Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1075)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: third_party/WebKit/LayoutTests/http/tests/security/text-track-crossorigin.html

Issue 2400433002: Check CORS policy on redirect in TextTrackLoader (Closed)
Patch Set: Created 4 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | third_party/WebKit/LayoutTests/http/tests/security/text-track-crossorigin-expected.txt » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 <!DOCTYPE html> 1 <!DOCTYPE html>
2 <html> 2 <html>
3 <head> 3 <head>
4 <script src="resources/cross-frame-access.js"></script> 4 <script src="resources/cross-frame-access.js"></script>
5 <script> 5 <script>
6 6
7 var shouldLoad = false; 7 var shouldLoad = false;
8 var counter = 0; 8 var counter = 0;
9 9
10 if (window.testRunner) { 10 if (window.testRunner) {
(...skipping 20 matching lines...) Expand all
31 switch(counter) { 31 switch(counter) {
32 case 2: 32 case 2:
33 log('Loading <b>with</b> Access-Control-Allow-Origin and Acc ess-Control-Allow-Credentials headers, setting video.crossorigin to "use-credent ials"'); 33 log('Loading <b>with</b> Access-Control-Allow-Origin and Acc ess-Control-Allow-Credentials headers, setting video.crossorigin to "use-credent ials"');
34 url = "http://localhost:8000/security/resources/captions-wit h-access-control-headers.php?origin=1;credentials=1"; 34 url = "http://localhost:8000/security/resources/captions-wit h-access-control-headers.php?origin=1;credentials=1";
35 trackElement.setAttribute('crossorigin', 'use-credentials'); 35 trackElement.setAttribute('crossorigin', 'use-credentials');
36 trackElement.setAttribute('src', url); 36 trackElement.setAttribute('src', url);
37 ++counter; 37 ++counter;
38 break; 38 break;
39 39
40 case 3: 40 case 3:
41 log('Loading <b>without</b> Access-Control-Allow-Origin head er, with a redirect, no "crossorigin" attribute on &lt;video&gt;');
42 url = "http://127.0.0.1:8000/security/resources/redir.php?ur l=http://localhost:8000/security/resources/captions-with-access-control-headers. php"
43 videoElement.removeAttribute('crossorigin');
44 trackElement.removeAttribute('crossorigin');
45 trackElement.setAttribute('src', url);
46 shouldLoad = false;
47 ++counter;
48 break;
49
50 case 4:
41 log("END OF TEST"); 51 log("END OF TEST");
42 if (window.testRunner) 52 if (window.testRunner)
43 testRunner.notifyDone(); 53 testRunner.notifyDone();
54 break;
44 } 55 }
45 } 56 }
46 57
47 function trackError() 58 function trackError()
48 { 59 {
49 log('EVENT(error)'); 60 log('EVENT(error)');
50 shouldBe('shouldLoad', false); 61 shouldBe('shouldLoad', false);
51 62
52 trackElement = document.querySelectorAll('track')[0]; 63 trackElement = document.querySelectorAll('track')[0];
53 videoElement = document.querySelectorAll('video')[0]; 64 videoElement = document.querySelectorAll('video')[0];
(...skipping 11 matching lines...) Expand all
65 ++counter; 76 ++counter;
66 break; 77 break;
67 78
68 case 1: 79 case 1:
69 log('Loading <b>with</b> Access-Control-Allow-Origin header, leaving video.crossorigin as "anonymous"'); 80 log('Loading <b>with</b> Access-Control-Allow-Origin header, leaving video.crossorigin as "anonymous"');
70 url = "http://localhost:8000/security/resources/captions-wit h-access-control-headers.php?origin=1"; 81 url = "http://localhost:8000/security/resources/captions-wit h-access-control-headers.php?origin=1";
71 trackElement.setAttribute('src', url); 82 trackElement.setAttribute('src', url);
72 shouldLoad = true; 83 shouldLoad = true;
73 ++counter; 84 ++counter;
74 break; 85 break;
86
87 case 4:
88 log("END OF TEST");
89 if (window.testRunner)
90 testRunner.notifyDone();
91 break;
75 } 92 }
76
77 } 93 }
78 94
79 function start() 95 function start()
80 { 96 {
81 trackElement = document.querySelectorAll('track')[0]; 97 trackElement = document.querySelectorAll('track')[0];
82 trackElement.track.mode = "hidden"; 98 trackElement.track.mode = "hidden";
83 log('Loading <b>without</b> Access-Control-Allow-Origin header, no "crossorigin" attribute on &lt;video&gt;'); 99 log('Loading <b>without</b> Access-Control-Allow-Origin header, no "crossorigin" attribute on &lt;video&gt;');
84 var url = "http://localhost:8000/security/resources/captions-wit h-access-control-headers.php" 100 var url = "http://localhost:8000/security/resources/captions-wit h-access-control-headers.php"
85 trackElement.setAttribute('src', url); 101 trackElement.setAttribute('src', url);
86 } 102 }
87 103
88 </script> 104 </script>
89 </head> 105 </head>
90 <body onload="start()"> 106 <body onload="start()">
91 <p>Tests loading cross-domain &lt;track&gt;.</p> 107 <p>Tests loading cross-domain &lt;track&gt;.</p>
92 <video > 108 <video >
93 <track kind="captions" onerror="trackError()" onload="trackLoaded()" > 109 <track kind="captions" onerror="trackError()" onload="trackLoaded()" >
94 </video> 110 </video>
95 <div id="console"></div> 111 <div id="console"></div>
96 </body> 112 </body>
97 </html> 113 </html>
OLDNEW
« no previous file with comments | « no previous file | third_party/WebKit/LayoutTests/http/tests/security/text-track-crossorigin-expected.txt » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698