The Tor Browser / file diff

diff: content/base/test/test_bug466080.html

content/base/test/test_bug466080.html

changeset 0
6474c204b198
     1.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     1.2 +++ b/content/base/test/test_bug466080.html	Wed Dec 31 06:09:35 2014 +0100
     1.3 @@ -0,0 +1,125 @@
     1.4 +<!DOCTYPE HTML>
     1.5 +<html>
     1.6 +<head>
     1.7 +  <title>Test bug 466080</title>
     1.8 +  <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>        
     1.9 +  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
    1.10 +</head>
    1.11 +<body onload="onWindowLoad()">
    1.12 +<iframe id="frame1"
    1.13 +        src="https://requireclientcert.example.com/tests/content/base/test/bug466080.sjs"
    1.14 +        onload="document.iframeWasLoaded = true">
    1.15 + 
    1.16 + This iframe should load the resource via the src-attribute from
    1.17 + a secure server which requires a client-cert. Doing this is
    1.18 + supposed to work, but further below in the test we try to load
    1.19 + the resource from the same url using a XHR, which should not work.
    1.20 + 
    1.21 + TODO : What if we change 'src' from JS? Would/should it load?
    1.22 +
    1.23 +</iframe>
    1.24 +
    1.25 +<script class="testbody" type="text/javascript">
    1.26 +
    1.27 +document.iframeWasLoaded = false;
    1.28 +
    1.29 +var alltests = [
    1.30 +
    1.31 +// load resource from a relative url - this should work
    1.32 +  { url:"bug466080.sjs",
    1.33 +    status_check:"==200",
    1.34 +    error:"XHR from relative URL"},
    1.35 +
    1.36 +// TODO - load the resource from a relative url via https..?
    1.37 +
    1.38 +// load a non-existing resource - should get "404 Not Found"
    1.39 +  { url:"bug466080-does-not.exist",
    1.40 +    status_check:"==404",
    1.41 +    error:"XHR loading non-existing resource"},
    1.42 +
    1.43 +// load resource from cross-site non-secure server
    1.44 +  { url:"http://test1.example.com/tests/content/base/test/bug466080.sjs",
    1.45 +    status_check:"==200",
    1.46 +    error:"XHR from cross-site plaintext server"},
    1.47 +
    1.48 +// load resource from cross-site secure server - should work since no credentials are needed
    1.49 +  { url:"https://test1.example.com/tests/content/base/test/bug466080.sjs",
    1.50 +    status_check:"==200",
    1.51 +    error:"XHR from cross-site secure server"},
    1.52 +
    1.53 +// load resource from cross-site secure server - should work since the server just requests certs
    1.54 +  { url:"https://requestclientcert.example.com/tests/content/base/test/bug466080.sjs",
    1.55 +    status_check:"==200",
    1.56 +    error:"XHR from cross-site secure server requesting certificate"},
    1.57 +
    1.58 +// load resource from cross-site secure server - should NOT work since the server requires cert
    1.59 +// note that this is the url which is used in the iframe.src above
    1.60 +  { url:"https://requireclientcert.example.com/tests/content/base/test/bug466080.sjs",
    1.61 +    status_check:"!=200",
    1.62 +    error:"XHR from cross-site secure server requiring certificate"},
    1.63 +
    1.64 +// repeat previous,  - should NOT work
    1.65 +  { url:"https://requireclientcert.example.com/tests/content/base/test/bug466080.sjs",
    1.66 +    status_check:"==200",
    1.67 +    error:"XHR w/ credentials from cross-site secure server requiring certificate",
    1.68 +    withCredentials:"true"},
    1.69 +    
    1.70 +// repeat previous, but with credentials - should work
    1.71 +  { url:"https://requireclientcert.example.com/tests/content/base/test/bug466080.sjs",
    1.72 +    status_check:"==200",
    1.73 +    error:"XHR w/ credentials from cross-site secure server requiring certificate",
    1.74 +    withCredentials:"true"},
    1.75 +
    1.76 +// repeat previous, withCredentials but using a weird method to force preflight
    1.77 +// should NOT work since our preflight is anonymous and will fail with our simple server
    1.78 +  { url:"https://requireclientcert.example.com/tests/content/base/test/bug466080.sjs",
    1.79 +    status_check:"!=200",
    1.80 +    error:"XHR PREFLIGHT from cross-site secure server requiring certificate",
    1.81 +    withCredentials:"true",
    1.82 +    method:"XMETHOD"},
    1.83 +    
    1.84 +];
    1.85 +
    1.86 +function onWindowLoad() {
    1.87 +    // First, check that resource was loaded into the iframe
    1.88 +    // This check in fact depends on bug #444165... :)
    1.89 +    ok(document.iframeWasLoaded, "Loading resource via src-attribute");
    1.90 +
    1.91 +
    1.92 +    function runTest(test) {
    1.93 +
    1.94 +        var xhr =  new XMLHttpRequest();
    1.95 +
    1.96 +        var method = "GET";
    1.97 +        if (test.method != null) { method = test.method; }
    1.98 +        xhr.open(method, test.url);
    1.99 +
   1.100 +        xhr.withCredentials = test.withCredentials;
   1.101 +
   1.102 +        SpecialPowers.wrap(xhr).setRequestHeader("Connection", "Keep-Alive", false);
   1.103 +
   1.104 +        try {
   1.105 +            xhr.send();
   1.106 +        } catch(e) {
   1.107 +        }
   1.108 +
   1.109 +        xhr.onloadend = function() {
   1.110 +            var success = eval(xhr.status + test.status_check);
   1.111 +            ok(success, test.error);
   1.112 +
   1.113 +            if (alltests.length == 0) {
   1.114 +                SimpleTest.finish();
   1.115 +            } else {
   1.116 +                runTest(alltests.shift());
   1.117 +            }
   1.118 +        };
   1.119 +    }
   1.120 +
   1.121 +    runTest(alltests.shift());
   1.122 +}
   1.123 +
   1.124 +SimpleTest.waitForExplicitFinish();
   1.125 +
   1.126 +</script>
   1.127 +</body>
   1.128 +</html>

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial