Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(41)

Unified Diff: third_party/WebKit/LayoutTests/http/tests/xmlhttprequest/logout.html

Issue 2808753003: Carve out an exception for embedded credentials in XHR. (Closed)
Patch Set: Rebaseline. Created 3 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: third_party/WebKit/LayoutTests/http/tests/xmlhttprequest/logout.html
diff --git a/third_party/WebKit/LayoutTests/http/tests/xmlhttprequest/logout.html b/third_party/WebKit/LayoutTests/http/tests/xmlhttprequest/logout.html
new file mode 100644
index 0000000000000000000000000000000000000000..e20b3d79a3f3a703966f1e1ebe4788cafb2cc08c
--- /dev/null
+++ b/third_party/WebKit/LayoutTests/http/tests/xmlhttprequest/logout.html
@@ -0,0 +1,56 @@
+<body>
+<p><a href="rdar://problem/6447115">rdar://problem/6447115</a> Test that a method for logging out of a site that is used by SAP works.</p>
+<p>If an authentication dialog appears, please cancel it.</p>
+<span>Login: </span><span id="login">FAIL - Test not run</span><br>
+<span>Async request sent before logout: </span><span id="async">FAIL - Test not run</span><br>
+<span>Logout: </span><span id="logout">FAIL - Test not run</span>
+<script>
+if (window.testRunner) {
+ testRunner.dumpAsText();
+ testRunner.waitUntilDone();
+}
+
+function login()
+{
+ var xhr = new XMLHttpRequest;
+ // "?login" is only here for ease of debugging; it doesn't affect behavior.
+ xhr.open("GET", "resources/logout/resource.php?login", false, "user", "pass");
+ xhr.send("");
+}
+
+function logout()
+{
+ var xhr = new XMLHttpRequest;
+ // logout.html doesn't even exist - we don't need to send this request to server.
+ xhr.open("GET", "resources/logout/subdirectory/logout.html", true, "logout", "logout");
+ xhr.send("");
+ xhr.abort();
+}
+
+function isAuthenticated()
+{
+ var xhr = new XMLHttpRequest;
+ // "?isAuthenticated" is only here for ease of debugging; it doesn't affect behavior.
+ xhr.open("GET", "resources/logout/resource.php?isAuthenticated", false);
+ xhr.send("");
+ return xhr.status == 200;
+}
+
+login();
+document.getElementById("login").innerHTML = isAuthenticated() ? "PASS" : "FAIL";
+
+// Test that a request sent before logout actually has credentials.
+var r = new XMLHttpRequest;
+r.open("GET", "resources/logout/resource.php?isAuthenticated2", true);
+r.onload = function() {
+ document.getElementById("async").innerHTML = r.status == 200 ? "PASS" : "FAIL";
+
+ if (window.testRunner)
+ testRunner.notifyDone();
+}
+r.send("");
+
+logout();
+document.getElementById("logout").innerHTML = isAuthenticated() ? "FAIL" : "PASS";
+</script>
+</body>

Powered by Google App Engine
This is Rietveld 408576698