| Index: LayoutTests/http/tests/htmlimports/redirect-cross-origin-cross-same.html
|
| diff --git a/LayoutTests/http/tests/htmlimports/redirect-cross-origin-cross-same.html b/LayoutTests/http/tests/htmlimports/redirect-cross-origin-cross-same.html
|
| new file mode 100644
|
| index 0000000000000000000000000000000000000000..74fd15747723978951aa978adef0ec9f4b5202f3
|
| --- /dev/null
|
| +++ b/LayoutTests/http/tests/htmlimports/redirect-cross-origin-cross-same.html
|
| @@ -0,0 +1,29 @@
|
| +<!DOCTYPE html>
|
| +<html>
|
| +<head>
|
| +<script src="../../../resources/testharness.js"></script>
|
| +<script src="../../../resources/testharnessreport.js"></script>
|
| +<link rel="help" "https://dvcs.w3.org/hg/webcomponents/raw-file/tip/spec/imports/index.html#imported-document" />
|
| +
|
| +<link id="cors-same" rel="import" href="http://localhost:8000/security/resources/cors-redir.php?url=http://127.0.0.1:8000/htmlimports/resources/hello.html">
|
| +</head>
|
| +
|
| +<script>
|
| +function assert_loaded(id)
|
| +{
|
| + var target = document.getElementById(id);
|
| + assert_true(target.import instanceof Document)
|
| + assert_true(0 <= target.import.querySelector("h1").innerHTML.indexOf("Hello"));
|
| +}
|
| +
|
| +function assert_not_loaded(id)
|
| +{
|
| + var target = document.getElementById(id);
|
| + assert_equals(target.import, null);
|
| +}
|
| +
|
| +// Redirect passes CORS check, but the redirect is to another origin (hence a unique origin must be used.) This does not pass the final access control check.
|
| +test(function() { assert_not_loaded("cors-same"); }, "Accessing to a same origin import including CORS domain redirect");
|
| +</script>
|
| +</body>
|
| +</html>
|
|
|
Chromium Code Reviews
Issue 149643003:
Improve handling of CORS redirects for some resource loads. (Closed)
Base URL: https://chromium.googlesource.com/chromium/blink.git@master