content/canvas/test/crossorigin/test_canvas2d_crossorigin.html@6474c204b198
content/canvas/test/crossorigin/test_canvas2d_crossorigin.html
Wed, 31 Dec 2014 06:09:35 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Wed, 31 Dec 2014 06:09:35 +0100
- changeset 0
- 6474c204b198
- permissions
- -rw-r--r--
Cloned upstream origin tor-browser at tor-browser-31.3.0esr-4.5-1-build1
revision ID fc1c9ff7c1b2defdbc039f12214767608f46423f for hacking purpose.
1 <!DOCTYPE HTML>
2 <html>
3 <!--
4 https://bugzilla.mozilla.org/show_bug.cgi?id=685518
5 -->
6 <head>
7 <title>Test for Bug 685518</title>
8 <script type="application/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
9 <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
10 </head>
11 <body>
12 <a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=685518">Mozilla Bug 685518</a>
13 <p id="display"></p>
14 <div id="content" style="display: none">
16 </div>
17 <pre id="test">
18 <script type="application/javascript">
20 /** Test for Bug 685518 **/
22 SimpleTest.waitForExplicitFinish();
24 const BAD_URI_ERR = "NS_ERROR_DOM_BAD_URI_ERR";
25 const OK = "";
27 function verifyError(actual_error, expected_error, message) {
28 ok(actual_error == expected_error,
29 message + ": expected " + expected_error + ", got " + actual_error);
30 }
32 var number_of_tests_live = 0;
34 function testDone() {
35 number_of_tests_live--;
37 if (number_of_tests_live == 0)
38 SimpleTest.finish();
39 }
41 function testImage(url, crossOriginAttribute, expected_error) {
42 ++number_of_tests_live;
43 var image;
44 if (crossOriginAttribute == "just-crossOrigin-without-value") {
45 var div = document.createElement('div');
46 div.innerHTML="<img crossOrigin>";
47 image = div.children[0];
48 }
49 else {
50 image = new Image();
51 if (crossOriginAttribute != "missing-value-default") {
52 image.crossOrigin = crossOriginAttribute;
53 }
54 }
56 image.onload = function() {
57 var c = document.createElement("canvas");
58 c.width = this.width;
59 c.height = this.height;
60 var ctx = c.getContext("2d");
61 ctx.drawImage(this, 0, 0);
63 var data;
64 var actual_error;
65 try {
66 data = ctx.getImageData(0, 0, 1, 1);
67 actual_error = OK;
68 } catch (e) {
69 actual_error = e.name;
70 }
72 verifyError(actual_error, expected_error,
73 "drawImage then get image data on " + url +
74 " with crossOrigin=" + this.crossOrigin);
76 // Now test patterns
77 c = document.createElement("canvas");
78 c.width = this.width;
79 c.height = this.height;
80 ctx = c.getContext("2d");
81 ctx.fillStyle = ctx.createPattern(this, "");
82 ctx.fillRect(0, 0, c.width, c.height);
83 try {
84 data = ctx.getImageData(0, 0, 1, 1);
85 actual_error = OK;
86 } catch (e) {
87 actual_error = e.name;
88 }
90 verifyError(actual_error, expected_error,
91 "createPattern+fill then get image data on " + url +
92 " with crossOrigin=" + this.crossOrigin);
94 testDone();
95 };
97 image.onerror = function(event) {
98 verifyError(BAD_URI_ERR, expected_error,
99 "image error handler for " + url +
100 " with crossOrigin=" + this.crossOrigin);
102 testDone();
103 }
105 image.src = url;
106 }
108 // Now kick off the tests.
109 const testPath = "/tests/content/canvas/test/crossorigin/"
111 // First column is image file, second column is what CORS headers the server sends
112 const imageFiles = [
113 [ "image.png", "none" ],
114 [ "image-allow-star.png", "allow-all-anon" ],
115 [ "image-allow-credentials.png", "allow-single-server-creds" ]
116 ];
118 const hostnames = [
119 [ "mochi.test:8888", "same-origin" ],
120 [ "example.com", "cross-origin" ]
121 ];
123 // First column is the value; second column is the expected resulting CORS mode
124 const attrValues = [
125 [ "missing-value-default", "none" ],
126 [ "", "anonymous" ],
127 [ "just-crossOrigin-without-value", "anonymous" ],
128 [ "anonymous", "anonymous" ],
129 [ "use-credentials", "use-credentials" ],
130 [ "foobar", "anonymous" ]
131 ];
133 for (var imgIdx = 0; imgIdx < imageFiles.length; ++imgIdx) {
134 for (var hostnameIdx = 0; hostnameIdx < hostnames.length; ++hostnameIdx) {
135 var hostnameData = hostnames[hostnameIdx];
136 var url = "http://" + hostnameData[0] + testPath + imageFiles[imgIdx][0];
137 for (var attrValIdx = 0; attrValIdx < attrValues.length; ++attrValIdx) {
138 var attrValData = attrValues[attrValIdx];
139 // Now compute the expected result
140 var expected_error;
141 if (hostnameData[1] == "same-origin") {
142 // Same-origin; these should all Just Work
143 expected_error = OK;
144 } else {
145 // Cross-origin
146 is(hostnameData[1], "cross-origin",
147 "what sort of host is " + hostnameData[0]);
148 var CORSMode = attrValData[1];
149 if (CORSMode == "none") {
150 // Doesn't matter what headers the server sends; we're not
151 // using CORS on our end.
152 expected_error = "SecurityError";
153 } else {
154 // Check whether the server will let us talk to them
155 var CORSHeaders = imageFiles[imgIdx][1];
156 // We're going to look for CORS headers from the server
157 if (CORSHeaders == "none") {
158 // No CORS headers from server; load will fail.
159 expected_error = BAD_URI_ERR;
160 } else if (CORSHeaders == "allow-all-anon") {
161 // Server only allows anonymous requests
162 if (CORSMode == "anonymous") {
163 expected_error = OK;
164 } else {
165 is(CORSMode, "use-credentials",
166 "What other CORS modes are there?");
167 // A load with credentials against a server that only
168 // allows anonymous loads will fail.
169 expected_error = BAD_URI_ERR;
170 }
171 } else {
172 is(CORSHeaders, "allow-single-server-creds",
173 "What other CORS headers could there be?");
174 // Our server should allow both anonymous and non-anonymous requests
175 expected_error = OK;
176 }
177 }
178 }
179 testImage(url, attrValData[0], expected_error);
180 }
181 }
182 }
183 </script>
184 </pre>
185 </body>
186 </html>
