The Tor Browser / file comparison

comparison: content/base/test/test_xhr_forbidden_headers.html

content/base/test/test_xhr_forbidden_headers.html

changeset 0
6474c204b198
equal deleted inserted replaced
-1:000000000000 0:1d12ea6e037c
1 <!DOCTYPE HTML>
2 <html>
3 <!--
4 https://bugzilla.mozilla.org/show_bug.cgi?id=308484
5 -->
6 <head>
7 <title>Test for Bug 308484</title>
8 <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
9 <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
10 </head>
11 <body>
12 <a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=308484">Mozilla Bug 308484</a>
13 <p id="display"></p>
14 <div id="content" style="display: none">
15
16 </div>
17 <pre id="test">
18 <script class="testbody" type="text/javascript">
19
20 /** Test for Bug 308484 **/
21
22 var headers = [
23 "aCCept-chaRset",
24 "acCePt-eNcoDing",
25 "aCcEsS-cOnTrOl-ReQuEsT-mEtHoD",
26 "aCcEsS-cOnTrOl-ReQuEsT-hEaDeRs",
27 "coNnEctIon",
28 "coNtEnt-LEngth",
29 "CoOKIe",
30 "cOOkiE2",
31 "cOntEnt-tRAnsFer-enCoDiNg",
32 "DATE",
33 "dNT",
34 "exPeCt",
35 "hOSt",
36 "keep-alive",
37 "oRiGiN",
38 "reFERer",
39 "te",
40 "trAiLer",
41 "trANsfEr-eNcoDiNg",
42 "uPGraDe",
43 "user-AGENT",
44 "viA",
45 "pRoxy-",
46 "sEc-",
47 "proxy-fOobar",
48 "sec-bAZbOx"
49 ];
50 var i, request;
51
52 function startTest() {
53 // Try setting headers in unprivileged context
54 request = new XMLHttpRequest();
55 request.open("GET", window.location.href);
56 for (i = 0; i < headers.length; i++)
57 request.setRequestHeader(headers[i], "test" + i);
58
59 // Read out headers
60 var channel = SpecialPowers.wrap(request).channel.QueryInterface(SpecialPowers.Ci.nsIHttpChannel);
61 for (i = 0; i < headers.length; i++) {
62 // Retrieving Content-Length will throw an exception
63 var value = null;
64 try {
65 value = channel.getRequestHeader(headers[i]);
66 }
67 catch(e) {}
68
69 isnot(value, "test" + i, "Setting " + headers[i] + " header in unprivileged context");
70 }
71
72 // Try setting headers in privileged context
73 request = new XMLHttpRequest({mozAnon: true, mozSystem: true});
74 request.open("GET", window.location.href);
75 for (i = 0; i < headers.length; i++)
76 request.setRequestHeader(headers[i], "test" + i);
77
78 // Read out headers
79 var channel = SpecialPowers.wrap(request).channel.QueryInterface(SpecialPowers.Ci.nsIHttpChannel);
80 for (i = 0; i < headers.length; i++) {
81 var value = channel.getRequestHeader(headers[i]);
82 is(value, "test" + i, "Setting " + headers[i] + " header in privileged context");
83 }
84
85 SimpleTest.finish();
86 }
87
88 SimpleTest.waitForExplicitFinish();
89
90 addLoadEvent(function() {
91 SpecialPowers.pushPermissions([{'type': 'systemXHR', 'allow': true, 'context': document}], startTest);
92 });
93 </script>
94 </pre>
95 </body>
96 </html>

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial