The Tor Browser / file diff

diff: content/base/test/test_xhr_forbidden_headers.html

content/base/test/test_xhr_forbidden_headers.html

changeset 0
6474c204b198
     1.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     1.2 +++ b/content/base/test/test_xhr_forbidden_headers.html	Wed Dec 31 06:09:35 2014 +0100
     1.3 @@ -0,0 +1,96 @@
     1.4 +<!DOCTYPE HTML>
     1.5 +<html>
     1.6 +<!--
     1.7 +https://bugzilla.mozilla.org/show_bug.cgi?id=308484
     1.8 +-->
     1.9 +<head>
    1.10 +  <title>Test for Bug 308484</title>
    1.11 +  <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>        
    1.12 +  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
    1.13 +</head>
    1.14 +<body>
    1.15 +<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=308484">Mozilla Bug 308484</a>
    1.16 +<p id="display"></p>
    1.17 +<div id="content" style="display: none">
    1.18 +  
    1.19 +</div>
    1.20 +<pre id="test">
    1.21 +<script class="testbody" type="text/javascript">
    1.22 +
    1.23 +/** Test for Bug 308484 **/
    1.24 +
    1.25 +var headers = [
    1.26 +  "aCCept-chaRset",
    1.27 +  "acCePt-eNcoDing",
    1.28 +  "aCcEsS-cOnTrOl-ReQuEsT-mEtHoD",
    1.29 +  "aCcEsS-cOnTrOl-ReQuEsT-hEaDeRs",
    1.30 +  "coNnEctIon",
    1.31 +  "coNtEnt-LEngth",
    1.32 +  "CoOKIe",
    1.33 +  "cOOkiE2",
    1.34 +  "cOntEnt-tRAnsFer-enCoDiNg",
    1.35 +  "DATE",
    1.36 +  "dNT",
    1.37 +  "exPeCt",
    1.38 +  "hOSt",
    1.39 +  "keep-alive",
    1.40 +  "oRiGiN",
    1.41 +  "reFERer",
    1.42 +  "te",
    1.43 +  "trAiLer",
    1.44 +  "trANsfEr-eNcoDiNg",
    1.45 +  "uPGraDe",
    1.46 +  "user-AGENT",
    1.47 +  "viA",
    1.48 +  "pRoxy-",
    1.49 +  "sEc-",
    1.50 +  "proxy-fOobar",
    1.51 +  "sec-bAZbOx"
    1.52 +];
    1.53 +var i, request;
    1.54 +
    1.55 +function  startTest() {
    1.56 +  // Try setting headers in unprivileged context
    1.57 +  request = new XMLHttpRequest();
    1.58 +  request.open("GET", window.location.href);
    1.59 +  for (i = 0; i < headers.length; i++)
    1.60 +    request.setRequestHeader(headers[i], "test" + i);
    1.61 +
    1.62 +  // Read out headers
    1.63 +  var channel = SpecialPowers.wrap(request).channel.QueryInterface(SpecialPowers.Ci.nsIHttpChannel);
    1.64 +  for (i = 0; i < headers.length; i++) {
    1.65 +    // Retrieving Content-Length will throw an exception
    1.66 +    var value = null;
    1.67 +    try {
    1.68 +      value = channel.getRequestHeader(headers[i]);
    1.69 +    }
    1.70 +    catch(e) {}
    1.71 +
    1.72 +    isnot(value, "test" + i, "Setting " + headers[i] + " header in unprivileged context");
    1.73 +  }
    1.74 +
    1.75 +  // Try setting headers in privileged context
    1.76 +  request = new XMLHttpRequest({mozAnon: true, mozSystem: true});
    1.77 +  request.open("GET", window.location.href);
    1.78 +  for (i = 0; i < headers.length; i++)
    1.79 +    request.setRequestHeader(headers[i], "test" + i);
    1.80 +
    1.81 +  // Read out headers
    1.82 +  var channel = SpecialPowers.wrap(request).channel.QueryInterface(SpecialPowers.Ci.nsIHttpChannel);
    1.83 +  for (i = 0; i < headers.length; i++) {
    1.84 +    var value = channel.getRequestHeader(headers[i]);
    1.85 +    is(value, "test" + i, "Setting " + headers[i] + " header in privileged context");
    1.86 +  }
    1.87 +
    1.88 +  SimpleTest.finish();
    1.89 +}
    1.90 +
    1.91 +SimpleTest.waitForExplicitFinish();
    1.92 +
    1.93 +addLoadEvent(function() {
    1.94 +   SpecialPowers.pushPermissions([{'type': 'systemXHR', 'allow': true, 'context': document}], startTest);
    1.95 +});
    1.96 +</script>
    1.97 +</pre>
    1.98 +</body>
    1.99 +</html>

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial