| Index: third_party/WebKit/LayoutTests/http/tests/fetch/script-tests/thorough/cors-preflight2.js
|
| diff --git a/third_party/WebKit/LayoutTests/http/tests/fetch/script-tests/thorough/cors-preflight2.js b/third_party/WebKit/LayoutTests/http/tests/fetch/script-tests/thorough/cors-preflight2.js
|
| index b09bd7f85dba72c41cb6f8fc46c8340c09e2cd9b..ec49232ebb71ec4684b9013081405598a45e2320 100644
|
| --- a/third_party/WebKit/LayoutTests/http/tests/fetch/script-tests/thorough/cors-preflight2.js
|
| +++ b/third_party/WebKit/LayoutTests/http/tests/fetch/script-tests/thorough/cors-preflight2.js
|
| @@ -18,149 +18,157 @@ var TEST_TARGETS = [];
|
| // https://fetch.spec.whatwg.org/#cors-preflight-fetch
|
| // Tests for Access-Control-Allow-Methods header.
|
| // Tests for Access-Control-Allow-Headers header.
|
| - [OTHER_BASE_URL + 'mode=cors&method=' + method,
|
| + [OTHER_BASE_URL + 'mode=cors&credentials=same-origin&method=' + method,
|
| [fetchRejected]],
|
| - [OTHER_BASE_URL + 'mode=cors&method=' + method + '&ACAMethods=' + method,
|
| + [OTHER_BASE_URL + 'mode=cors&credentials=same-origin&method=' + method +
|
| + '&ACAMethods=' + method,
|
| [fetchRejected]],
|
| - [OTHER_BASE_URL + 'mode=cors&method=' + method + '&ACAOrigin=*',
|
| + [OTHER_BASE_URL + 'mode=cors&credentials=same-origin&method=' + method +
|
| + '&ACAOrigin=*',
|
| [fetchRejected]],
|
| - [OTHER_BASE_URL + 'mode=cors&method=' + method +
|
| + [OTHER_BASE_URL + 'mode=cors&credentials=same-origin&method=' + method +
|
| '&ACAOrigin=*&ACAMethods=' + method,
|
| [fetchResolved, noContentLength, noServerHeader, hasBody, typeCors],
|
| [checkMethod]],
|
| - [OTHER_BASE_URL + 'mode=cors&method=' + method +
|
| + [OTHER_BASE_URL + 'mode=cors&credentials=same-origin&method=' + method +
|
| '&ACAOrigin=*&headers=CUSTOM&ACAMethods=' + method,
|
| [fetchRejected]],
|
| - [OTHER_BASE_URL + 'mode=cors&method=' + method +
|
| + [OTHER_BASE_URL + 'mode=cors&credentials=same-origin&method=' + method +
|
| '&ACAOrigin=*&headers=CUSTOM&ACAMethods=' + method +
|
| '&ACAHeaders=x-serviceworker-test',
|
| [fetchResolved, noContentLength, noServerHeader, hasBody, typeCors],
|
| [checkMethod, hasCustomHeader]],
|
| - [OTHER_BASE_URL + 'mode=cors&method=' + method +
|
| + [OTHER_BASE_URL + 'mode=cors&credentials=same-origin&method=' + method +
|
| '&ACAOrigin=*&headers=CUSTOM&ACAMethods=' + method +
|
| - '&ACAHeaders=x-serviceworker-test&ACEHeaders=Content-Length, X-ServiceWorker-ServerHeader',
|
| + '&ACAHeaders=x-serviceworker-test' +
|
| + '&ACEHeaders=Content-Length, X-ServiceWorker-ServerHeader',
|
| [fetchResolved, hasContentLength, hasServerHeader, hasBody, typeCors],
|
| [checkMethod, hasCustomHeader]],
|
| - [OTHER_BASE_URL + 'mode=cors&method=' + method +
|
| + [OTHER_BASE_URL + 'mode=cors&credentials=same-origin&method=' + method +
|
| '&ACAOrigin=*&headers=CUSTOM&ACAMethods=PUT, XXX',
|
| [fetchRejected]],
|
| - [OTHER_BASE_URL + 'mode=cors&method=' + method +
|
| - '&ACAOrigin=*&headers=CUSTOM&ACAMethods=PUT, XXX&ACAHeaders=x-serviceworker-test',
|
| + [OTHER_BASE_URL + 'mode=cors&credentials=same-origin&method=' + method +
|
| + '&ACAOrigin=*&headers=CUSTOM&ACAMethods=PUT, XXX' +
|
| + '&ACAHeaders=x-serviceworker-test',
|
| [fetchResolved, noContentLength, noServerHeader, hasBody, typeCors],
|
| [checkMethod, hasCustomHeader]],
|
| - [OTHER_BASE_URL + 'mode=cors&method=' + method +
|
| - '&ACAOrigin=*&headers=CUSTOM&ACAMethods=PUT, XXX&ACAHeaders=x-serviceworker-test&ACEHeaders=Content-Length, X-ServiceWorker-ServerHeader',
|
| + [OTHER_BASE_URL + 'mode=cors&credentials=same-origin&method=' + method +
|
| + '&ACAOrigin=*&headers=CUSTOM&ACAMethods=PUT, XXX' +
|
| + '&ACAHeaders=x-serviceworker-test&ACEHeaders=Content-Length, X-ServiceWorker-ServerHeader',
|
| [fetchResolved, hasContentLength, hasServerHeader, hasBody, typeCors],
|
| [checkMethod, hasCustomHeader]],
|
| - [OTHER_BASE_URL + 'mode=cors&method=' + method +
|
| + [OTHER_BASE_URL + 'mode=cors&credentials=same-origin&method=' + method +
|
| '&ACAOrigin=' + BASE_ORIGIN,
|
| [fetchRejected]],
|
| - [OTHER_BASE_URL + 'mode=cors&method=' + method +
|
| + [OTHER_BASE_URL + 'mode=cors&credentials=same-origin&method=' + method +
|
| '&ACAOrigin=' + BASE_ORIGIN + '&ACAMethods=' + method,
|
| [fetchResolved, noContentLength, noServerHeader, hasBody, typeCors],
|
| [checkMethod]],
|
| - [OTHER_BASE_URL + 'mode=cors&method=' + method +
|
| + [OTHER_BASE_URL + 'mode=cors&credentials=same-origin&method=' + method +
|
| '&ACAOrigin=' + BASE_ORIGIN + '&headers=CUSTOM&ACAMethods=' + method,
|
| [fetchRejected]],
|
| - [OTHER_BASE_URL + 'mode=cors&method=' + method +
|
| + [OTHER_BASE_URL + 'mode=cors&credentials=same-origin&method=' + method +
|
| '&ACAOrigin=' + BASE_ORIGIN + '&headers=CUSTOM&ACAMethods=' + method +
|
| '&ACAHeaders=x-serviceworker-test',
|
| [fetchResolved, noContentLength, noServerHeader, hasBody, typeCors],
|
| [checkMethod, hasCustomHeader]],
|
| - [OTHER_BASE_URL + 'mode=cors&method=' + method +
|
| + [OTHER_BASE_URL + 'mode=cors&credentials=same-origin&method=' + method +
|
| '&ACAOrigin=' + BASE_ORIGIN + '&headers=CUSTOM&ACAMethods=' + method +
|
| - '&ACAHeaders=x-serviceworker-test&ACEHeaders=Content-Length, X-ServiceWorker-ServerHeader',
|
| + '&ACAHeaders=x-serviceworker-test' +
|
| + '&ACEHeaders=Content-Length, X-ServiceWorker-ServerHeader',
|
| [fetchResolved, hasContentLength, hasServerHeader, hasBody, typeCors],
|
| [checkMethod, hasCustomHeader]],
|
| - [OTHER_BASE_URL + 'mode=cors&method=' + method +
|
| + [OTHER_BASE_URL + 'mode=cors&credentials=same-origin&method=' + method +
|
| '&ACAOrigin=' + BASE_ORIGIN + '&headers=CUSTOM&ACAMethods=PUT, XXX',
|
| [fetchRejected]],
|
| - [OTHER_BASE_URL + 'mode=cors&method=' + method +
|
| + [OTHER_BASE_URL + 'mode=cors&credentials=same-origin&method=' + method +
|
| '&ACAOrigin=' + BASE_ORIGIN +
|
| '&headers=CUSTOM&ACAMethods=PUT, XXX&ACAHeaders=x-serviceworker-test',
|
| [fetchResolved, noContentLength, noServerHeader, hasBody, typeCors],
|
| [checkMethod, hasCustomHeader]],
|
| - [OTHER_BASE_URL + 'mode=cors&method=' + method +
|
| + [OTHER_BASE_URL + 'mode=cors&credentials=same-origin&method=' + method +
|
| '&ACAOrigin=' + BASE_ORIGIN +
|
| - '&headers=CUSTOM&ACAMethods=PUT, XXX&ACAHeaders=x-serviceworker-test&ACEHeaders=Content-Length, X-ServiceWorker-ServerHeader',
|
| + '&headers=CUSTOM&ACAMethods=PUT, XXX&ACAHeaders=x-serviceworker-test' +
|
| + '&ACEHeaders=Content-Length, X-ServiceWorker-ServerHeader',
|
| [fetchResolved, hasContentLength, hasServerHeader, hasBody, typeCors],
|
| [checkMethod, hasCustomHeader]],
|
|
|
| // Test that Access-Control-Allow-Methods is checked in
|
| // CORS preflight fetch.
|
| - [OTHER_BASE_URL + 'mode=cors&method=' + method +
|
| + [OTHER_BASE_URL + 'mode=cors&credentials=same-origin&method=' + method +
|
| '&ACAOrigin=*&PACAOrigin=*&PACAMethods=' + method + '&PreflightTest=200',
|
| [fetchResolved, noContentLength, noServerHeader, hasBody, typeCors],
|
| [checkMethod]],
|
| - [OTHER_BASE_URL + 'mode=cors&method=' + method +
|
| + [OTHER_BASE_URL + 'mode=cors&credentials=same-origin&method=' + method +
|
| '&ACAOrigin=*&PACAOrigin=*&ACAMethods=' + method + '&PreflightTest=200',
|
| [fetchRejected]],
|
|
|
| // Test that Access-Control-Allow-Headers is checked in
|
| // CORS preflight fetch.
|
| - [OTHER_BASE_URL + 'mode=cors&method=' + method +
|
| + [OTHER_BASE_URL + 'mode=cors&credentials=same-origin&method=' + method +
|
| '&headers=CUSTOM&ACAOrigin=*&PACAOrigin=*&PACAMethods=' + method +
|
| '&PACAHeaders=x-serviceworker-test&PreflightTest=200',
|
| [fetchResolved, noContentLength, noServerHeader, hasBody, typeCors],
|
| [checkMethod, hasCustomHeader]],
|
| - [OTHER_BASE_URL + 'mode=cors&method=' + method +
|
| + [OTHER_BASE_URL + 'mode=cors&credentials=same-origin&method=' + method +
|
| '&headers=CUSTOM&ACAOrigin=*&PACAOrigin=*&PACAMethods=' + method +
|
| '&ACAHeaders=x-serviceworker-test&PreflightTest=200',
|
| [fetchRejected]],
|
|
|
| // Test that CORS check is done in both preflight and main fetch.
|
| - [OTHER_BASE_URL + 'mode=cors&method=' + method +
|
| + [OTHER_BASE_URL + 'mode=cors&credentials=same-origin&method=' + method +
|
| '&ACAOrigin=*&PACAMethods=' + method + '&PreflightTest=200',
|
| [fetchRejected]],
|
| - [OTHER_BASE_URL + 'mode=cors&method=' + method +
|
| + [OTHER_BASE_URL + 'mode=cors&credentials=same-origin&method=' + method +
|
| '&PACAOrigin=*&PACAMethods=' + method + '&PreflightTest=200',
|
| [fetchRejected]],
|
|
|
| // Test that Access-Control-Expose-Headers of CORS preflight is ignored.
|
| - [OTHER_BASE_URL + 'mode=cors&method=' + method +
|
| + [OTHER_BASE_URL + 'mode=cors&credentials=same-origin&method=' + method +
|
| '&ACAOrigin=*&PACAOrigin=*&PACAMethods=' + method +
|
| - '&PACEHeaders=Content-Length, X-ServiceWorker-ServerHeader&PreflightTest=200',
|
| + '&PACEHeaders=Content-Length, X-ServiceWorker-ServerHeader' +
|
| + '&PreflightTest=200',
|
| [fetchResolved, noContentLength, noServerHeader, hasBody, typeCors],
|
| [checkMethod]],
|
|
|
| // Test that CORS preflight with Status 2XX succeeds.
