OLD | NEW |
1 <?php | 1 <?php |
2 header("Suborigin: foobar"); | 2 header("Suborigin: foobar"); |
3 ?> | 3 ?> |
4 <!DOCTYPE html> | 4 <!DOCTYPE html> |
5 <head> | 5 <head> |
6 </head> | 6 </head> |
7 <body> | 7 <body> |
8 <script src="/js-test-resources/js-test.js"></script> | 8 <script src="/js-test-resources/js-test.js"></script> |
9 <script> | 9 <script> |
10 window.jsTestIsAsync = true; | 10 window.jsTestIsAsync = true; |
11 description("The Test passes if 'window.onerror' gets unsanitized inform
ation about an exception thrown in a script loaded with a 'crossorigin' attribut
e, and delivered with valid CORS headers."); | 11 description("The Test passes if 'window.onerror' gets unsanitized inform
ation about an exception thrown in a script loaded with a 'crossorigin' attribut
e, and delivered with valid CORS headers."); |
12 | 12 |
13 window.onerror = function(msg, url, line, column, error) { | 13 window.onerror = function(msg, url, line, column, error) { |
14 window.msg = msg; | 14 window.msg = msg; |
15 window.url = url; | 15 window.url = url; |
16 window.line = line; | 16 window.line = line; |
17 window.column = column; | 17 window.column = column; |
18 window.errorObject = error; | 18 window.errorObject = error; |
19 shouldBeTrue("/SomeError/.test(msg)"); | 19 shouldBeTrue("/SomeError/.test(msg)"); |
20 shouldBeEqualToString("url", "http://127.0.0.1:8000/security/resourc
es/cors-script.php?fail=true&cors=http://foobar_127.0.0.1:8000"); | 20 shouldBeEqualToString("url", "http://127.0.0.1:8000/security/resourc
es/cors-script.php?fail=true&cors=http-so://foobar.127.0.0.1:8000"); |
21 shouldBe("line", "1"); | 21 shouldBe("line", "1"); |
22 shouldBe("column", "1"); | 22 shouldBe("column", "1"); |
23 shouldNotBe("window.errorObject", "null"); | 23 shouldNotBe("window.errorObject", "null"); |
24 finishJSTest(); | 24 finishJSTest(); |
25 } | 25 } |
26 </script> | 26 </script> |
27 <script crossorigin src="/security/resources/cors-script.php?fail=true&cors=
http://foobar_127.0.0.1:8000"></script> | 27 <script crossorigin src="/security/resources/cors-script.php?fail=true&cors=
http-so://foobar.127.0.0.1:8000"></script> |
28 </body> | 28 </body> |
29 </html> | 29 </html> |
OLD | NEW |