The Tor Browser / file comparison
comparison: content/base/test/test_bug466080.html
content/base/test/test_bug466080.html
- changeset 0
- 6474c204b198
equal
deleted
inserted
replaced
| -1:000000000000 | 0:d17fa85c88da |
|---|---|
| 1 <!DOCTYPE HTML> | |
| 2 <html> | |
| 3 <head> | |
| 4 <title>Test bug 466080</title> | |
| 5 <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> | |
| 6 <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> | |
| 7 </head> | |
| 8 <body onload="onWindowLoad()"> | |
| 9 <iframe id="frame1" | |
| 10 src="https://requireclientcert.example.com/tests/content/base/test/bug466080.sjs" | |
| 11 onload="document.iframeWasLoaded = true"> | |
| 12 | |
| 13 This iframe should load the resource via the src-attribute from | |
| 14 a secure server which requires a client-cert. Doing this is | |
| 15 supposed to work, but further below in the test we try to load | |
| 16 the resource from the same url using a XHR, which should not work. | |
| 17 | |
| 18 TODO : What if we change 'src' from JS? Would/should it load? | |
| 19 | |
| 20 </iframe> | |
| 21 | |
| 22 <script class="testbody" type="text/javascript"> | |
| 23 | |
| 24 document.iframeWasLoaded = false; | |
| 25 | |
| 26 var alltests = [ | |
| 27 | |
| 28 // load resource from a relative url - this should work | |
| 29 { url:"bug466080.sjs", | |
| 30 status_check:"==200", | |
| 31 error:"XHR from relative URL"}, | |
| 32 | |
| 33 // TODO - load the resource from a relative url via https..? | |
| 34 | |
| 35 // load a non-existing resource - should get "404 Not Found" | |
| 36 { url:"bug466080-does-not.exist", | |
| 37 status_check:"==404", | |
| 38 error:"XHR loading non-existing resource"}, | |
| 39 | |
| 40 // load resource from cross-site non-secure server | |
| 41 { url:"http://test1.example.com/tests/content/base/test/bug466080.sjs", | |
| 42 status_check:"==200", | |
| 43 error:"XHR from cross-site plaintext server"}, | |
| 44 | |
| 45 // load resource from cross-site secure server - should work since no credentials are needed | |
| 46 { url:"https://test1.example.com/tests/content/base/test/bug466080.sjs", | |
| 47 status_check:"==200", | |
| 48 error:"XHR from cross-site secure server"}, | |
| 49 | |
| 50 // load resource from cross-site secure server - should work since the server just requests certs | |
| 51 { url:"https://requestclientcert.example.com/tests/content/base/test/bug466080.sjs", | |
| 52 status_check:"==200", | |
| 53 error:"XHR from cross-site secure server requesting certificate"}, | |
| 54 | |
| 55 // load resource from cross-site secure server - should NOT work since the server requires cert | |
| 56 // note that this is the url which is used in the iframe.src above | |
| 57 { url:"https://requireclientcert.example.com/tests/content/base/test/bug466080.sjs", | |
| 58 status_check:"!=200", | |
| 59 error:"XHR from cross-site secure server requiring certificate"}, | |
| 60 | |
| 61 // repeat previous, - should NOT work | |
| 62 { url:"https://requireclientcert.example.com/tests/content/base/test/bug466080.sjs", | |
| 63 status_check:"==200", | |
| 64 error:"XHR w/ credentials from cross-site secure server requiring certificate", | |
| 65 withCredentials:"true"}, | |
| 66 | |
| 67 // repeat previous, but with credentials - should work | |
| 68 { url:"https://requireclientcert.example.com/tests/content/base/test/bug466080.sjs", | |
| 69 status_check:"==200", | |
| 70 error:"XHR w/ credentials from cross-site secure server requiring certificate", | |
| 71 withCredentials:"true"}, | |
| 72 | |
| 73 // repeat previous, withCredentials but using a weird method to force preflight | |
| 74 // should NOT work since our preflight is anonymous and will fail with our simple server | |
| 75 { url:"https://requireclientcert.example.com/tests/content/base/test/bug466080.sjs", | |
| 76 status_check:"!=200", | |
| 77 error:"XHR PREFLIGHT from cross-site secure server requiring certificate", | |
| 78 withCredentials:"true", | |
| 79 method:"XMETHOD"}, | |
| 80 | |
| 81 ]; | |
| 82 | |
| 83 function onWindowLoad() { | |
| 84 // First, check that resource was loaded into the iframe | |
| 85 // This check in fact depends on bug #444165... :) | |
| 86 ok(document.iframeWasLoaded, "Loading resource via src-attribute"); | |
| 87 | |
| 88 | |
| 89 function runTest(test) { | |
| 90 | |
| 91 var xhr = new XMLHttpRequest(); | |
| 92 | |
| 93 var method = "GET"; | |
| 94 if (test.method != null) { method = test.method; } | |
| 95 xhr.open(method, test.url); | |
| 96 | |
| 97 xhr.withCredentials = test.withCredentials; | |
| 98 | |
| 99 SpecialPowers.wrap(xhr).setRequestHeader("Connection", "Keep-Alive", false); | |
| 100 | |
| 101 try { | |
| 102 xhr.send(); | |
| 103 } catch(e) { | |
| 104 } | |
| 105 | |
| 106 xhr.onloadend = function() { | |
| 107 var success = eval(xhr.status + test.status_check); | |
| 108 ok(success, test.error); | |
| 109 | |
| 110 if (alltests.length == 0) { | |
| 111 SimpleTest.finish(); | |
| 112 } else { | |
| 113 runTest(alltests.shift()); | |
| 114 } | |
| 115 }; | |
| 116 } | |
| 117 | |
| 118 runTest(alltests.shift()); | |
| 119 } | |
| 120 | |
| 121 SimpleTest.waitForExplicitFinish(); | |
| 122 | |
| 123 </script> | |
| 124 </body> | |
| 125 </html> |
