The Tor Browser / file revision

content/base/test/test_bug466080.html@6474c204b198

content/base/test/test_bug466080.html

Wed, 31 Dec 2014 06:09:35 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Wed, 31 Dec 2014 06:09:35 +0100
changeset 0
6474c204b198
permissions
-rw-r--r--

Cloned upstream origin tor-browser at tor-browser-31.3.0esr-4.5-1-build1
revision ID fc1c9ff7c1b2defdbc039f12214767608f46423f for hacking purpose.

     1 <!DOCTYPE HTML>

     2 <html>

     3 <head>

     4   <title>Test bug 466080</title>

     5   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>        

     6   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />

     7 </head>

     8 <body onload="onWindowLoad()">

     9 <iframe id="frame1"

    10         src="https://requireclientcert.example.com/tests/content/base/test/bug466080.sjs"

    11         onload="document.iframeWasLoaded = true">

    12  

    13  This iframe should load the resource via the src-attribute from

    14  a secure server which requires a client-cert. Doing this is

    15  supposed to work, but further below in the test we try to load

    16  the resource from the same url using a XHR, which should not work.

    17  

    18  TODO : What if we change 'src' from JS? Would/should it load?

    19 

    20 </iframe>

    21 

    22 <script class="testbody" type="text/javascript">

    23 

    24 document.iframeWasLoaded = false;

    25 

    26 var alltests = [

    27 

    28 // load resource from a relative url - this should work

    29   { url:"bug466080.sjs",

    30     status_check:"==200",

    31     error:"XHR from relative URL"},

    32 

    33 // TODO - load the resource from a relative url via https..?

    34 

    35 // load a non-existing resource - should get "404 Not Found"

    36   { url:"bug466080-does-not.exist",

    37     status_check:"==404",

    38     error:"XHR loading non-existing resource"},

    39 

    40 // load resource from cross-site non-secure server

    41   { url:"http://test1.example.com/tests/content/base/test/bug466080.sjs",

    42     status_check:"==200",

    43     error:"XHR from cross-site plaintext server"},

    44 

    45 // load resource from cross-site secure server - should work since no credentials are needed

    46   { url:"https://test1.example.com/tests/content/base/test/bug466080.sjs",

    47     status_check:"==200",

    48     error:"XHR from cross-site secure server"},

    49 

    50 // load resource from cross-site secure server - should work since the server just requests certs

    51   { url:"https://requestclientcert.example.com/tests/content/base/test/bug466080.sjs",

    52     status_check:"==200",

    53     error:"XHR from cross-site secure server requesting certificate"},

    54 

    55 // load resource from cross-site secure server - should NOT work since the server requires cert

    56 // note that this is the url which is used in the iframe.src above

    57   { url:"https://requireclientcert.example.com/tests/content/base/test/bug466080.sjs",

    58     status_check:"!=200",

    59     error:"XHR from cross-site secure server requiring certificate"},

    60 

    61 // repeat previous,  - should NOT work

    62   { url:"https://requireclientcert.example.com/tests/content/base/test/bug466080.sjs",

    63     status_check:"==200",

    64     error:"XHR w/ credentials from cross-site secure server requiring certificate",

    65     withCredentials:"true"},

    66     

    67 // repeat previous, but with credentials - should work

    68   { url:"https://requireclientcert.example.com/tests/content/base/test/bug466080.sjs",

    69     status_check:"==200",

    70     error:"XHR w/ credentials from cross-site secure server requiring certificate",

    71     withCredentials:"true"},

    72 

    73 // repeat previous, withCredentials but using a weird method to force preflight

    74 // should NOT work since our preflight is anonymous and will fail with our simple server

    75   { url:"https://requireclientcert.example.com/tests/content/base/test/bug466080.sjs",

    76     status_check:"!=200",

    77     error:"XHR PREFLIGHT from cross-site secure server requiring certificate",

    78     withCredentials:"true",

    79     method:"XMETHOD"},

    80     

    81 ];

    82 

    83 function onWindowLoad() {

    84     // First, check that resource was loaded into the iframe

    85     // This check in fact depends on bug #444165... :)

    86     ok(document.iframeWasLoaded, "Loading resource via src-attribute");

    87 

    88 

    89     function runTest(test) {

    90 

    91         var xhr =  new XMLHttpRequest();

    92 

    93         var method = "GET";

    94         if (test.method != null) { method = test.method; }

    95         xhr.open(method, test.url);

    96 

    97         xhr.withCredentials = test.withCredentials;

    98 

    99         SpecialPowers.wrap(xhr).setRequestHeader("Connection", "Keep-Alive", false);

   100 

   101         try {

   102             xhr.send();

   103         } catch(e) {

   104         }

   105 

   106         xhr.onloadend = function() {

   107             var success = eval(xhr.status + test.status_check);

   108             ok(success, test.error);

   109 

   110             if (alltests.length == 0) {

   111                 SimpleTest.finish();

   112             } else {

   113                 runTest(alltests.shift());

   114             }

   115         };

   116     }

   117 

   118     runTest(alltests.shift());

   119 }

   120 

   121 SimpleTest.waitForExplicitFinish();

   122 

   123 </script>

   124 </body>

   125 </html>

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial