third_party/WebKit/LayoutTests/http/tests/xmlhttprequest/inject-header.html

   1 <html>
   2 <body>
   3 <p>Test that setRequestHeader properly checks for line feeds in header values.</p>
   4 <script>
   5 if (window.testRunner)
   6     testRunner.dumpAsText();
   7
   8 function test(val) {
   9     var req = new XMLHttpRequest;
  10     req.open("GET", "resources/print-headers.cgi", false);
  11
  12     try {
  13         req.setRequestHeader("Test", val);
  14     } catch (ex) {
  15         document.write("<p>" + escape(val) + " -> SUCCESS, setRequestHeader() raised an exception " + ex + "</p>");
  16         return;
  17     }
  18
  19     try {
  20         req.send("");
  21         if (req.responseText.match("HTTP_EVIL"))
  22             document.write("<p>" + escape(val) + " -> FAILURE - evil header injected!</p>");
  23         else
  24             document.write("<p>" + escape(val) + " -> setRequestHeader() didn't throw, but server didn't see the evil header.</p>");
  25
  26     } catch (ex) {
  27         alert("Unexpected exception: " + ex);
  28     }
  29 }
  30
  31 test("\nEvil: on");
  32 test("\rEvil: on");
  33 test("\r\nEvil: on");
  34 test("\n\rEvil: on");
  35 </script>
  36 </body>
  37 </html>