third_party/WebKit/LayoutTests/http/tests/security/location-href-clears-username-password.html - Issue 2651943002: Block subresource requests whose URLs include credentials.

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: third_party/WebKit/LayoutTests/http/tests/security/location-href-clears-username-password.html

Issue 2651943002: Block subresource requests whose URLs include credentials. (Closed)

Patch Set: Test. Created 3 years, 8 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

OLD	NEW
1 <!DOCTYPE HTML>	1 <!DOCTYPE HTML>

2 <html>	2 <html>

3 <head>	3 <head>

4 <script>	4 <script>

5 window.onload = function()	5 window.onload = function()

6 {	6 {

7 if (window.testRunner)	7 if (window.testRunner)

8 {	8 {

9 testRunner.dumpAsText();	9 testRunner.dumpAsText();

10 testRunner.waitUntilDone();	10 testRunner.waitUntilDone();

	11 testRunner.setCanOpenWindows(true);

11 }	12 }

12	13

13 var div = document.getElementById('div1');	14 window.addEventListener("message", e => {

14 var frame = document.createElement('iframe');	15 var href = e.data.location;

15 frame.setAttribute('src', 'http://_username:_password@'

16 + location.host + '/security/resources/blank.html');

17 document.body.appendChild(frame);

18

19 frame.onload = function() {

20 var href = frame.contentWindow.location.href;

21 if (href.indexOf('_username') === -1 &&	16 if (href.indexOf('_username') === -1 &&

22 href.indexOf('_password') === -1) {	17 href.indexOf('_password') === -1) {

23 alert('PASS');	18 alert('PASS');

24 }	19 }

25 if (window.testRunner)	20 if (window.testRunner)

26 testRunner.notifyDone();	21 testRunner.notifyDone();

27 }	22 });

	23

	24 var w = window.open('http://_username:_password@127.0.0.1:8000/security/reso urces/post-location-to-opener.html');

28 }	25 }

29 </script>	26 </script>

30 </head>	27 </head>

31 <body>This test passes if it alerts the string "PASS".<br/></body>	28 <body>This test passes if it alerts the string "PASS".<br/></body>

32 </html>	29 </html>

OLD	NEW