LayoutTests/http/tests/security/resources/cors-script.php - Issue 47923008: Block execution of failed 'crossorigin' <script>s. - Code Review

Chromium Code Reviews

chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out

(292)

My Issues | Starred Open | Closed | All

Unified Diff: LayoutTests/http/tests/security/resources/cors-script.php

Issue 47923008: Block execution of failed 'crossorigin' <script>s. (Closed) Base URL: https://chromium.googlesource.com/chromium/blink.git@master

Patch Set: Rebased Created 7 years, 1 month ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

« no previous file with comments | « LayoutTests/http/tests/security/cross-origin-css-expected.txt ('k') | LayoutTests/http/tests/security/script-crossorigin-fails-cross-origin.html » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: LayoutTests/http/tests/security/resources/cors-script.php

diff --git a/LayoutTests/http/tests/security/resources/cors-script.php b/LayoutTests/http/tests/security/resources/cors-script.php

index 61f3de82f214745c2ecd171ef61ddbf3bb3b4128..c9b1a37d4f3463d9a2c2e3041d3a975465dbde74 100644

--- a/LayoutTests/http/tests/security/resources/cors-script.php

+++ b/LayoutTests/http/tests/security/resources/cors-script.php

@@ -2,8 +2,14 @@

if (strtolower($_GET["cors"]) != "false") {

header("Access-Control-Allow-Origin: http://127.0.0.1:8000");

}

+if (strtolower($_GET["credentials"]) == "true") {

+ header("Access-Control-ALlow-Credentials: true");

+}

header("Content-Type: application/javascript");

-if (strtolower($_GET["fail"]) == "true")

+$value = $_GET['value'];

+if ($value)

+ echo "result = \"" . $value . "\";";

+else if (strtolower($_GET["fail"]) == "true")

echo "throw({toString: function(){ return 'SomeError' }});";

else

echo "alert('script ran.');";

« no previous file with comments | « LayoutTests/http/tests/security/cross-origin-css-expected.txt ('k') | LayoutTests/http/tests/security/script-crossorigin-fails-cross-origin.html » ('j') | no next file with comments »

Powered by Google App Engine

This is Rietveld 408576698