|
| - [OTHER_BASE_URL + 'mode=cors&method=' + method +
|
| + [OTHER_BASE_URL + 'mode=cors&credentials=same-origin&method=' + method +
|
| '&ACAOrigin=*&PACAOrigin=*&PACAMethods=' + method + '&PreflightTest=201',
|
| [fetchResolved, noContentLength, noServerHeader, hasBody, typeCors],
|
| [checkMethod]],
|
|
|
| // Test that CORS preflight with Status other than 2XX fails.
|
| // https://crbug.com/452394
|
| - [OTHER_BASE_URL + 'mode=cors&method=' + method +
|
| + [OTHER_BASE_URL + 'mode=cors&credentials=same-origin&method=' + method +
|
| '&ACAOrigin=*&PACAOrigin=*&PACAMethods=' + method + '&PreflightTest=301',
|
| [fetchRejected]],
|
| - [OTHER_BASE_URL + 'mode=cors&method=' + method +
|
| + [OTHER_BASE_URL + 'mode=cors&credentials=same-origin&method=' + method +
|
| '&ACAOrigin=*&PACAOrigin=*&PACAMethods=' + method + '&PreflightTest=401',
|
| [fetchRejected]],
|
| - [OTHER_BASE_URL + 'mode=cors&method=' + method +
|
| + [OTHER_BASE_URL + 'mode=cors&credentials=same-origin&method=' + method +
|
| '&ACAOrigin=*&PACAOrigin=*&PACAMethods=' + method + '&PreflightTest=500',
|
| [fetchRejected]],
|
|
|
| // Test CORS preflight with multiple request headers.
|
| - [OTHER_BASE_URL + 'mode=cors&method=' + method +
|
| + [OTHER_BASE_URL + 'mode=cors&credentials=same-origin&method=' + method +
|
| '&headers=CUSTOM2&ACAOrigin=*&PACAOrigin=*&PACAMethods=' + method +
|
| '&PACAHeaders=x-servicEworker-u, x-servicEworker-ua, x-servicewOrker-test, x-sErviceworker-s, x-sErviceworker-v&PreflightTest=200',
|
| [fetchResolved, noContentLength, noServerHeader, hasBody, typeCors],
|
| [checkMethod, hasCustomHeader2]],
|
| - [OTHER_BASE_URL + 'mode=cors&method=' + method +
|
| + [OTHER_BASE_URL + 'mode=cors&credentials=same-origin&method=' + method +
|
| '&headers=CUSTOM2&ACAOrigin=*&PACAOrigin=*&PACAMethods=' + method +
|
| '&PACAHeaders=x-servicewOrker-test&PreflightTest=200',
|
| [fetchRejected]],
|
|
|
| // Test request headers sent in CORS preflight requests.
|
| - [OTHER_BASE_URL + 'mode=cors&method=' + method +
|
| + [OTHER_BASE_URL + 'mode=cors&credentials=same-origin&method=' + method +
|
| '&headers=CUSTOM&ACAOrigin=*&PACAOrigin=*&PACAMethods=' + method +
|
| '&PACAHeaders=x-serviceworker-test&PACRMethod=' + method +
|
| '&PACRHeaders=x-serviceworker-test&PreflightTest=200',
|
| [fetchResolved, noContentLength, noServerHeader, hasBody, typeCors],
|
| [checkMethod, hasCustomHeader]],
|
| // Test Access-Control-Request-Headers is sorted https://crbug.com/452391
|
| - [OTHER_BASE_URL + 'mode=cors&method=' + method +
|
| + [OTHER_BASE_URL + 'mode=cors&credentials=same-origin&method=' + method +
|
| '&headers=CUSTOM2&ACAOrigin=*&PACAOrigin=*&PACAMethods=' + method +
|
| '&PACAHeaders=x-servicEworker-u, x-servicEworker-ua, x-servicewOrker-test, x-sErviceworker-s, x-sErviceworker-v&PACRMethod=' + method +
|
| '&PACRHeaders=x-serviceworker-s, x-serviceworker-test, x-serviceworker-u, x-serviceworker-ua, x-serviceworker-v&PreflightTest=200',
|
|
|
Chromium Code Reviews
Issue 1665533003:
Set the request mode and the credentials mode of FetchEvent in the service worker correctly. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master