products/Sources/formale Sprachen/C/Firefox/dom/security/test/cors/file_cors_logging_test.html
<!
DOCTYPE HTML >
<
html >
<
head >
<
META HTTP-EQUIV=
"Content-Type" CONTENT=
"text/html; charset=utf-8" >
<
title >Test for Cross Site XMLHttpRequest</
title >
</
head >
<
body onload=
"initTest()" >
<p id=
"display" >
<
iframe id=loader></
iframe >
</p>
<
div id=
"content" style =
"display: none" >
</
div >
<
pre id=
"test" >
<
script class=
"testbody" type=
"application/javascript" >
const runPreflightTests = 1;
const runCookieTests = 1;
const runRedirectTests = 1;
var gen;
function initTest() {
window.addEventListener(
"message" , function(e) {
gen.next(e.data);
});
gen = runTest();
gen.next()
}
function initTestCallback() {
}
function* runTest() {
var loader = document.getElementById(
'loader' );
var loaderWindow = loader.contentWindow;
loader.onload = function () { gen.next() };
// Test preflight-less requests
basePath =
"/browser/dom/security/test/cors/file_CrossSiteXHR_server.sjs?"
baseURL =
"http://mochi.test:8888 " + basePath;
// Test preflighted requests
loader.src =
"http://example.org/browser/dom/security/test/cors/file_CrossSiteXHR_inner.html " ;
origin =
"http://example.org " ;
yield undefined;
tests = [// Plain request
{ pass: 1,
method:
"GET" ,
noAllowPreflight: 1,
},
// undefined username
{ pass: 1,
method:
"GET" ,
noAllowPreflight: 1,
username: undefined
},
// undefined username and password
{ pass: 1,
method:
"GET" ,
noAllowPreflight: 1,
username: undefined,
password: undefined
},
// nonempty username
{ pass: 0,
method:
"GET" ,
noAllowPreflight: 1,
username:
"user" ,
},
// nonempty password
// XXXbz this passes for now, because we ignore passwords
// without usernames in most cases.
{ pass: 1,
method:
"GET" ,
noAllowPreflight: 1,
password:
"password" ,
},
// Default allowed headers
{ pass: 1,
method:
"GET" ,
headers: {
"Content-Type" :
"text/plain" ,
"Accept" :
"foo/bar" ,
"Accept-Language" :
"sv-SE" },
noAllowPreflight: 1,
},
{ pass: 0,
method:
"GET" ,
headers: {
"Content-Type" :
"foo/bar" ,
"Accept" :
"foo/bar" ,
"Accept-Language" :
"sv-SE" },
noAllowPreflight: 1,
},
{ pass: 0,
method:
"GET" ,
headers: {
"Content-Type" :
"foo/bar, text/plain" },
noAllowPreflight: 1,
},
{ pass: 0,
method:
"GET" ,
headers: {
"Content-Type" :
"foo/bar, text/plain, garbage" },
noAllowPreflight: 1,
},
// Custom headers
{ pass: 1,
method:
"GET" ,
headers: {
"x-my-header" :
"myValue" },
allowHeaders:
"x-my-header" ,
},
{ pass: 1,
method:
"GET" ,
headers: {
"x-my-header" :
"myValue" },
allowHeaders:
"X-My-Header" ,
},
{ pass: 1,
method:
"GET" ,
headers: {
"x-my-header" :
"myValue" ,
"long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header" :
"secondValue" },
allowHeaders:
"x-my-header, long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header-long-header" ,
},
{ pass: 1,
method:
"GET" ,
headers: {
"x-my%-header" :
"myValue" },
allowHeaders:
"x-my%-header" ,
},
{ pass: 0,
method:
"GET" ,
headers: {
"x-my-header" :
"myValue" },
},
{ pass: 0,
method:
"GET" ,
headers: {
"x-my-header" :
"" },
},
{ pass: 0,
method:
"GET" ,
headers: {
"x-my-header" :
"myValue" },
allowHeaders:
"" ,
},
{ pass: 0,
method:
"GET" ,
headers: {
"x-my-header" :
"myValue" },
allowHeaders:
"y-my-header" ,
},
{ pass: 0,
method:
"GET" ,
headers: {
"x-my-header" :
"myValue" },
allowHeaders:
"x-my-header y-my-header" ,
},
{ pass: 0,
method:
"GET" ,
headers: {
"x-my-header" :
"myValue" },
allowHeaders:
"x-my-header, y-my-header z" ,
},
{ pass: 0,
method:
"GET" ,
headers: {
"x-my-header" :
"myValue" },
allowHeaders:
"x-my-header, y-my-he(ader" ,
},
{ pass: 0,
method:
"GET" ,
headers: {
"myheader" :
"" },
allowMethods:
"myheader" ,
},
{ pass: 1,
method:
"GET" ,
headers: {
"User-Agent" :
"myValue" },
allowHeaders:
"User-Agent" ,
},
{ pass: 0,
method:
"GET" ,
headers: {
"User-Agent" :
"myValue" },
},
// Multiple custom headers
{ pass: 1,
method:
"GET" ,
headers: {
"x-my-header" :
"myValue" ,
"second-header" :
"secondValue" ,
"third-header" :
"thirdValue" },
allowHeaders:
"x-my-header, second-header, third-header" ,
},
{ pass: 1,
method:
"GET" ,
headers: {
"x-my-header" :
"myValue" ,
"second-header" :
"secondValue" ,
"third-header" :
"thirdValue" },
allowHeaders:
"x-my-header,second-header,third-header" ,
},
{ pass: 1,
method:
"GET" ,
headers: {
"x-my-header" :
"myValue" ,
"second-header" :
"secondValue" ,
"third-header" :
"thirdValue" },
allowHeaders:
"x-my-header ,second-header ,third-header" ,
},
{ pass: 1,
method:
"GET" ,
headers: {
"x-my-header" :
"myValue" ,
"second-header" :
"secondValue" ,
"third-header" :
"thirdValue" },
allowHeaders:
"x-my-header , second-header , third-header" ,
},
{ pass: 1,
method:
"GET" ,
headers: {
"x-my-header" :
"myValue" ,
"second-header" :
"secondValue" },
allowHeaders:
", x-my-header, , ,, second-header, , " ,
},
{ pass: 1,
method:
"GET" ,
headers: {
"x-my-header" :
"myValue" ,
"second-header" :
"secondValue" },
allowHeaders:
"x-my-header, second-header, unused-header" ,
},
{ pass: 0,
method:
"GET" ,
headers: {
"x-my-header" :
"myValue" ,
"y-my-header" :
"secondValue" },
allowHeaders:
"x-my-header" ,
},
{ pass: 0,
method:
"GET" ,
headers: {
"x-my-header" :
"" ,
"y-my-header" :
"" },
allowHeaders:
"x-my-header" ,
},
//
HEAD requests
{ pass: 1,
method:
"HEAD" ,
noAllowPreflight: 1,
},
//
HEAD with safe headers
{ pass: 1,
method:
"HEAD" ,
headers: {
"Content-Type" :
"text/plain" ,
"Accept" :
"foo/bar" ,
"Accept-Language" :
"sv-SE" },
noAllowPreflight: 1,
},
{ pass: 0,
method:
"HEAD" ,
headers: {
"Content-Type" :
"foo/bar" ,
"Accept" :
"foo/bar" ,
"Accept-Language" :
"sv-SE" },
noAllowPreflight: 1,
},
{ pass: 0,
method:
"HEAD" ,
headers: {
"Content-Type" :
"foo/bar, text/plain" },
noAllowPreflight: 1,
},
{ pass: 0,
method:
"HEAD" ,
headers: {
"Content-Type" :
"foo/bar, text/plain, garbage" },
noAllowPreflight: 1,
},
//
HEAD with custom headers
{ pass: 1,
method:
"HEAD" ,
headers: {
"x-my-header" :
"myValue" },
allowHeaders:
"x-my-header" ,
},
{ pass: 0,
method:
"HEAD" ,
headers: {
"x-my-header" :
"myValue" },
},
{ pass: 0,
method:
"HEAD" ,
headers: {
"x-my-header" :
"myValue" },
allowHeaders:
"" ,
},
{ pass: 0,
method:
"HEAD" ,
headers: {
"x-my-header" :
"myValue" },
allowHeaders:
"y-my-header" ,
},
{ pass: 0,
method:
"HEAD" ,
headers: {
"x-my-header" :
"myValue" },
allowHeaders:
"x-my-header y-my-header" ,
},
// POST tests
{ pass: 1,
method:
"POST" ,
body :
"hi there" ,
noAllowPreflight: 1,
},
{ pass: 1,
method:
"POST" ,
},
{ pass: 1,
method:
"POST" ,
noAllowPreflight: 1,
},
// POST with standard headers
{ pass: 1,
method:
"POST" ,
body :
"hi there" ,
headers: {
"Content-Type" :
"text/plain" },
noAllowPreflight: 1,
},
{ pass: 1,
method:
"POST" ,
body :
"hi there" ,
headers: {
"Content-Type" :
"multipart/form-data" },
noAllowPreflight: 1,
},
{ pass: 1,
method:
"POST" ,
body :
"hi there" ,
headers: {
"Content-Type" :
"application/x-www-form-urlencoded" },
noAllowPreflight: 1,
},
{ pass: 0,
method:
"POST" ,
body :
"hi there" ,
headers: {
"Content-Type" :
"foo/bar" },
},
{ pass: 0,
method:
"POST" ,
headers: {
"Content-Type" :
"foo/bar" },
},
{ pass: 1,
method:
"POST" ,
body :
"hi there" ,
headers: {
"Content-Type" :
"text/plain" ,
"Accept" :
"foo/bar" ,
"Accept-Language" :
"sv-SE" },
noAllowPreflight: 1,
},
{ pass: 0,
method:
"POST" ,
body :
"hi there" ,
headers: {
"Content-Type" :
"foo/bar, text/plain" },
noAllowPreflight: 1,
},
{ pass: 0,
method:
"POST" ,
body :
"hi there" ,
headers: {
"Content-Type" :
"foo/bar, text/plain, garbage" },
noAllowPreflight: 1,
},
// POST with custom headers
{ pass: 1,
method:
"POST" ,
body :
"hi there" ,
headers: {
"Accept" :
"foo/bar" ,
"Accept-Language" :
"sv-SE" ,
"x-my-header" :
"myValue" },
allowHeaders:
"x-my-header" ,
},
{ pass: 1,
method:
"POST" ,
headers: {
"Content-Type" :
"text/plain" ,
"x-my-header" :
"myValue" },
allowHeaders:
"x-my-header" ,
},
{ pass: 1,
method:
"POST" ,
body :
"hi there" ,
headers: {
"Content-Type" :
"text/plain" ,
"x-my-header" :
"myValue" },
allowHeaders:
"x-my-header" ,
},
{ pass: 1,
method:
"POST" ,
body :
"hi there" ,
headers: {
"Content-Type" :
"foo/bar" ,
"x-my-header" :
"myValue" },
allowHeaders:
"x-my-header, content-type" ,
},
{ pass: 0,
method:
"POST" ,
body :
"hi there" ,
headers: {
"Content-Type" :
"foo/bar" },
noAllowPreflight: 1,
},
{ pass: 0,
method:
"POST" ,
body :
"hi there" ,
headers: {
"Content-Type" :
"foo/bar" ,
"x-my-header" :
"myValue" },
allowHeaders:
"x-my-header" ,
},
{ pass: 1,
method:
"POST" ,
headers: {
"x-my-header" :
"myValue" },
allowHeaders:
"x-my-header" ,
},
{ pass: 1,
method:
"POST" ,
body :
"hi there" ,
headers: {
"x-my-header" :
"myValue" },
allowHeaders:
"x-my-header, $_%" ,
},
// Other methods
{ pass: 1,
method:
"DELETE" ,
allowMethods:
"DELETE" ,
},
{ pass: 0,
method:
"DELETE" ,
allowHeaders:
"DELETE" ,
},
{ pass: 0,
method:
"DELETE" ,
},
{ pass: 0,
method:
"DELETE" ,
allowMethods:
"" ,
},
{ pass: 1,
method:
"DELETE" ,
allowMethods:
"POST, PUT, DELETE" ,
},
{ pass: 1,
method:
"DELETE" ,
allowMethods:
"POST, DELETE, PUT" ,
},
{ pass: 1,
method:
"DELETE" ,
allowMethods:
"DELETE, POST, PUT" ,
},
{ pass: 1,
method:
"DELETE" ,
allowMethods:
"POST ,PUT ,DELETE" ,
},
{ pass: 1,
method:
"DELETE" ,
allowMethods:
"POST,PUT,DELETE" ,
},
{ pass: 1,
method:
"DELETE" ,
allowMethods:
"POST , PUT , DELETE" ,
},
{ pass: 1,
method:
"DELETE" ,
allowMethods:
" ,, PUT ,, , , DELETE , ," ,
},
{ pass: 0,
method:
"DELETE" ,
allowMethods:
"PUT" ,
},
{ pass: 0,
method:
"DELETE" ,
allowMethods:
"DELETEZ" ,
},
{ pass: 0,
method:
"DELETE" ,
allowMethods:
"DELETE PUT" ,
},
{ pass: 0,
method:
"DELETE" ,
allowMethods:
"DELETE, PUT Z" ,
},
{ pass: 0,
method:
"DELETE" ,
allowMethods:
"DELETE, PU(T" ,
},
{ pass: 0,
method:
"DELETE" ,
allowMethods:
"PUT DELETE" ,
},
{ pass: 0,
method:
"DELETE" ,
allowMethods:
"PUT Z, DELETE" ,
},
{ pass: 0,
method:
"DELETE" ,
allowMethods:
"PU(T, DELETE" ,
},
{ pass: 0,
method:
"MYMETHOD" ,
allowMethods:
"myMethod" ,
},
{ pass: 0,
method:
"PUT" ,
allowMethods:
"put" ,
},
//
Progress events
{ pass: 1,
method:
"POST" ,
body :
"hi there" ,
headers: {
"Content-Type" :
"text/plain" },
uploadProgress:
"progress" ,
},
{ pass: 0,
method:
"POST" ,
body :
"hi there" ,
headers: {
"Content-Type" :
"text/plain" },
uploadProgress:
"progress" ,
noAllowPreflight: 1,
},
// Status messages
{ pass: 1,
method:
"GET" ,
noAllowPreflight: 1,
status: 404,
statusMessage:
"nothin' here" ,
},
{ pass: 1,
method:
"GET" ,
noAllowPreflight: 1,
status: 401,
statusMessage:
"no can do" ,
},
{ pass: 1,
method:
"POST" ,
body :
"hi there" ,
headers: {
"Content-Type" :
"foo/bar" },
allowHeaders:
"content-type" ,
status: 500,
statusMessage:
"server boo" ,
},
{ pass: 1,
method:
"GET" ,
noAllowPreflight: 1,
status: 200,
statusMessage:
"Yes!!" ,
},
{ pass: 0,
method:
"GET" ,
headers: {
"x-my-header" :
"header value" },
allowHeaders:
"x-my-header" ,
preflightStatus: 400
},
{ pass: 1,
method:
"GET" ,
headers: {
"x-my-header" :
"header value" },
allowHeaders:
"x-my-header" ,
preflightStatus: 200
},
{ pass: 1,
method:
"GET" ,
headers: {
"x-my-header" :
"header value" },
allowHeaders:
"x-my-header" ,
preflightStatus: 204
},
// exposed headers
{ pass: 1,
method:
"GET" ,
responseHeaders: {
"x-my-header" :
"x header" },
exposeHeaders:
"x-my-header" ,
expectedResponseHeaders: [
"x-my-header" ],
},
{ pass: 0,
method:
"GET" ,
origin:
"http://invalid " ,
responseHeaders: {
"x-my-header" :
"x header" },
exposeHeaders:
"x-my-header" ,
expectedResponseHeaders: [],
},
{ pass: 1,
method:
"GET" ,
responseHeaders: {
"x-my-header" :
"x header" },
expectedResponseHeaders: [],
},
{ pass: 1,
method:
"GET" ,
responseHeaders: {
"x-my-header" :
"x header" },
exposeHeaders:
"x-my-header y" ,
expectedResponseHeaders: [],
},
{ pass: 1,
method:
"GET" ,
responseHeaders: {
"x-my-header" :
"x header" },
exposeHeaders:
"y x-my-header" ,
expectedResponseHeaders: [],
},
{ pass: 1,
method:
"GET" ,
responseHeaders: {
"x-my-header" :
"x header" },
exposeHeaders:
"x-my-header, y-my-header z" ,
expectedResponseHeaders: [],
},
{ pass: 1,
method:
"GET" ,
responseHeaders: {
"x-my-header" :
"x header" },
exposeHeaders:
"x-my-header, y-my-hea(er" ,
expectedResponseHeaders: [],
},
{ pass: 1,
method:
"GET" ,
responseHeaders: {
"x-my-header" :
"x header" ,
"y-my-header" :
"y header" },
exposeHeaders:
" , ,,y-my-header,z-my-header, " ,
expectedResponseHeaders: [
"y-my-header" ],
},
{ pass: 1,
method:
"GET" ,
responseHeaders: {
"Cache-Control" :
"cacheControl header" ,
"Content-Language" :
"contentLanguage header" ,
"Expires" :
"expires header" ,
"Last-Modified" :
"lastModified header" ,
"Pragma" :
"pragma header" ,
"Unexpected" :
"unexpected header" },
expectedResponseHeaders: [
"Cache-Control" ,
"Content-Language" ,
"Content-Type" ,
"Expires" ,
"Last-Modified" ,
"Pragma" ],
},
// Check that sending a
body in the OPTIONS response works
{ pass: 1,
method:
"DELETE" ,
allowMethods:
"DELETE" ,
preflightBody:
"I'm a preflight response body" ,
},
];
if (!runPreflightTests) {
tests = [];
}
for (test of tests) {
var req = {
url: baseURL +
"allowOrigin=" + escape(test.origin || origin),
method: test.method,
headers: test.headers,
uploadProgress: test.uploadProgress,
body : test.
body ,
responseHeaders: test.responseHeaders,
};
if (test.pass) {
req.url +=
"&origin=" + escape(origin) +
"&requestMethod=" + test.method;
}
if (
"username" in test) {
req.username = test.username;
}
if (
"password" in test) {
req.password = test.password;
}
if (test.noAllowPreflight)
req.url +=
"&noAllowPreflight" ;
if (test.pass &&
"headers" in test) {
function isUnsafeHeader(name) {
lName = name.toLowerCase();
return lName !=
"accept" &&
lName !=
"accept-language" &&
(lName !=
"content-type" ||
![
"text/plain" ,
"multipart/form-data" ,
"application/x-www-form-urlencoded" ]
.includes(test.headers[name].toLowerCase()));
}
req.url +=
"&headers=" + escape(JSON.stringify(test.headers));
reqHeaders =
escape(
Object .keys(test.headers)
.filter(isUnsafeHeader)
.
map (s => s.toLowerCase())
.sort()
.join(
"," ));
req.url += reqHeaders ?
"&requestHeaders=" + reqHeaders :
"" ;
}
if (
"allowHeaders" in test)
req.url +=
"&allowHeaders=" + escape(test.allowHeaders);
if (
"allowMethods" in test)
req.url +=
"&allowMethods=" + escape(test.allowMethods);
if (test.
body )
req.url +=
"&body=" + escape(test.
body );
if (test.status) {
req.url +=
"&status=" + test.status;
req.url +=
"&statusMessage=" + escape(test.statusMessage);
}
if (test.preflightStatus)
req.url +=
"&preflightStatus=" + test.preflightStatus;
if (test.responseHeaders)
req.url +=
"&responseHeaders=" + escape(JSON.stringify(test.responseHeaders));
if (test.exposeHeaders)
req.url +=
"&exposeHeaders=" + escape(test.exposeHeaders);
if (test.preflightBody)
req.url +=
"&preflightBody=" + escape(test.preflightBody);
loaderWindow.postMessage(JSON.stringify(req), origin);
res = JSON.parse(yield);
}
// Test cookie behavior
tests = [{ pass: 1,
method:
"GET" ,
withCred: 1,
allowCred: 1,
},
{ pass: 0,
method:
"GET" ,
withCred: 1,
allowCred: 0,
},
{ pass: 0,
method:
"GET" ,
withCred: 1,
allowCred: 1,
origin:
"*" ,
},
{ pass: 1,
method:
"GET" ,
withCred: 0,
allowCred: 1,
origin:
"*" ,
},
{ pass: 1,
method:
"GET" ,
setCookie:
"a=1" ,
withCred: 1,
allowCred: 1,
},
{ pass: 1,
method:
"GET" ,
cookie:
"a=1" ,
withCred: 1,
allowCred: 1,
},
{ pass: 1,
method:
"GET" ,
noCookie: 1,
withCred: 0,
allowCred: 1,
},
{ pass: 0,
method:
"GET" ,
noCookie: 1,
withCred: 1,
allowCred: 1,
},
{ pass: 1,
method:
"GET" ,
setCookie:
"a=2" ,
withCred: 0,
allowCred: 1,
},
{ pass: 1,
method:
"GET" ,
cookie:
"a=1" ,
withCred: 1,
allowCred: 1,
},
{ pass: 1,
method:
"GET" ,
setCookie:
"a=2" ,
withCred: 1,
allowCred: 1,
},
{ pass: 1,
method:
"GET" ,
cookie:
"a=2" ,
withCred: 1,
allowCred: 1,
},
];
if (!runCookieTests) {
tests = [];
}
for (test of tests) {
req = {
url: baseURL +
"allowOrigin=" + escape(test.origin || origin),
method: test.method,
headers: test.headers,
withCred: test.withCred,
};
if (test.allowCred)
req.url +=
"&allowCred" ;
if (test.setCookie)
req.url +=
"&setCookie=" + escape(test.setCookie);
if (test.cookie)
req.url +=
"&cookie=" + escape(test.cookie);
if (test.noCookie)
req.url +=
"&noCookie" ;
if (
