The Tor Browser / file revision

content/base/test/test_xhr_forbidden_headers.html@b8a032363ba2

content/base/test/test_xhr_forbidden_headers.html

Thu, 22 Jan 2015 13:21:57 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Thu, 22 Jan 2015 13:21:57 +0100
branch
TOR_BUG_9701
changeset 15
b8a032363ba2
permissions
-rw-r--r--

Incorporate requested changes from Mozilla in review:
https://bugzilla.mozilla.org/show_bug.cgi?id=1123480#c6

     1 <!DOCTYPE HTML>

     2 <html>

     3 <!--

     4 https://bugzilla.mozilla.org/show_bug.cgi?id=308484

     5 -->

     6 <head>

     7   <title>Test for Bug 308484</title>

     8   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>        

     9   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />

    10 </head>

    11 <body>

    12 <a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=308484">Mozilla Bug 308484</a>

    13 <p id="display"></p>

    14 <div id="content" style="display: none">

    15   

    16 </div>

    17 <pre id="test">

    18 <script class="testbody" type="text/javascript">

    19 

    20 /** Test for Bug 308484 **/

    21 

    22 var headers = [

    23   "aCCept-chaRset",

    24   "acCePt-eNcoDing",

    25   "aCcEsS-cOnTrOl-ReQuEsT-mEtHoD",

    26   "aCcEsS-cOnTrOl-ReQuEsT-hEaDeRs",

    27   "coNnEctIon",

    28   "coNtEnt-LEngth",

    29   "CoOKIe",

    30   "cOOkiE2",

    31   "cOntEnt-tRAnsFer-enCoDiNg",

    32   "DATE",

    33   "dNT",

    34   "exPeCt",

    35   "hOSt",

    36   "keep-alive",

    37   "oRiGiN",

    38   "reFERer",

    39   "te",

    40   "trAiLer",

    41   "trANsfEr-eNcoDiNg",

    42   "uPGraDe",

    43   "user-AGENT",

    44   "viA",

    45   "pRoxy-",

    46   "sEc-",

    47   "proxy-fOobar",

    48   "sec-bAZbOx"

    49 ];

    50 var i, request;

    51 

    52 function  startTest() {

    53   // Try setting headers in unprivileged context

    54   request = new XMLHttpRequest();

    55   request.open("GET", window.location.href);

    56   for (i = 0; i < headers.length; i++)

    57     request.setRequestHeader(headers[i], "test" + i);

    58 

    59   // Read out headers

    60   var channel = SpecialPowers.wrap(request).channel.QueryInterface(SpecialPowers.Ci.nsIHttpChannel);

    61   for (i = 0; i < headers.length; i++) {

    62     // Retrieving Content-Length will throw an exception

    63     var value = null;

    64     try {

    65       value = channel.getRequestHeader(headers[i]);

    66     }

    67     catch(e) {}

    68 

    69     isnot(value, "test" + i, "Setting " + headers[i] + " header in unprivileged context");

    70   }

    71 

    72   // Try setting headers in privileged context

    73   request = new XMLHttpRequest({mozAnon: true, mozSystem: true});

    74   request.open("GET", window.location.href);

    75   for (i = 0; i < headers.length; i++)

    76     request.setRequestHeader(headers[i], "test" + i);

    77 

    78   // Read out headers

    79   var channel = SpecialPowers.wrap(request).channel.QueryInterface(SpecialPowers.Ci.nsIHttpChannel);

    80   for (i = 0; i < headers.length; i++) {

    81     var value = channel.getRequestHeader(headers[i]);

    82     is(value, "test" + i, "Setting " + headers[i] + " header in privileged context");

    83   }

    84 

    85   SimpleTest.finish();

    86 }

    87 

    88 SimpleTest.waitForExplicitFinish();

    89 

    90 addLoadEvent(function() {

    91    SpecialPowers.pushPermissions([{'type': 'systemXHR', 'allow': true, 'context': document}], startTest);

    92 });

    93 </script>

    94 </pre>

    95 </body>

    96 </html>

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial