search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge Chromium + Blink git repositories
[chromium-blink-merge.git] / third_party / WebKit / LayoutTests / http / tests / xmlhttprequest / access-control-preflight-sync-method-denied.html
blobff73efcb05a7a8565ea675f90552813b2f7f023c
1 <html>
2 <body>
3 <pre id='console'></pre>
4 <script type="text/javascript">
5 function log(message)
6 {
7 document.getElementById('console').appendChild(document.createTextNode(message + "\n"));
8 }
9
10 if (window.testRunner)
11 testRunner.dumpAsText();
12
13 (function() {
14 var xhr = new XMLHttpRequest();
15
16 try {
17 xhr.open("GET", "http://localhost:8000/xmlhttprequest/resources/access-control-preflight-denied-xsrf.php?state=reset", false);
18 xhr.send(null);
19 } catch(e) {
20 log("FAIL: Unable to reset server state: [" + e.message + "].");
21 return;
22 }
23
24 xhr = new XMLHttpRequest();
25
26 try {
27 xhr.open("DELETE", "http://localhost:8000/xmlhttprequest/resources/access-control-preflight-denied-xsrf.php?state=method", false);
28 } catch(e) {
29 log("FAIL: Exception thrown. Cross-domain access is not allowed in first 'open'. [" + e.message + "].");
30 return;
31 }
32
33 try {
34 xhr.send(null);
35 log("FAIL: Cross-domain access allowed in first send without throwing an exception");
36 return;
37 } catch(e) {
38 // Eat the exception.
39 }
40
41 xhr = new XMLHttpRequest();
42
43 try {
44 xhr.open("GET", "http://localhost:8000/xmlhttprequest/resources/access-control-preflight-denied-xsrf.php?state=complete", false);
45 } catch(e) {
46 log("FAIL: Exception thrown. Cross-domain access is not allowed in second 'open'. [" + e.message + "].");
47 return;
48 }
49
50 try {
51 xhr.send(null);
52 } catch(e) {
53 log("FAIL: Exception thrown. Cross-domain access is not allowed in second 'send'. [" + e.message + "].");
54 return;
55 }
56
57 log(xhr.responseText);
58 })();
59 </script>
60 </body>
61 </html>