Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(373)

Unified Diff: LayoutTests/http/tests/xmlhttprequest/resources/origin-exact-matching-iframe.html

Issue 109773002: Improve precision of error messages from failed CORS checks. (Closed) Base URL: https://chromium.googlesource.com/chromium/blink.git@master
Patch Set: Created 7 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: LayoutTests/http/tests/xmlhttprequest/resources/origin-exact-matching-iframe.html
diff --git a/LayoutTests/http/tests/xmlhttprequest/resources/origin-exact-matching-iframe.html b/LayoutTests/http/tests/xmlhttprequest/resources/origin-exact-matching-iframe.html
index 70b6826d79dc864514fa5995808ff566b7c074cf..27bc96203609195291f5041c4cabb27a034a8ede 100644
--- a/LayoutTests/http/tests/xmlhttprequest/resources/origin-exact-matching-iframe.html
+++ b/LayoutTests/http/tests/xmlhttprequest/resources/origin-exact-matching-iframe.html
@@ -6,29 +6,40 @@
<body>
<script type="text/javascript">
description("Check that exact matching is used when comparing a request's originating url and the value provided by Access-Control-Allow-Origin.");
-var urlTemplate = "http://127.0.0.1:8000/xmlhttprequest/resources/access-control-allow-lists.php?origin=";
+
+var baseUrl = "http://127.0.0.1:8000/xmlhttprequest/resources/access-control-allow-lists.php";
+
+function generateURL(origin)
+{
+ if (Array.isArray(origin))
+ return baseUrl + "?origins=" + origin.map(encodeURIComponent).join(",");
+ else
+ return baseUrl + "?origin=" + encodeURIComponent(origin);
+}
function shouldPass(origin) {
debug("Should allow origin: '" + origin + "'");
xhr = new XMLHttpRequest();
- xhr.open('GET', urlTemplate + encodeURIComponent(origin), false);
+ xhr.open('GET', generateURL(origin), false);
shouldBeUndefined("xhr.send(null)");
}
function shouldFail(origin) {
debug("Should disallow origin: '" + origin + "'");
xhr = new XMLHttpRequest();
- xhr.open('GET', urlTemplate + encodeURIComponent(origin), false);
+ xhr.open('GET', generateURL(origin), false);
shouldThrow("xhr.send(null)");
}
-shouldPass('*');
-shouldPass(' * ');
-shouldPass(' *');
-shouldPass(location.protocol + "//" + location.host);
-shouldPass(" "+location.protocol + "//" + location.host);
-shouldPass(" "+location.protocol + "//" + location.host + " ");
-shouldPass(" "+location.protocol + "//" + location.host);
+var thisOrigin = location.protocol + "//" + location.host;
+
+shouldPass("*");
+shouldPass(" * ");
+shouldPass(" *");
+shouldPass(thisOrigin);
+shouldPass(" " + thisOrigin);
+shouldPass(" " + thisOrigin + " ");
+shouldPass(" " + thisOrigin);
shouldFail(location.protocol + "//www2." + location.host);
shouldFail("//" + location.host);
shouldFail("://" + location.host);
@@ -37,15 +48,15 @@ shouldFail("http:://" + location.host);
shouldFail("http:/" + location.host);
shouldFail("http:" + location.host);
shouldFail(location.host);
-shouldFail(location.protocol + "//" + location.host + "?");
-shouldFail(location.protocol + "//" + location.host + "/");
-shouldFail(location.protocol + "//" + location.host + " /");
-shouldFail(location.protocol + "//" + location.host + "#");
-shouldFail(location.protocol + "//" + location.host + "%23");
-shouldFail(location.protocol + "//" + location.host + ":80");
-shouldFail(location.protocol + "//" + location.host + ", *");
-//shouldFail(location.protocol + "//" + location.host + "\0"); // Doesn't fail on Linux. See http://wkbug.com/88688 and http://wkbug.com/88139
-shouldFail((location.protocol + "//" + location.host).toUpperCase());
+shouldFail(thisOrigin + "?");
+shouldFail(thisOrigin + "/");
+shouldFail(thisOrigin + " /");
+shouldFail(thisOrigin + "#");
+shouldFail(thisOrigin + "%23");
+shouldFail(thisOrigin + ":80");
+shouldFail(thisOrigin + ", *");
+//shouldFail(thisOrigin + "\0"); // Doesn't fail on Linux. See http://wkbug.com/88688 and http://wkbug.com/88139
+shouldFail(thisOrigin.toUpperCase());
shouldFail(location.protocol.toUpperCase() + "//" + location.host);
shouldFail("-");
shouldFail("**");
@@ -55,16 +66,20 @@ shouldFail("'*'");
shouldFail('"*"');
shouldFail("* *");
shouldFail("*" + location.protocol + "//" + "*");
-shouldFail("*" + location.protocol + "//" + location.host);
-shouldFail("* " + location.protocol + "//" + location.host);
-shouldFail("*, " + location.protocol + "//" + location.host);
-shouldFail("\0" + location.protocol + "//" + location.host);
-shouldFail("null " + location.protocol + "//" + location.host);
-shouldFail('http://example.net');
-shouldFail('null');
-shouldFail('');
+shouldFail("*" + thisOrigin);
+shouldFail("* " + thisOrigin);
+shouldFail("*, " + thisOrigin);
+shouldFail("\0" + thisOrigin);
+shouldFail("null " + thisOrigin);
+shouldFail("http://example.net");
+shouldFail("http://example.net " + thisOrigin);
+shouldFail("http://example.net, " + thisOrigin);
+shouldFail(["http://example.net", thisOrigin]);
+shouldFail([thisOrigin, thisOrigin]);
+shouldFail("null");
+shouldFail("");
shouldFail(location.href);
-shouldFail(location.href.replace(/\/[^\/]*$/, '/'));
+shouldFail(location.href.replace(/\/[^\/]*$/, "/"));
shouldFail(location.href.replace(location.hostname, "localhost"));
</script>

Powered by Google App Engine
This is Rietveld 408576698