| Index: LayoutTests/http/tests/htmlimports/redirect-cross-origin.html
|
| diff --git a/LayoutTests/http/tests/htmlimports/redirect-cross-origin.html b/LayoutTests/http/tests/htmlimports/redirect-cross-origin.html
|
| new file mode 100644
|
| index 0000000000000000000000000000000000000000..dbab0074dee19eb986e4ee293487a4637a924771
|
| --- /dev/null
|
| +++ b/LayoutTests/http/tests/htmlimports/redirect-cross-origin.html
|
| @@ -0,0 +1,40 @@
|
| +<!DOCTYPE html>
|
| +<html>
|
| +<head>
|
| +<script src="../../../resources/testharness.js"></script>
|
| +<script src="../../../resources/testharnessreport.js"></script>
|
| +<link rel="help" "https://dvcs.w3.org/hg/webcomponents/raw-file/tip/spec/imports/index.html#imported-document" />
|
| +
|
| +<link id="xs-same" rel="import" href="http://localhost:8000/security/resources/redir.php?url=http://127.0.0.1:8000/htmlimports/resources/hello.html">
|
| +<link id="xs-cors" rel="import" href="http://localhost:8000/security/resources/redir.php?url=http://127.0.0.1:8000/htmlimports/resources/cors-basic.cgi">
|
| +
|
| +<link id="same-xs-same" rel="import" href="/security/resources/redir.php?url=http%3A%2F%2Flocalhost%3A8000%2Fsecurity%2Fresources%2Fredir.php%3Furl%3Dhttp%3A%2F%2F127.0.0.1%3A8000%2Fhtmlimports%2Fresources%2Fhello.html">
|
| +<link id="same-xs-cors" rel="import" href="/security/resources/redir.php?url=http%3A%2F%2Flocalhost%3A8000%2Fsecurity%2Fresources%2Fredir.php%3Furl%3Dhttp%3A%2F%2F127.0.0.1%3A8000%2Fhtmlimports%2Fresources%2Fcors-basic.cgi">
|
| +
|
| +<link id="cors-xs-same" rel="import" href="http://localhost:8000//security/resources/cors-redir.php?url=http%3A%2F%2Flocalhost%3A8000%2Fsecurity%2Fresources%2Fredir.php%3Furl%3Dhttp%3A%2F%2F127.0.0.1%3A8000%2Fhtmlimports%2Fresources%2Fhello.html">
|
| +</head>
|
| +<body>
|
| +<script>
|
| +function assert_loaded(id)
|
| +{
|
| + var target = document.getElementById(id);
|
| + assert_true(target.import instanceof Document)
|
| + assert_true(0 <= target.import.querySelector("h1").innerHTML.indexOf("Hello"));
|
| +}
|
| +
|
| +function assert_not_loaded(id)
|
| +{
|
| + var target = document.getElementById(id);
|
| + assert_equals(target.import, null);
|
| +}
|
| +
|
| +test(function() { assert_not_loaded("xs-same"); }, "Blocking access to a same origin import including cross domain redirect");
|
| +test(function() { assert_not_loaded("xs-cors"); }, "Blocking access to a CORS origin import including cross domain redirect");
|
| +
|
| +test(function() { assert_not_loaded("same-xs-same"); }, "Blocking access to a same origin import including intermediate cross domain redirect");
|
| +test(function() { assert_not_loaded("same-xs-cors"); }, "Blocking access to a CORS origin import including intermediate cross domain redirect");
|
| +
|
| +test(function() { assert_not_loaded("cors-xs-same"); }, "Blocking access to a CORS requested but eventually same origin import including intermediate cross domain redirect");
|
| +</script>
|
| +</body>
|
| +</html>
|
|
|
Chromium Code Reviews
Issue 149643003:
Improve handling of CORS redirects for some resource loads. (Closed)
Base URL: https://chromium.googlesource.com/chromium/blink.git@master