| OLD | NEW |
|---|
| 1 <html> | 1 <html> |
| 2 <body> | 2 <body> |
| 3 <p>Test that setRequestHeader cannot be used to alter security-sensitive headers | 3 <p>Test that setRequestHeader cannot be used to alter security-sensitive headers |
| 4 for file:// urls.</p> | 4 for file:// urls.</p> |
| 5 <pre id=result>FAIL: script didn't run or raised an unexpected exception.</pre> | 5 <pre id=result>FAIL: script didn't run or raised an unexpected exception.</pre> |
| 6 <script> | 6 <script> |
| 7 if (window.testRunner) | 7 if (window.testRunner) |
| 8 testRunner.dumpAsText(); | 8 testRunner.dumpAsText(); |
| 9 | 9 |
| 10 if (window.location.href.indexOf("file://") != 0) { | 10 if (window.location.href.indexOf("file://") != 0) { |
| (...skipping 20 matching lines...) Expand all Loading... |
| 31 req.setRequestHeader("DNT", "foobar"); | 31 req.setRequestHeader("DNT", "foobar"); |
| 32 req.setRequestHeader("EXPECT", "100-continue"); | 32 req.setRequestHeader("EXPECT", "100-continue"); |
| 33 req.setRequestHeader("HOST", "foobar"); | 33 req.setRequestHeader("HOST", "foobar"); |
| 34 req.setRequestHeader("KEEP-ALIVE", "foobar"); | 34 req.setRequestHeader("KEEP-ALIVE", "foobar"); |
| 35 req.setRequestHeader("ORIGIN", "foobar"); | 35 req.setRequestHeader("ORIGIN", "foobar"); |
| 36 req.setRequestHeader("REFERER", "foobar"); | 36 req.setRequestHeader("REFERER", "foobar"); |
| 37 req.setRequestHeader("TE", "foobar"); | 37 req.setRequestHeader("TE", "foobar"); |
| 38 req.setRequestHeader("TRAILER", "foobar"); | 38 req.setRequestHeader("TRAILER", "foobar"); |
| 39 req.setRequestHeader("TRANSFER-ENCODING", "foobar"); | 39 req.setRequestHeader("TRANSFER-ENCODING", "foobar"); |
| 40 req.setRequestHeader("UPGRADE", "foobar"); | 40 req.setRequestHeader("UPGRADE", "foobar"); |
| 41 req.setRequestHeader("USER-AGENT", "foobar"); | |
| 42 req.setRequestHeader("VIA", "foobar"); | 41 req.setRequestHeader("VIA", "foobar"); |
| 43 | 42 |
| 44 req.setRequestHeader("Proxy-", "foobar"); | 43 req.setRequestHeader("Proxy-", "foobar"); |
| 45 req.setRequestHeader("Proxy-test", "foobar"); | 44 req.setRequestHeader("Proxy-test", "foobar"); |
| 46 req.setRequestHeader("PROXY-FOO", "foobar"); | 45 req.setRequestHeader("PROXY-FOO", "foobar"); |
| 47 | 46 |
| 48 req.setRequestHeader("Sec-", "foobar"); | 47 req.setRequestHeader("Sec-", "foobar"); |
| 49 req.setRequestHeader("Sec-test", "foobar"); | 48 req.setRequestHeader("Sec-test", "foobar"); |
| 50 req.setRequestHeader("SEC-FOO", "foobar"); | 49 req.setRequestHeader("SEC-FOO", "foobar"); |
| 51 | 50 |
| 52 try { | 51 try { |
| 53 req.send(""); | 52 req.send(""); |
| 54 if (req.responseText.match("100-continue|foobar|123456")) | 53 if (req.responseText.match("100-continue|foobar|123456")) |
| 55 document.getElementById("result").textContent = | 54 document.getElementById("result").textContent = |
| 56 req.responseText; | 55 req.responseText; |
| 57 else | 56 else |
| 58 document.getElementById("result").textContent = "SUCCESS"; | 57 document.getElementById("result").textContent = "SUCCESS"; |
| 59 } catch (ex) { | 58 } catch (ex) { |
| 60 document.getElementById("result").textContent = ex; | 59 document.getElementById("result").textContent = ex; |
| 61 } | 60 } |
| 62 } | 61 } |
| 63 </script> | 62 </script> |
| 64 </body> | 63 </body> |
| 65 </html> | 64 </html> |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2254693002:
Delay generation of User-Agent header to URLRequestHttpJob and accept custom User-Agent from XHR/Fe…
Base URL: https://chromium.googlesource.com/chromium/src.git@master