• file
• revisions
• annotate
• diff
• comparison
• raw

content/base/test/test_xhr_forbidden_headers.html@b8a032363ba2 (annotated)

content/base/test/test_xhr_forbidden_headers.html

Thu, 22 Jan 2015 13:21:57 +0100

author

Michael Schloh von Bennewitz <michael@schloh.com>

date

Thu, 22 Jan 2015 13:21:57 +0100

branch

TOR_BUG_9701

changeset 15

b8a032363ba2

permissions

-rw-r--r--

Incorporate requested changes from Mozilla in review:
https://bugzilla.mozilla.org/show_bug.cgi?id=1123480#c6

michael@0	1	<!DOCTYPE HTML>
michael@0	2	<html>
michael@0	3	<!--
michael@0	4	https://bugzilla.mozilla.org/show_bug.cgi?id=308484
michael@0	5	-->
michael@0	6	<head>
michael@0	7	<title>Test for Bug 308484</title>
michael@0	8	<script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
michael@0	9	<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
michael@0	10	</head>
michael@0	11	<body>
michael@0	12	<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=308484">Mozilla Bug 308484</a>
michael@0	13	<p id="display"></p>
michael@0	14	<div id="content" style="display: none">
michael@0	15
michael@0	16	</div>
michael@0	17	<pre id="test">
michael@0	18	<script class="testbody" type="text/javascript">
michael@0	19
michael@0	20	/** Test for Bug 308484 **/
michael@0	21
michael@0	22	var headers = [
michael@0	23	"aCCept-chaRset",
michael@0	24	"acCePt-eNcoDing",
michael@0	25	"aCcEsS-cOnTrOl-ReQuEsT-mEtHoD",
michael@0	26	"aCcEsS-cOnTrOl-ReQuEsT-hEaDeRs",
michael@0	27	"coNnEctIon",
michael@0	28	"coNtEnt-LEngth",
michael@0	29	"CoOKIe",
michael@0	30	"cOOkiE2",
michael@0	31	"cOntEnt-tRAnsFer-enCoDiNg",
michael@0	32	"DATE",
michael@0	33	"dNT",
michael@0	34	"exPeCt",
michael@0	35	"hOSt",
michael@0	36	"keep-alive",
michael@0	37	"oRiGiN",
michael@0	38	"reFERer",
michael@0	39	"te",
michael@0	40	"trAiLer",
michael@0	41	"trANsfEr-eNcoDiNg",
michael@0	42	"uPGraDe",
michael@0	43	"user-AGENT",
michael@0	44	"viA",
michael@0	45	"pRoxy-",
michael@0	46	"sEc-",
michael@0	47	"proxy-fOobar",
michael@0	48	"sec-bAZbOx"
michael@0	49	];
michael@0	50	var i, request;
michael@0	51
michael@0	52	function startTest() {
michael@0	53	// Try setting headers in unprivileged context
michael@0	54	request = new XMLHttpRequest();
michael@0	55	request.open("GET", window.location.href);
michael@0	56	for (i = 0; i < headers.length; i++)
michael@0	57	request.setRequestHeader(headers[i], "test" + i);
michael@0	58
michael@0	59	// Read out headers
michael@0	60	var channel = SpecialPowers.wrap(request).channel.QueryInterface(SpecialPowers.Ci.nsIHttpChannel);
michael@0	61	for (i = 0; i < headers.length; i++) {
michael@0	62	// Retrieving Content-Length will throw an exception
michael@0	63	var value = null;
michael@0	64	try {
michael@0	65	value = channel.getRequestHeader(headers[i]);
michael@0	66	}
michael@0	67	catch(e) {}
michael@0	68
michael@0	69	isnot(value, "test" + i, "Setting " + headers[i] + " header in unprivileged context");
michael@0	70	}
michael@0	71
michael@0	72	// Try setting headers in privileged context
michael@0	73	request = new XMLHttpRequest({mozAnon: true, mozSystem: true});
michael@0	74	request.open("GET", window.location.href);
michael@0	75	for (i = 0; i < headers.length; i++)
michael@0	76	request.setRequestHeader(headers[i], "test" + i);
michael@0	77
michael@0	78	// Read out headers
michael@0	79	var channel = SpecialPowers.wrap(request).channel.QueryInterface(SpecialPowers.Ci.nsIHttpChannel);
michael@0	80	for (i = 0; i < headers.length; i++) {
michael@0	81	var value = channel.getRequestHeader(headers[i]);
michael@0	82	is(value, "test" + i, "Setting " + headers[i] + " header in privileged context");
michael@0	83	}
michael@0	84
michael@0	85	SimpleTest.finish();
michael@0	86	}
michael@0	87
michael@0	88	SimpleTest.waitForExplicitFinish();
michael@0	89
michael@0	90	addLoadEvent(function() {
michael@0	91	SpecialPowers.pushPermissions([{'type': 'systemXHR', 'allow': true, 'context': document}], startTest);
michael@0	92	});
michael@0	93	</script>
michael@0	94	</pre>
michael@0	95	</body>
michael@0	96	</html>