Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(20)

Side by Side Diff: third_party/WebKit/LayoutTests/fast/xmlhttprequest/xmlhttprequest-open-exceptions.html

Issue 2456013002: CSP: 'connect-src' should not cause exceptions. (Closed)
Patch Set: Ugh. Created 3 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
1 <!DOCTYPE html> 1 <!DOCTYPE html>
2 <html> 2 <html>
3 <head> 3 <head>
4 <meta http-equiv="Content-Security-Policy" content="connect-src http://examp le.com"> 4 <meta http-equiv="Content-Security-Policy" content="connect-src http://examp le.com">
5 </head> 5 </head>
6 <body> 6 <body>
7 <script src="../../resources/js-test.js"></script> 7 <script src="../../resources/js-test.js"></script>
8 <script> 8 <script>
9 description("This tests that exceptions thrown by XHR.open() have reason able messages."); 9 description("This tests that exceptions thrown by XHR.open() have reason able messages.");
10 10
11 var xhrException; 11 var xhrException;
12 try { 12 try {
13 var xhr = new XMLHttpRequest(); 13 var xhr = new XMLHttpRequest();
14 xhr.open("TRACE", "http://example.com/"); 14 xhr.open("TRACE", "http://example.com/");
15 testFailed("xhr.open should throw an exception with a forbidden meth od type."); 15 testFailed("xhr.open should throw an exception with a forbidden meth od type.");
16 } catch (e) { 16 } catch (e) {
17 xhrException = e; 17 xhrException = e;
18 shouldBeEqualToString("xhrException.message", "Failed to execute 'op en' on 'XMLHttpRequest': 'TRACE' HTTP method is unsupported."); 18 shouldBeEqualToString("xhrException.message", "Failed to execute 'op en' on 'XMLHttpRequest': 'TRACE' HTTP method is unsupported.");
19 } 19 }
20 20
21 try {
22 var xhr = new XMLHttpRequest();
23 xhr.open("GET", "http://not.example.com/");
24 testFailed("xhr.open to a URL blocked by CSP should throw an excepti on.");
25 } catch (e) {
26 xhrException = e;
27 shouldBeEqualToString("xhrException.message", "Failed to execute 'op en' on 'XMLHttpRequest': Refused to connect to 'http://not.example.com/' because it violates the document's Content Security Policy.");
28 }
29
30 var badString = { toString: function() { throw "Exception in toString()" ; } }; 21 var badString = { toString: function() { throw "Exception in toString()" ; } };
31 var xhr = new XMLHttpRequest(); 22 var xhr = new XMLHttpRequest();
32 shouldBe("xhr.readyState", "XMLHttpRequest.UNSENT"); 23 shouldBe("xhr.readyState", "XMLHttpRequest.UNSENT");
33 shouldThrow("xhr.open('GET', 'resources/xmlhttprequest-get-data.xml', tr ue, badString, 'password');", "'Exception in toString()'"); 24 shouldThrow("xhr.open('GET', 'resources/xmlhttprequest-get-data.xml', tr ue, badString, 'password');", "'Exception in toString()'");
34 shouldBe("xhr.readyState", "XMLHttpRequest.UNSENT"); 25 shouldBe("xhr.readyState", "XMLHttpRequest.UNSENT");
35 shouldThrow("xhr.open('GET', 'resources/xmlhttprequest-get-data.xml', tr ue, 'username', badString);", "'Exception in toString()'"); 26 shouldThrow("xhr.open('GET', 'resources/xmlhttprequest-get-data.xml', tr ue, 'username', badString);", "'Exception in toString()'");
36 shouldBe("xhr.readyState", "XMLHttpRequest.UNSENT"); 27 shouldBe("xhr.readyState", "XMLHttpRequest.UNSENT");
37 </script> 28 </script>
38 </body> 29 </body>
39 </html> 30 </html>
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698