search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge Chromium + Blink git repositories
[chromium-blink-merge.git] / third_party / WebKit / LayoutTests / http / tests / fetch / script-tests / headers-guard.js
blob8cee05417a0810be970a24ef5decca96e5f4bd10
1 if (self.importScripts) {
2 importScripts('../resources/fetch-test-helpers.js');
3 }
4
5 // Tests that invalid names/values throw TypeError.
6 function testInvalidNamesAndValues(headers) {
7 INVALID_HEADER_NAMES.forEach(function(name) {
8 assert_throws({name: 'TypeError'},
9 function() { headers.append(name, 'a'); },
10 'Headers.append with an invalid name (' + name +
11 ') must throw');
12 assert_throws({name: 'TypeError'},
13 function() { headers.delete(name); },
14 'Headers.delete with an invalid name (' + name +
15 ') must throw');
16 assert_throws({name: 'TypeError'},
17 function() { headers.get(name); },
18 'Headers.get with an invalid name (' + name +
19 ') must throw');
20 assert_throws({name: 'TypeError'},
21 function() { headers.getAll(name); },
22 'Headers.getAll with an invalid name (' + name +
23 ') must throw');
24 assert_throws({name: 'TypeError'},
25 function() { headers.has(name); },
26 'Headers.has with an invalid name (' + name +
27 ') must throw');
28 assert_throws({name: 'TypeError'},
29 function() { headers.set(name, 'a'); },
30 'Headers.set with an invalid name (' + name +
31 ') must throw');
32 });
33 INVALID_HEADER_VALUES.forEach(function(value) {
34 assert_throws({name: 'TypeError'},
35 function() { headers.append('a', value); },
36 'Headers.append with an invalid value must throw');
37 assert_throws({name: 'TypeError'},
38 function() { headers.set('a', value); },
39 'Headers.set with an invalid value must throw');
40 });
41 }
42
43 // Tests that |header| is append()ed to/set() to/delete()d from |headers|.
44 function testAcceptHeaderName(headers, header) {
45 headers.append(header, 'test');
46 assert_equals(headers.get(header), 'test',
47 header + ' must be append()ed.');
48
49 headers.set(header, 'test2');
50 assert_equals(headers.get(header), 'test2',
51 header + ' must be overwritten by set().');
52
53 headers.delete(header);
54 assert_equals(headers.get(header), null,
55 header + ' must be delete()d.');
56
57 headers.set(header, 'test3');
58 assert_equals(headers.get(header), 'test3',
59 header + ' must be created by set().');
60
61 headers.delete(header);
62 assert_equals(headers.get(header), null,
63 header + ' must be delete()d.');
64 }
65
66 // Tests that |header| is ignored in append()/set()/delete() of |headers|.
67 function testIgnoreHeaderName(headers, header) {
68 headers.append(header, 'test');
69 assert_equals(headers.get(header), null,
70 header + ' must be ignored in append().');
71
72 headers.set(header, 'test2');
73 assert_equals(headers.get(header), null,
74 header + ' must be ignored in set().');
75
76 // Calling delete() does not crash nor throw an exception.
77 headers.delete(header);
78 }
79
80 test(function() {
81 [new Headers(),
82 new Headers((new Request(URL, {mode: 'same-origin'})).headers),
83 new Headers((new Response()).headers)]
84 .forEach(function(headers) {
85 testInvalidNamesAndValues(headers);
86
87 FORBIDDEN_HEADER_NAMES
88 .concat(FORBIDDEN_RESPONSE_HEADER_NAMES)
89 .concat(SIMPLE_HEADER_NAMES)
90 .concat([CONTENT_TYPE])
91 .concat(NON_SIMPLE_HEADER_NAMES)
92 .forEach(function(header) {
93 testAcceptHeaderName(headers, header);
94 });
95 });
96 }, 'Headers guard = none: set/append/delete');
97
98 test(function() {
99 FORBIDDEN_HEADER_NAMES
100 .concat(FORBIDDEN_RESPONSE_HEADER_NAMES)
101 .concat(SIMPLE_HEADER_NAMES)
102 .concat([CONTENT_TYPE])
103 .concat(NON_SIMPLE_HEADER_NAMES)
104 .forEach(function(header) {
105 var headers = new Headers([[header, 'test']]);
106 assert_equals(headers.get(header), 'test',
107 header + ' must be set (1)');
108 var headers2 = new Headers(headers);
109 assert_equals(headers2.get(header), 'test',
110 header + ' must be set (2)');
111 });
112 }, 'Headers guard = none: Headers constructor');
113
114 test(function() {
115 [(new Request(URL, {mode: 'same-origin'})).headers,
116 (new Request(URL, {mode: 'same-origin'})).clone().headers,
117 (new Request(URL, {mode: 'cors'})).headers,
118 (new Request(URL, {mode: 'cors'})).clone().headers]
119 .forEach(function(headers) {
120 testInvalidNamesAndValues(headers);
121
122 // Forbidden header names must be ignored.
123 FORBIDDEN_HEADER_NAMES
124 .forEach(function(header) {
125 testIgnoreHeaderName(headers, header);
126 });
127
128 // Other header names must be accepted.
129 FORBIDDEN_RESPONSE_HEADER_NAMES
130 .concat(SIMPLE_HEADER_NAMES)
131 .concat([CONTENT_TYPE])
132 .concat(NON_SIMPLE_HEADER_NAMES)
133 .forEach(function(header) {
134 testAcceptHeaderName(headers, header);
135 });
136 });
137 }, 'Headers guard = request: set/append/delete');
138
139 test(function() {
140 ['same-origin', 'cors'].forEach(function(mode) {
141 // Forbidden header names must be ignored.
142 FORBIDDEN_HEADER_NAMES
143 .forEach(function(header) {
144 var headers = (new Request('http://localhost/',
145 {headers: [[header, 'test']],
146 mode: mode})).headers;
147 assert_equals(headers.get(header), null,
148 header + ' must be ignored (1)');
149
150 headers = (new Request('http://localhost/',
151 {headers: new Headers([[header, 'test']]),
152 mode: mode})).headers;
153 assert_equals(headers.get(header), null,
154 header + ' must be ignored (2)');
155 });
156
157 // Other header names must be accepted.
158 FORBIDDEN_RESPONSE_HEADER_NAMES
159 .concat(SIMPLE_HEADER_NAMES)
160 .concat([CONTENT_TYPE])
161 .concat(NON_SIMPLE_HEADER_NAMES)
162 .forEach(function(header) {
163 var headers = (new Request('http://localhost/',
164 {headers: [[header, 'test']],
165 mode: mode})).headers;
166 assert_equals(headers.get(header), 'test',
167 header + ' must be set (1)');
168
169 headers = (new Request('http://localhost/',
170 {headers: new Headers([[header, 'test']]),
171 mode: mode})).headers;
172 assert_equals(headers.get(header), 'test',
173 header + ' must be set (2)');
174 });
175 });
176 }, 'Headers guard = request: RequestInit.headers');
177
178 test(function() {
179 [function() {return (new Request(URL, {mode: 'no-cors'})).headers;},
180 function() {return (new Request(URL, {mode: 'no-cors'})).clone().headers;}]
181 .forEach(function(createNewHeaders) {
182 var headers = createNewHeaders();
183 testInvalidNamesAndValues(headers);
184
185 // Non-simple headers must be ignored.
186 FORBIDDEN_HEADER_NAMES
187 .concat(FORBIDDEN_RESPONSE_HEADER_NAMES)
188 .concat(NON_SIMPLE_HEADER_NAMES)
189 .forEach(function(header) {
190 testIgnoreHeaderName(headers, header);
191 });
192
193 // SIMPLE_HEADER_NAMES must be accepted.
194 SIMPLE_HEADER_NAMES
195 .forEach(function(header) {
196 testAcceptHeaderName(headers, header);
197 });
198
199 // Content-Type with NON_SIMPLE_HEADER_CONTENT_TYPE_VALUES are
200 // ignored in append()/set().
201 NON_SIMPLE_HEADER_CONTENT_TYPE_VALUES
202 .forEach(function(value) {
203 headers.append(CONTENT_TYPE, value);
204 assert_equals(headers.get(CONTENT_TYPE), null,
205 'Content-Type/' + value +
206 ' must be ignored in append()');
207 headers.set(CONTENT_TYPE, value);
208 assert_equals(headers.get(CONTENT_TYPE), null,
209 'Content-Type/' + value +
210 ' must be ignored in set()');
211 });
212
213 // Content-Type with values in SIMPLE_HEADER_CONTENT_TYPE_VALUES are
214 // accepted by append()/set(), but not delete().
215 SIMPLE_HEADER_CONTENT_TYPE_VALUES
216 .forEach(function(value) {
217 var headers = createNewHeaders();
218 headers.append(CONTENT_TYPE, value);
219 assert_equals(headers.get(CONTENT_TYPE), value,
220 'Content-Type/' + value +
221 ' must be appended.');
222
223 headers.delete(CONTENT_TYPE);
224 assert_equals(headers.get(CONTENT_TYPE), value,
225 'Content-Type in Headers with request-no-cors ' +
226 'guard must not be deleted');
227
228 var headers = createNewHeaders();
229 headers.set(CONTENT_TYPE, value);
230 assert_equals(headers.get(CONTENT_TYPE), value,
231 'Content-Type/' + value +
232 ' must be set.');
233 });
234 });
235 }, 'Headers guard = request-no-cors: set/append/delete');
236
237 test(function() {
238 // Non-simple headers must be ignored.
239 FORBIDDEN_HEADER_NAMES
240 .concat(FORBIDDEN_RESPONSE_HEADER_NAMES)
241 .concat(NON_SIMPLE_HEADER_NAMES)
242 .forEach(function(header) {
243 var headers = (new Request('http://localhost/',
244 {headers: [[header, 'test']],
245 mode: 'no-cors'})).headers;
246 assert_equals(headers.get(header), null,
247 header + ' must be ignored (1)');
248
249 headers = (new Request('http://localhost/',
250 {headers: new Headers([[header, 'test']]),
251 mode: 'no-cors'})).headers;
252 assert_equals(headers.get(header), null,
253 header + ' must be ignored (2)');
254 });
255
256 // SIMPLE_HEADER_NAMES must be accepted.
257 SIMPLE_HEADER_NAMES.forEach(function(header) {
258 var headers = (new Request('http://localhost/',
259 {headers: [[header, 'test']],
260 mode: 'no-cors'
261 })).headers;
262 assert_equals(headers.get(header), 'test',
263 header + ' must be set (1)');
264
265 headers = (new Request('http://localhost/',
266 {headers: new Headers([[header, 'test']]),
267 mode: 'no-cors'})).headers;
268 assert_equals(headers.get(header), 'test',
269 header + ' must be set (2)');
270 });
271
272 // Content-Type with values in SIMPLE_HEADER_CONTENT_TYPE_VALUES must be
273 // accepted.
274 SIMPLE_HEADER_CONTENT_TYPE_VALUES.forEach(function(value) {
275 var headers = (new Request('http://localhost/',
276 {headers: [[CONTENT_TYPE, value]],
277 mode: 'no-cors'
278 })).headers;
279 assert_equals(headers.get(CONTENT_TYPE), value,
280 CONTENT_TYPE + '/' + value + ' must be set (1)');
281
282 headers = (new Request('http://localhost/',
283 {headers: new Headers([[CONTENT_TYPE, value]]),
284 mode: 'no-cors'})).headers;
285 assert_equals(headers.get(CONTENT_TYPE), value,
286 CONTENT_TYPE + '/' + value + ' must be set (2)');
287 });
288
289 // Content-Type with NON_SIMPLE_HEADER_CONTENT_TYPE_VALUES must be
290 // ignored.
291 NON_SIMPLE_HEADER_CONTENT_TYPE_VALUES.forEach(function(value) {
292 var headers = (new Request('http://localhost/',
293 {headers: [[CONTENT_TYPE, value]],
294 mode: 'no-cors'
295 })).headers;
296 assert_equals(headers.get(CONTENT_TYPE), null,
297 CONTENT_TYPE + '/' + value + ' must be ignored (1)');
298
299 headers = (new Request('http://localhost/',
300 {headers: new Headers([[CONTENT_TYPE, value]]),
301 mode: 'no-cors'})).headers;
302 assert_equals(headers.get(CONTENT_TYPE), null,
303 CONTENT_TYPE + '/' + value + ' must be ignored (2)');
304 });
305 }, 'Headers guard = request-no-cors: RequestInit.headers');
306
307 test(function() {
308 [(new Response(new Blob(['']))).headers,
309 (new Response(new Blob(['']))).clone().headers]
310 .forEach(function(headers) {
311 testInvalidNamesAndValues(headers);
312
313 // Forbidden response header names must be ignored.
