third_party/WebKit/LayoutTests/http/tests/security/link-crossorigin-subresource-use-credentials.html

   1 <!DOCTYPE HTML>
   2 <html>
   3 <head>
   4 <script src="/js-test-resources/js-test.js"></script>
   5 </head>
   6 <body>
   7 <script>
   8 description("Test that a subresource with a crossorigin=use-credentials attribute loads the expected CORS enabled resources.");
   9 </script>
  10 <script src="resources/link-crossorigin-common.js"></script>
  11 <link crossorigin="use-credentials" rel="subresource" href="http://localhost:8080/security/resources/abe-allow-credentials.php" onload="pass()" onerror="fail()">
  12 <link crossorigin="use-credentials" rel="subresource" href="http://localhost:8080/security/resources/abe-allow-star.php" onload="fail()" onerror="pass()">
  13 <script>
  14 function runTest()
  15 {
  16     // Test that dynamically inserted <link> elements are handled the same way.
  17     var link = document.createElement("link");
  18     link.rel = "subresource";
  19     link.crossOrigin = "anonymous";
  20     link.onload = pass;
  21     link.onerror = fail;
  22     link.href = "http://localhost:8080/security/resources/abe-allow-credentials.php?1";
  23     document.body.appendChild(link);
  24
  25     link = document.createElement("link");
  26     link.rel = "subresource";
  27     link.crossOrigin = "use-credentials";
  28     link.onload = fail;
  29     link.onerror = pass;
  30     link.href = "http://localhost:8080/security/resources/abe-allow-star.php?1";
  31     document.body.appendChild(link);
  32 }
  33 window.onload = runTest;
  34 </script>
  35 </body>
  36 </html>