Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1055)

Side by Side Diff: third_party/WebKit/LayoutTests/http/tests/xmlhttprequest/remember-bad-password.html

Issue 2651943002: Block subresource requests whose URLs include credentials. (Closed)
Patch Set: Test. Created 3 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
(Empty)
1 <body>
2 <p><a href="rdar://problem/7062824">rdar://problem/7062824</a> A wrong password entered for site or proxy auth remains in WebCore credential storage, and is sen t with subsequent requests.</p>
3 <p>This test counts the number of failed requests server side.</p>
4 <div id = result>Testing... Please cancel all authentication dialogs.</div></br>
5 <div>Sync</div>
6 <button onclick="sendWithCredentials(false)">With credentials</button>
7 <button onclick="sendWithoutCredentials(false)">Without credentials</button>
8 <div>Async</div>
9 <button onclick="sendWithCredentials(true)">With credentials</button>
10 <button onclick="sendWithoutCredentials(true)">Without credentials</button>
11 <br>
12 <button onclick="status()">Status</button>
13 <script>
14 if (window.testRunner) {
15 testRunner.dumpAsText();
16 testRunner.waitUntilDone()
17 }
18
19 function sendWithCredentials(next)
20 {
21 var xhr = new XMLHttpRequest;
22 xhr.open("GET", "resources/remember-bad-password/count-failures.php", next ? true : false, "foo", "bar");
23 xhr.send("");
24 if (next) {
25 xhr.onload = next;
26 xhr.onerror = next;
27 }
28 }
29
30 function sendWithoutCredentials(next)
31 {
32 var xhr = new XMLHttpRequest;
33 xhr.open("GET", "resources/remember-bad-password/count-failures.php", next ? true : false);
34 xhr.send("");
35
36 if (next) {
37 xhr.onload = next;
38 xhr.onerror = next;
39 }
40 }
41
42 function status()
43 {
44 var xhr = new XMLHttpRequest;
45 xhr.open("GET", "resources/remember-bad-password/count-failures.php?command= status", false);
46 xhr.send("");
47 return xhr.responseText;
48 }
49
50 function reset()
51 {
52 var xhr = new XMLHttpRequest;
53 xhr.open("GET", "resources/remember-bad-password/count-failures.php?command= reset", false);
54 xhr.send("");
55 }
56
57 reset();
58 sendWithCredentials();
59 sendWithoutCredentials();
60 sendWithCredentials(function() {
61 sendWithoutCredentials(function() {
62 var s = status();
63 document.getElementById("result").innerHTML = (s == 2 ? "PASS" : ("FAIL: " + s)) ;
64 if (window.testRunner)
65 testRunner.notifyDone();
66 })});
67 </script>
68 </body>
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698