314 FORBIDDEN_RESPONSE_HEADER_NAMES
315 .forEach(function(header) {
316 testIgnoreHeaderName(headers, header);
317 });
318
319 // Other header names must be accepted.
320 FORBIDDEN_HEADER_NAMES
321 .concat(SIMPLE_HEADER_NAMES)
322 .concat([CONTENT_TYPE])
323 .concat(NON_SIMPLE_HEADER_NAMES)
324 .forEach(function(header) {
325 testAcceptHeaderName(headers, header);
326 });
327 });
328 }, 'Headers guard = response: set/append/delete');
329
330 test(function() {
331 // Forbidden response header names must be ignored.
332 FORBIDDEN_RESPONSE_HEADER_NAMES
333 .forEach(function(header) {
334 var headers = (new Response(new Blob(),
335 {headers: [[header, 'test']]})).headers;
336 assert_equals(headers.get(header), null,
337 header + ' must be ignored (1)');
338
339 var headers = (new Response(new Blob(),
340 {headers: new Headers([[header, 'test']])}
341 )).headers;
342 assert_equals(headers.get(header), null,
343 header + ' must be ignored (2)');
344 });
345
346 // Other header names must be accepted.
347 FORBIDDEN_HEADER_NAMES
348 .concat(SIMPLE_HEADER_NAMES)
349 .concat([CONTENT_TYPE])
350 .concat(NON_SIMPLE_HEADER_NAMES)
351 .forEach(function(header) {
352 var headers = (new Response(new Blob(),
353 {headers: [[header, 'test']]})).headers;
354 assert_equals(headers.get(header), 'test',
355 header + ' must be set (1)');
356
357 headers = (new Response(new Blob(),
358 {headers: new Headers([[header, 'test']])}
359 )).headers;
360 assert_equals(headers.get(header), 'test',
361 header + ' must be set (2)');
362 });
363 }, 'Headers guard = response: ResponseInit.headers');
364
365 promise_test(function(t) {
366 return fetch('../resources/doctype.html')
367 .then(function(res) {
368 [res.headers,
369 res.clone().headers,
370 Response.error().headers,
371 Response.error().clone().headers,
372 Response.redirect('https://www.example.com/test.html').headers,
373 Response.redirect('https://www.example.com/test.html').clone().headers
374 ].forEach(function(headers) {
375 testInvalidNamesAndValues(headers);
376
377 // Test that TypeError is thrown for all header names.
378 FORBIDDEN_HEADER_NAMES
379 .concat(FORBIDDEN_RESPONSE_HEADER_NAMES)
380 .concat(SIMPLE_HEADER_NAMES)
381 .concat([CONTENT_TYPE])
382 .concat(NON_SIMPLE_HEADER_NAMES)
383 .forEach(function(header) {
384 var value = headers.get(header);
385
386 assert_throws({name: 'TypeError'},
387 function() { headers.append(header, 'test'); },
388 'Headers.append(' + header + ') must throw');
389 assert_equals(headers.get(header), value,
390 'header ' + header + ' must be unchanged by append()');
391
392 assert_throws({name: 'TypeError'},
393 function() { headers.set(header, 'test'); },
394 'Headers.set(' + header + ') must throw');
395 assert_equals(headers.get(header), value,
396 'header ' + header + ' must be unchanged by set()');
397
398 assert_throws({name: 'TypeError'},
399 function() { headers.delete(header); },
400 'Headers.delete(' + header + ') must throw');
401 assert_equals(headers.get(header), value,
402 'header ' + header + ' must be unchanged by delete()');
403 });
404 });
405 });
406 }, 'Headers guard = immutable: set/append/delete');
407
408 done();