third_party/WebKit/LayoutTests/http/tests/xmlhttprequest/access-control-preflight-async-method-denied.html

   1 <html>
   2 <body>
   3 <pre id='console'></pre>
   4 <script type="text/javascript">
   5 function log(message)
   6 {
   7     document.getElementById('console').appendChild(document.createTextNode(message + "\n"));
   8 }
   9
  10 if (window.testRunner) {
  11     testRunner.dumpAsText();
  12     testRunner.waitUntilDone();
  13 }
  14
  15 (function() {
  16     var xhr = new XMLHttpRequest();
  17
  18     try {
  19         xhr.open("GET", "http://localhost:8000/xmlhttprequest/resources/access-control-preflight-denied-xsrf.php?state=reset", false);
  20         xhr.send(null);
  21     } catch(e) {
  22         log("FAIL: Unable to reset server state: [" + e.message + "].");
  23         return;
  24     }
  25
  26     xhr = new XMLHttpRequest();
  27
  28     try {
  29         xhr.open("DELETE", "http://localhost:8000/xmlhttprequest/resources/access-control-preflight-denied-xsrf.php?state=method", true);
  30     } catch(e) {
  31         log("FAIL: Exception thrown. Cross-domain access is not allowed in first 'open'. [" + e.message + "].");
  32         return;
  33     }
  34
  35     xhr.onerror = function() {
  36         xhr = new XMLHttpRequest();
  37
  38         try {
  39             xhr.open("GET", "http://localhost:8000/xmlhttprequest/resources/access-control-preflight-denied-xsrf.php?state=complete", false);
  40             try {
  41                 xhr.send(null);
  42             } catch(e) {
  43                 log("FAIL: Exception thrown. Cross-domain access is not allowed in second 'send'. [" + e.message + "].");
  44             }
  45         } catch(e) {
  46             log("FAIL: Exception thrown. Cross-domain access is not allowed in second 'open'. [" + e.message + "].");
  47         }
  48
  49         log(xhr.responseText);
  50         if (window.testRunner)
  51             testRunner.notifyDone();
  52     }
  53
  54     xhr.onreadystatechange = function() {
  55         if (xhr.readyState == 4 && xhr.status == 200)
  56             log("FAIL: Cross-domain access allowed in first send without throwing an exception");
  57     }
  58
  59     xhr.send(null);
  60 })();
  61 </script>
  62 </body>
  63 </html>