") + redirect("308", "308 POST with string and explicit Content-Type", "POST", "yoyo", "application/x-pony") + redirect("308", "308 FOO with string and explicit Content-Type", "FOO", "yoyo", "application/x-pony") + redirect("308", "308 FOO with string and explicit Content-Type text/plain", "FOO", "yoyo", "text/plain") + redirect("308", "308 FOO with string and explicit Content-Type multipart/form-data", "FOO", "yoyo", "multipart/form-data") + redirect("308", "308 FOO with string and explicit Content-Type safelisted", "FOO", "yoyo", "application/thunderstorm", true) + redirect("307", "307 POST with string and explicit Content-Type safelisted", "POST", "yoyo", "application/thunderstorm", true) + </script> + </body> +</html> |