1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
|
<!DOCTYPE html>
<head>
<meta charset="utf-8" />
<meta name="timeout" content="long">
<title>This test validates the response status of resources.</title>
<link rel="help" href="https://www.w3.org/TR/resource-timing-2/#sec-performanceresourcetiming"/>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="resources/entry-invariants.js"></script>
<script src="resources/resource-loaders.js"></script>
<script src="/common/get-host-info.sub.js"></script>
</head>
<body>
<script>
const {ORIGIN, REMOTE_ORIGIN} = get_host_info();
const SAME_ORIGIN = location.origin;
const status_codes = [
200, 203,
400, 401, 403, 404,
500, 501, 502, 503,
];
const load_image_object = async path => {
return load.object(path, "image/png");
}
const load_null_object = async path => {
return load.object(path, null);
}
// Response status for same origin resources is exposed.
for(const loader of [
load.font,
load.image,
load.script,
load.stylesheet,
load.xhr_sync,
load.xhr_async,
load.iframe,
load_image_object,
load_null_object
]) {
for(const status of status_codes) {
let path = (loader == load.font) ? '/fonts/pass.woff' :
'/resource-timing/resources/empty.js';
path += `?pipe=status(${status})`;
attribute_test(
loader, new URL(path, ORIGIN),
entry => {
assert_equals(entry.responseStatus, status,
`response status for ${entry.name} should be ${status}`);
}
);
}
}
// Response status is exposed for CORS requests for cross-origin resources.
for(const loader of [
load.image_with_attrs,
load.script_with_attrs,
load.stylesheet_with_attrs
]) {
for(const status of status_codes) {
const path = `/resource-timing/resources/empty.js?pipe=status(${status})`
+ `|header(access-control-allow-origin, ${ORIGIN})`;
loader_with_crossOrigin_attr = async url => {
return loader(url, {"crossOrigin": "anonymous"});
}
attribute_test(
loader_with_crossOrigin_attr, new URL(path, REMOTE_ORIGIN),
entry => {
assert_equals(entry.responseStatus, status,
`response status for ${entry.name} should be ${status}`);
}
);
}
}
// Response status is 0 when a no-cors request is made for cross origin
// fonts, images, scripts, stylesheets.
// Response status is 0 when request's mode is "navigate" and response's
// URL's origin is not same origin with request's origin. So response
// status is not exposed for cross origin iframes.
for(const loader of [
load.font,
load.image,
load.script,
load.stylesheet,
load.iframe,
load_image_object,
load_null_object
]) {
for(const tao of [false, true]) {
for(const status of status_codes) {
let path = (loader == load.font) ? '/fonts/pass.woff' :
'/resource-timing/resources/empty.js';
path += `?pipe=status(${status})`;
if (tao) {
path += `|header(timing-allow-origin, *)`;
}
attribute_test(
loader, new URL(path, REMOTE_ORIGIN),
entry => {
assert_equals(entry.responseStatus, 0,
`response status for ${entry.name} should be 0`);
}
);
}
}
}
// Response status for iframes is 0 when cross origin redirects are present
// Same-Origin => Cross-Origin => Same-Origin => Same-Origin redirect chain
for(const loader of [
load.iframe,
load_null_object
]) {
for(const status of status_codes) {
const destUrl =
`${SAME_ORIGIN}/resource-timing/resources/multi_redirect.py` +
`?page_origin=${SAME_ORIGIN}` +
`&cross_origin=${REMOTE_ORIGIN}` +
`&final_resource=` +
`/resource-timing/resources/empty.js?pipe=status(${status})`;
attribute_test(
loader, new URL(destUrl),
entry => {
assert_equals(entry.responseStatus, 0,
`response status should be 0 for iframes having cross origin`
+ ` redirects`);
}
);
}
}
// Response status for iframes is exposed for same origin redirects
for(const loader of [
load.iframe,
load_null_object
]) {
for(const status of status_codes) {
const destUrl = `${SAME_ORIGIN}/resource-timing/resources/redirect-cors.py`
+ `?location=${SAME_ORIGIN}/resource-timing/resources/empty.js`
+ `?pipe=status(${status})`;
attribute_test(
loader, new URL(destUrl),
entry => {
assert_equals(entry.responseStatus, status,
`response status should be exposed for iframes having only same`
+ ` origin redirects`);
}
);
}
};
</script>
</body>
</html>
|