Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(227)

Side by Side Diff: third_party/WebKit/LayoutTests/http/tests/cachestorage/resources/credentials-iframe.html

Issue 2651943002: Block subresource requests whose URLs include credentials. (Closed)
Patch Set: Test. Created 3 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
1 <!DOCTYPE html> 1 <!DOCTYPE html>
2 <meta charset=utf-8> 2 <meta charset=utf-8>
3 <title>Controlled frame for Cache API test with credentials</title> 3 <title>Controlled frame for Cache API test with credentials</title>
4 <script> 4 <script>
5 5
6 function xhr(url, username, password) { 6 function xhr(url, username, password) {
7 return new Promise(function(resolve, reject) { 7 return new Promise(function(resolve, reject) {
8 var xhr = new XMLHttpRequest(), async = true; 8 var xhr = new XMLHttpRequest(), async = true;
9 xhr.open('GET', url, async, username, password); 9 xhr.open('GET', url, async, username, password);
10 xhr.send(); 10 xhr.send();
11 xhr.onreadystatechange = function() { 11 xhr.onreadystatechange = function() {
12 if (xhr.readyState !== XMLHttpRequest.DONE) 12 if (xhr.readyState !== XMLHttpRequest.DONE)
13 return; 13 return;
14 if (xhr.status === 200) { 14 if (xhr.status === 200) {
15 resolve(xhr.responseText); 15 resolve(xhr.responseText);
16 } else { 16 } else {
17 reject(new Error(xhr.statusText)); 17 reject(new Error(xhr.statusText));
18 } 18 }
19 }; 19 };
20 }); 20 });
21 } 21 }
22 22
23 window.onmessage = function(e) { 23 window.onmessage = function(e) {
24 Promise.all(e.data.map(function(item) { 24 Promise.all(e.data.map(function(item) {
25 return xhr(item.name, item.username, item.password); 25 return xhr(item.name, item.username, item.password).catch(_ => {});
26 })) 26 }))
27 .then(function() { 27 .then(function() {
28 navigator.serviceWorker.controller.postMessage('keys'); 28 navigator.serviceWorker.controller.postMessage('keys');
29 navigator.serviceWorker.onmessage = function(e) { 29 navigator.serviceWorker.onmessage = function(e) {
30 window.parent.postMessage(e.data, '*'); 30 window.parent.postMessage(e.data, '*');
31 }; 31 };
32 }); 32 });
33 }; 33 };
34 34
35 </script> 35 </script>
36 <body> 36 <body>
37 Hello? Yes, this is iframe. 37 Hello? Yes, this is iframe.
38 </body> 38 </body>
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698