| Index: third_party/WebKit/LayoutTests/external/wpt/html/semantics/scripting-1/the-script-element/script-crossorigin-network.html
|
| diff --git a/third_party/WebKit/LayoutTests/external/wpt/html/semantics/scripting-1/the-script-element/script-crossorigin-network.html b/third_party/WebKit/LayoutTests/external/wpt/html/semantics/scripting-1/the-script-element/script-crossorigin-network.html
|
| new file mode 100644
|
| index 0000000000000000000000000000000000000000..488dd4488a4d55853ca82c4cd8dcf29178289250
|
| --- /dev/null
|
| +++ b/third_party/WebKit/LayoutTests/external/wpt/html/semantics/scripting-1/the-script-element/script-crossorigin-network.html
|
| @@ -0,0 +1,49 @@
|
| +<!doctype html>
|
| +<meta charset="utf-8">
|
| +<title>HTMLScriptElement: crossorigin attribute network test</title>
|
| +<link rel="author" title="KiChjang" href="mailto:kungfukeith11@gmail.com">
|
| +<link rel="help" href="https://html.spec.whatwg.org/multipage/#cors-settings-attribute">
|
| +<script src="/resources/testharness.js"></script>
|
| +<script src="/resources/testharnessreport.js"></script>
|
| +
|
| +<body>
|
| + <script type="text/javascript">
|
| + var test1 = async_test(document.title + "1");
|
| + var test2 = async_test(document.title + "2");
|
| + var test3 = async_test(document.title + "3");
|
| +
|
| + var script1 = document.createElement("script");
|
| + script1.src = "resources/cross-origin.py";
|
| + script1.crossOrigin = "use-credentials";
|
| + var script2 = document.createElement("script");
|
| + script2.src = "resources/cross-origin.py";
|
| + script2.crossOrigin = "gibberish";
|
| + var script3 = document.createElement("script");
|
| + script3.src = "resources/cross-origin.py";
|
| +
|
| + document.cookie = "milk=yes";
|
| + document.body.appendChild(script1);
|
| + script1.onload = function() {
|
| + test1.step(function() {
|
| + assert_true(included, "credentials should be included in script request");
|
| + test1.done();
|
| + });
|
| + };
|
| +
|
| + document.body.appendChild(script2);
|
| + script2.onload = function() {
|
| + test2.step(function() {
|
| + assert_true(included, "invalid values should default to include credentials due to response tainting");
|
| + test2.done();
|
| + });
|
| + };
|
| +
|
| + document.body.appendChild(script3);
|
| + script3.onload = function() {
|
| + test3.step(function() {
|
| + assert_true(included, "missing value should default to include credentials");
|
| + test3.done();
|
| + });
|
| + };
|
| + </script>
|
| +</body>
|
|
|