• file
• revisions
• annotate
• diff
• comparison
• raw

content/base/test/test_bug466080.html@b8a032363ba2 (annotated)

content/base/test/test_bug466080.html

Thu, 22 Jan 2015 13:21:57 +0100

author

Michael Schloh von Bennewitz <michael@schloh.com>

date

Thu, 22 Jan 2015 13:21:57 +0100

branch

TOR_BUG_9701

changeset 15

b8a032363ba2

permissions

-rw-r--r--

Incorporate requested changes from Mozilla in review:
https://bugzilla.mozilla.org/show_bug.cgi?id=1123480#c6

michael@0	1	<!DOCTYPE HTML>
michael@0	2	<html>
michael@0	3	<head>
michael@0	4	<title>Test bug 466080</title>
michael@0	5	<script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
michael@0	6	<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
michael@0	7	</head>
michael@0	8	<body onload="onWindowLoad()">
michael@0	9	<iframe id="frame1"
michael@0	10	src="https://requireclientcert.example.com/tests/content/base/test/bug466080.sjs"
michael@0	11	onload="document.iframeWasLoaded = true">
michael@0	12
michael@0	13	This iframe should load the resource via the src-attribute from
michael@0	14	a secure server which requires a client-cert. Doing this is
michael@0	15	supposed to work, but further below in the test we try to load
michael@0	16	the resource from the same url using a XHR, which should not work.
michael@0	17
michael@0	18	TODO : What if we change 'src' from JS? Would/should it load?
michael@0	19
michael@0	20	</iframe>
michael@0	21
michael@0	22	<script class="testbody" type="text/javascript">
michael@0	23
michael@0	24	document.iframeWasLoaded = false;
michael@0	25
michael@0	26	var alltests = [
michael@0	27
michael@0	28	// load resource from a relative url - this should work
michael@0	29	{ url:"bug466080.sjs",
michael@0	30	status_check:"==200",
michael@0	31	error:"XHR from relative URL"},
michael@0	32
michael@0	33	// TODO - load the resource from a relative url via https..?
michael@0	34
michael@0	35	// load a non-existing resource - should get "404 Not Found"
michael@0	36	{ url:"bug466080-does-not.exist",
michael@0	37	status_check:"==404",
michael@0	38	error:"XHR loading non-existing resource"},
michael@0	39
michael@0	40	// load resource from cross-site non-secure server
michael@0	41	{ url:"http://test1.example.com/tests/content/base/test/bug466080.sjs",
michael@0	42	status_check:"==200",
michael@0	43	error:"XHR from cross-site plaintext server"},
michael@0	44
michael@0	45	// load resource from cross-site secure server - should work since no credentials are needed
michael@0	46	{ url:"https://test1.example.com/tests/content/base/test/bug466080.sjs",
michael@0	47	status_check:"==200",
michael@0	48	error:"XHR from cross-site secure server"},
michael@0	49
michael@0	50	// load resource from cross-site secure server - should work since the server just requests certs
michael@0	51	{ url:"https://requestclientcert.example.com/tests/content/base/test/bug466080.sjs",
michael@0	52	status_check:"==200",
michael@0	53	error:"XHR from cross-site secure server requesting certificate"},
michael@0	54
michael@0	55	// load resource from cross-site secure server - should NOT work since the server requires cert
michael@0	56	// note that this is the url which is used in the iframe.src above
michael@0	57	{ url:"https://requireclientcert.example.com/tests/content/base/test/bug466080.sjs",
michael@0	58	status_check:"!=200",
michael@0	59	error:"XHR from cross-site secure server requiring certificate"},
michael@0	60
michael@0	61	// repeat previous, - should NOT work
michael@0	62	{ url:"https://requireclientcert.example.com/tests/content/base/test/bug466080.sjs",
michael@0	63	status_check:"==200",
michael@0	64	error:"XHR w/ credentials from cross-site secure server requiring certificate",
michael@0	65	withCredentials:"true"},
michael@0	66
michael@0	67	// repeat previous, but with credentials - should work
michael@0	68	{ url:"https://requireclientcert.example.com/tests/content/base/test/bug466080.sjs",
michael@0	69	status_check:"==200",
michael@0	70	error:"XHR w/ credentials from cross-site secure server requiring certificate",
michael@0	71	withCredentials:"true"},
michael@0	72
michael@0	73	// repeat previous, withCredentials but using a weird method to force preflight
michael@0	74	// should NOT work since our preflight is anonymous and will fail with our simple server
michael@0	75	{ url:"https://requireclientcert.example.com/tests/content/base/test/bug466080.sjs",
michael@0	76	status_check:"!=200",
michael@0	77	error:"XHR PREFLIGHT from cross-site secure server requiring certificate",
michael@0	78	withCredentials:"true",
michael@0	79	method:"XMETHOD"},
michael@0	80
michael@0	81	];
michael@0	82
michael@0	83	function onWindowLoad() {
michael@0	84	// First, check that resource was loaded into the iframe
michael@0	85	// This check in fact depends on bug #444165... :)
michael@0	86	ok(document.iframeWasLoaded, "Loading resource via src-attribute");
michael@0	87
michael@0	88
michael@0	89	function runTest(test) {
michael@0	90
michael@0	91	var xhr = new XMLHttpRequest();
michael@0	92
michael@0	93	var method = "GET";
michael@0	94	if (test.method != null) { method = test.method; }
michael@0	95	xhr.open(method, test.url);
michael@0	96
michael@0	97	xhr.withCredentials = test.withCredentials;
michael@0	98
michael@0	99	SpecialPowers.wrap(xhr).setRequestHeader("Connection", "Keep-Alive", false);
michael@0	100
michael@0	101	try {
michael@0	102	xhr.send();
michael@0	103	} catch(e) {
michael@0	104	}
michael@0	105
michael@0	106	xhr.onloadend = function() {
michael@0	107	var success = eval(xhr.status + test.status_check);
michael@0	108	ok(success, test.error);
michael@0	109
michael@0	110	if (alltests.length == 0) {
michael@0	111	SimpleTest.finish();
michael@0	112	} else {
michael@0	113	runTest(alltests.shift());
michael@0	114	}
michael@0	115	};
michael@0	116	}
michael@0	117
michael@0	118	runTest(alltests.shift());
michael@0	119	}
michael@0	120
michael@0	121	SimpleTest.waitForExplicitFinish();
michael@0	122
michael@0	123	</script>
michael@0	124	</body>
michael@0	125	</html>