Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(456)

Side by Side Diff: third_party/WebKit/LayoutTests/http/tests/xmlhttprequest/logout.html

Issue 2651943002: Block subresource requests whose URLs include credentials. (Closed)
Patch Set: Test. Created 3 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
(Empty)
1 <body>
2 <p><a href="rdar://problem/6447115">rdar://problem/6447115</a> Test that a metho d for logging out of a site that is used by SAP works.</p>
3 <p>If an authentication dialog appears, please cancel it.</p>
4 <span>Login: </span><span id="login">FAIL - Test not run</span><br>
5 <span>Async request sent before logout: </span><span id="async">FAIL - Test not run</span><br>
6 <span>Logout: </span><span id="logout">FAIL - Test not run</span>
7 <script>
8 if (window.testRunner) {
9 testRunner.dumpAsText();
10 testRunner.waitUntilDone();
11 }
12
13 function login()
14 {
15 var xhr = new XMLHttpRequest;
16 // "?login" is only here for ease of debugging; it doesn't affect behavior.
17 xhr.open("GET", "resources/logout/resource.php?login", false, "user", "pass" );
18 xhr.send("");
19 }
20
21 function logout()
22 {
23 var xhr = new XMLHttpRequest;
24 // logout.html doesn't even exist - we don't need to send this request to se rver.
25 xhr.open("GET", "resources/logout/subdirectory/logout.html", true, "logout", "logout");
26 xhr.send("");
27 xhr.abort();
28 }
29
30 function isAuthenticated()
31 {
32 var xhr = new XMLHttpRequest;
33 // "?isAuthenticated" is only here for ease of debugging; it doesn't affect behavior.
34 xhr.open("GET", "resources/logout/resource.php?isAuthenticated", false);
35 xhr.send("");
36 return xhr.status == 200;
37 }
38
39 login();
40 document.getElementById("login").innerHTML = isAuthenticated() ? "PASS" : "FAIL" ;
41
42 // Test that a request sent before logout actually has credentials.
43 var r = new XMLHttpRequest;
44 r.open("GET", "resources/logout/resource.php?isAuthenticated2", true);
45 r.onload = function() {
46 document.getElementById("async").innerHTML = r.status == 200 ? "PASS" : "FAI L";
47
48 if (window.testRunner)
49 testRunner.notifyDone();
50 }
51 r.send("");
52
53 logout();
54 document.getElementById("logout").innerHTML = isAuthenticated() ? "FAIL" : "PASS ";
55 </script>
56 </body>
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698