Index: third_party/WebKit/LayoutTests/http/tests/xmlhttprequest/set-dangerous-headers.html |
diff --git a/third_party/WebKit/LayoutTests/http/tests/xmlhttprequest/set-dangerous-headers.html b/third_party/WebKit/LayoutTests/http/tests/xmlhttprequest/set-dangerous-headers.html |
index 6427b15c77369f0a348d0aa12f4caa1f678a9302..ee28c00f425ae31ecf750306bffcc3b87fcf2283 100644 |
--- a/third_party/WebKit/LayoutTests/http/tests/xmlhttprequest/set-dangerous-headers.html |
+++ b/third_party/WebKit/LayoutTests/http/tests/xmlhttprequest/set-dangerous-headers.html |
@@ -5,7 +5,7 @@ |
<script> |
if (window.testRunner) |
testRunner.dumpAsText(); |
- |
+ |
req = new XMLHttpRequest; |
req.open("GET", "resources/print-headers.cgi", false); |
@@ -13,11 +13,6 @@ |
req.setRequestHeader("ACCEPT-ENCODING", "foobar"); |
req.setRequestHeader("ACCESS-CONTROL-REQUEST-HEADERS", "foobar"); |
req.setRequestHeader("ACCESS-CONTROL-REQUEST-METHOD", "foobar"); |
- // AUTHORIZATION is no longer forbidden. See |
- // https://bugs.webkit.org/show_bug.cgi?id=24957 for more details. Set to |
- // a value other than the foobar since some http servers (lighttp) do not |
- // strip this out (Apache does). |
- req.setRequestHeader("AUTHORIZATION", "baz"); |
req.setRequestHeader("CONNECTION", "foobar"); |
req.setRequestHeader("CONTENT-LENGTH", "123456"); |
req.setRequestHeader("COOKIE", "foobar"); |
@@ -33,7 +28,6 @@ |
req.setRequestHeader("TRAILER", "foobar"); |
req.setRequestHeader("TRANSFER-ENCODING", "foobar"); |
req.setRequestHeader("UPGRADE", "foobar"); |
- req.setRequestHeader("USER-AGENT", "foobar"); |
req.setRequestHeader("VIA", "foobar"); |
req.setRequestHeader("Proxy-", "foobar"); |
@@ -45,7 +39,7 @@ |
req.setRequestHeader("SEC-FOO", "foobar"); |
try { |
- req.send(""); |
+ req.send(); |
if (req.responseText.match("100-continue|foobar|123456")) |
document.getElementById("result").textContent = req.responseText; |
else |