Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(368)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: LayoutTests/http/tests/xmlhttprequest/resources/access-control-preflight-request-header-sorted.php

Issue 875363002: Sort header names in Access-Control-Request-Headers (Closed) Base URL: https://chromium.googlesource.com/chromium/blink.git@master
Patch Set: Add missing expect.txt Created 5 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« LayoutTests/http/tests/fetch/script-tests/fetch-access-control-cors.js ('K') | « LayoutTests/http/tests/xmlhttprequest/access-control-preflight-request-header-sorted-expected.txt ('k') | Source/core/fetch/CrossOriginAccessControl.cpp » ('j') | Source/core/fetch/CrossOriginAccessControl.cpp » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: LayoutTests/http/tests/xmlhttprequest/resources/access-control-preflight-request-header-sorted.php
diff --git a/LayoutTests/http/tests/xmlhttprequest/resources/access-control-preflight-request-header-sorted.php b/LayoutTests/http/tests/xmlhttprequest/resources/access-control-preflight-request-header-sorted.php
new file mode 100644
index 0000000000000000000000000000000000000000..5db34038a0e71899aa71027bd1e74565c8611876
--- /dev/null
+++ b/LayoutTests/http/tests/xmlhttprequest/resources/access-control-preflight-request-header-sorted.php
@@ -0,0 +1,23 @@
+<?php
+require_once '../../resources/portabilityLayer.php';
tyoshino (SeeGerritForStatus) 2015/01/29 10:44:53 is this needed?
hiroshige 2015/01/29 11:08:11 Removed. Also removed from *-lowercase.php, based
+
+header("Access-Control-Allow-Origin: *");
+header("Access-Control-Max-Age: 0");
+
+if ($_SERVER["REQUEST_METHOD"] == "OPTIONS") {
+ // Check that the names in Access-Control-Request-Headers are
+ // "in lexicographical order, each converted to ASCII lowercase".
+ // Spec: http://www.w3.org/TR/cors/#cross-origin-request-with-preflight-0
tyoshino (SeeGerritForStatus) 2015/01/29 10:44:53 please cite fetch.spec.whatwg.org
hiroshige 2015/01/29 11:08:11 Done.
+ if ($_SERVER["HTTP_ACCESS_CONTROL_REQUEST_HEADERS"] ==
+ 'x-custom-s, x-custom-test, x-custom-u, x-custom-ua, x-custom-v') {
+ header("Access-Control-Allow-Headers: x-custom-s, x-custom-test, x-custom-u, x-custom-ua, x-custom-v");
+ } else {
+ header("HTTP/1.1 400");
tyoshino (SeeGerritForStatus) 2015/01/29 10:44:53 does this work even after calling header() emittin
hiroshige 2015/01/29 11:08:11 Done.
+ }
+} else if ($_SERVER["REQUEST_METHOD"] == "GET") {
+ if (isset($_SERVER["HTTP_X_CUSTOM_S"]))
+ echo "PASS";
+ else
+ echo "FAIL";
+}
+?>
« LayoutTests/http/tests/fetch/script-tests/fetch-access-control-cors.js ('K') | « LayoutTests/http/tests/xmlhttprequest/access-control-preflight-request-header-sorted-expected.txt ('k') | Source/core/fetch/CrossOriginAccessControl.cpp » ('j') | Source/core/fetch/CrossOriginAccessControl.cpp » ('J')

Powered by Google App Engine
This is Rietveld 408576698