1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/content/base/test/test_CrossSiteXHR_origin.html Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,168 @@
1.4 +<!DOCTYPE HTML>
1.5 +<html>
1.6 +<head>
1.7 + <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=utf-8">
1.8 + <title>Test for Cross Site XMLHttpRequest</title>
1.9 + <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
1.10 + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
1.11 +</head>
1.12 +<body onload="gen.next()">
1.13 +<p id="display">
1.14 +<iframe id=loader></iframe>
1.15 +</p>
1.16 +<div id="content" style="display: none">
1.17 +
1.18 +</div>
1.19 +<pre id="test">
1.20 +<script class="testbody" type="application/javascript;version=1.8">
1.21 +
1.22 +SimpleTest.waitForExplicitFinish();
1.23 +
1.24 +var origins =
1.25 + [{ server: 'http://example.org' },
1.26 + { server: 'http://example.org:80',
1.27 + origin: 'http://example.org'
1.28 + },
1.29 + { server: 'http://sub1.test1.example.org' },
1.30 + { server: 'http://test2.example.org:8000' },
1.31 + { server: 'http://sub1.\xe4lt.example.org:8000',
1.32 + origin: 'http://sub1.xn--lt-uia.example.org:8000'
1.33 + },
1.34 + { server: 'http://sub2.\xe4lt.example.org',
1.35 + origin: 'http://sub2.xn--lt-uia.example.org'
1.36 + },
1.37 + { server: 'http://ex\xe4mple.test',
1.38 + origin: 'http://xn--exmple-cua.test'
1.39 + },
1.40 + { server: 'http://xn--exmple-cua.test' },
1.41 + { server: 'http://\u03c0\u03b1\u03c1\u03ac\u03b4\u03b5\u03b9\u03b3\u03bc\u03b1.\u03b4\u03bf\u03ba\u03b9\u03bc\u03ae',
1.42 + origin: 'http://xn--hxajbheg2az3al.xn--jxalpdlp'
1.43 + },
1.44 + { origin: 'http://example.org',
1.45 + file: 'jar:http://example.org/tests/content/base/test/file_CrossSiteXHR_inner.jar!/file_CrossSiteXHR_inner.html'
1.46 + },
1.47 + { origin: 'null',
1.48 + file: 'http://example.org/tests/content/base/test/file_CrossSiteXHR_inner_data.sjs'
1.49 + },
1.50 + ];
1.51 +
1.52 + //['https://example.com:443'],
1.53 + //['https://sub1.test1.example.com:443'],
1.54 +
1.55 +window.addEventListener("message", function(e) {
1.56 + gen.send(e.data);
1.57 +}, false);
1.58 +
1.59 +gen = runTest();
1.60 +
1.61 +function runTest() {
1.62 + var loader = document.getElementById('loader');
1.63 + var loaderWindow = loader.contentWindow;
1.64 + loader.onload = function () { gen.next() };
1.65 +
1.66 + // Test preflight-less requests
1.67 + basePath = "/tests/content/base/test/file_CrossSiteXHR_server.sjs?"
1.68 + baseURL = "http://mochi.test:8888" + basePath;
1.69 +
1.70 + for (originEntry of origins) {
1.71 + origin = originEntry.origin || originEntry.server;
1.72 +
1.73 + loader.src = originEntry.file ||
1.74 + (originEntry.server + "/tests/content/base/test/file_CrossSiteXHR_inner.html");
1.75 + yield undefined;
1.76 +
1.77 + var isNullOrigin = origin == "null";
1.78 +
1.79 + port = /:\d+/;
1.80 + passTests = [
1.81 + origin,
1.82 + "*",
1.83 + " \t " + origin + "\t \t",
1.84 + "\t \t* \t ",
1.85 + ];
1.86 + failTests = [
1.87 + "",
1.88 + " ",
1.89 + port.test(origin) ? origin.replace(port, "")
1.90 + : origin + ":1234",
1.91 + port.test(origin) ? origin.replace(port, ":")
1.92 + : origin + ":",
1.93 + origin + ".",
1.94 + origin + "/",
1.95 + origin + "#",
1.96 + origin + "?",
1.97 + origin + "\\",
1.98 + origin + "%",
1.99 + origin + "@",
1.100 + origin + "/hello",
1.101 + "foo:bar@" + origin,
1.102 + "* " + origin,
1.103 + origin + " " + origin,
1.104 + "allow <" + origin + ">",
1.105 + "<" + origin + ">",
1.106 + "<*>",
1.107 + origin.substr(0, 5) == "https" ? origin.replace("https", "http")
1.108 + : origin.replace("http", "https"),
1.109 + origin.replace("://", "://www."),
1.110 + origin.replace("://", ":// "),
1.111 + origin.replace(/\/[^.]+\./, "/"),
1.112 + ];
1.113 +
1.114 + if (isNullOrigin) {
1.115 + passTests = ["*", "\t \t* \t ", "null"];
1.116 + failTests = failTests.filter(function(v) { return v != origin });
1.117 + }
1.118 +
1.119 + for (allowOrigin of passTests) {
1.120 + req = {
1.121 + url: baseURL +
1.122 + "allowOrigin=" + escape(allowOrigin) +
1.123 + "&origin=" + escape(origin),
1.124 + method: "GET",
1.125 + };
1.126 + loaderWindow.postMessage(req.toSource(), isNullOrigin ? "*" : origin);
1.127 +
1.128 + res = eval(yield);
1.129 + is(res.didFail, false, "shouldn't have failed for " + allowOrigin);
1.130 + is(res.status, 200, "wrong status for " + allowOrigin);
1.131 + is(res.statusText, "OK", "wrong status text for " + allowOrigin);
1.132 + is(res.responseXML,
1.133 + "<res>hello pass</res>",
1.134 + "wrong responseXML in test for " + allowOrigin);
1.135 + is(res.responseText, "<res>hello pass</res>\n",
1.136 + "wrong responseText in test for " + allowOrigin);
1.137 + is(res.events.join(","),
1.138 + "opening,rs1,sending,loadstart,rs2,rs3,rs4,load,loadend",
1.139 + "wrong responseText in test for " + allowOrigin);
1.140 + }
1.141 +
1.142 + for (allowOrigin of failTests) {
1.143 + req = {
1.144 + url: baseURL + "allowOrigin=" + escape(allowOrigin),
1.145 + method: "GET",
1.146 + };
1.147 + loaderWindow.postMessage(req.toSource(), isNullOrigin ? "*" : origin);
1.148 +
1.149 + res = eval(yield);
1.150 + is(res.didFail, true, "should have failed for " + allowOrigin);
1.151 + is(res.responseText, "", "should have no text for " + allowOrigin);
1.152 + is(res.status, 0, "should have no status for " + allowOrigin);
1.153 + is(res.statusText, "", "wrong status text for " + allowOrigin);
1.154 + is(res.responseXML, null, "should have no XML for " + allowOrigin);
1.155 + is(res.events.join(","),
1.156 + "opening,rs1,sending,loadstart,rs2,rs4,error,loadend",
1.157 + "wrong events in test for " + allowOrigin);
1.158 + is(res.progressEvents, 0,
1.159 + "wrong events in test for " + allowOrigin);
1.160 + }
1.161 + }
1.162 +
1.163 + SimpleTest.finish();
1.164 +
1.165 + yield undefined;
1.166 +}
1.167 +
1.168 +</script>
1.169 +</pre>
1.170 +</body>
1.171 +</html>