"allowHeaders" in test)
req.url +=
"&allowHeaders=" + escape(test.allowHeaders);
if (
"allowMethods" in test)
req.url +=
"&allowMethods=" + escape(test.allowMethods);
loaderWindow.postMessage(JSON.stringify(req), origin);
res = JSON.parse(yield);
}
// Make sure to clear cookies to avoid affecting other tests
document.cookie =
"a=; path=/; expires=Thu, 01-Jan-1970 00:00:01 GMT"
// Test redirects
tests = [{ pass: 1,
method:
"GET" ,
hops: [{ server:
"http://example.com " ,
allowOrigin: origin
},
],
},
{ pass: 0,
method:
"GET" ,
hops: [{ server:
"http://example.com " ,
allowOrigin: origin
},
{ server:
"http://example.org " ,
allowOrigin: origin
},
],
},
{ pass: 1,
method:
"GET" ,
hops: [{ server:
"http://example.com " ,
allowOrigin: origin
},
{ server:
"http://example.org " ,
allowOrigin:
"*"
},
],
},
{ pass: 0,
method:
"GET" ,
hops: [{ server:
"http://example.com " ,
allowOrigin: origin
},
{ server:
"http://example.org " ,
},
],
},
{ pass: 1,
method:
"GET" ,
hops: [{ server:
"http://example.org " ,
},
{ server:
"http://example.org " ,
},
{ server:
"http://example.com " ,
allowOrigin: origin
},
],
},
{ pass: 0,
method:
"GET" ,
hops: [{ server:
"http://example.org " ,
},
{ server:
"http://example.org " ,
},
{ server:
"http://example.com " ,
allowOrigin: origin
},
{ server:
"http://example.org " ,
},
],
},
{ pass: 0,
method:
"GET" ,
hops: [{ server:
"http://example.com " ,
allowOrigin: origin
},
{ server:
"http://test2.example.org:8000 " ,
allowOrigin: origin
},
{ server:
"http://sub2.xn--lt-uia.example.org " ,
allowOrigin: origin
},
{ server:
"http://sub1.test1.example.org " ,
allowOrigin: origin
},
],
},
{ pass: 0,
method:
"GET" ,
hops: [{ server:
"http://example.com " ,
allowOrigin: origin
},
{ server:
"http://test2.example.org:8000 " ,
allowOrigin: origin
},
{ server:
"http://sub2.xn--lt-uia.example.org " ,
allowOrigin:
"*"
},
{ server:
"http://sub1.test1.example.org " ,
allowOrigin:
"*"
},
],
},
{ pass: 1,
method:
"GET" ,
hops: [{ server:
"http://example.com " ,
allowOrigin: origin
},
{ server:
"http://test2.example.org:8000 " ,
allowOrigin:
"*"
},
{ server:
"http://sub2.xn--lt-uia.example.org " ,
allowOrigin:
"*"
},
{ server:
"http://sub1.test1.example.org " ,
allowOrigin:
"*"
},
],
},
{ pass: 0,
method:
"GET" ,
hops: [{ server:
"http://example.com " ,
allowOrigin: origin
},
{ server:
"http://test2.example.org:8000 " ,
allowOrigin: origin
},
{ server:
"http://sub2.xn--lt-uia.example.org " ,
allowOrigin:
"x"
},
{ server:
"http://sub1.test1.example.org " ,
allowOrigin: origin
},
],
},
{ pass: 0,
method:
"GET" ,
hops: [{ server:
"http://example.com " ,
allowOrigin: origin
},
{ server:
"http://test2.example.org:8000 " ,
allowOrigin: origin
},
{ server:
"http://sub2.xn--lt-uia.example.org " ,
allowOrigin:
"*"
},
{ server:
"http://sub1.test1.example.org " ,
allowOrigin: origin
},
],
},
{ pass: 0,
method:
"GET" ,
hops: [{ server:
"http://example.com " ,
allowOrigin: origin
},
{ server:
"http://test2.example.org:8000 " ,
allowOrigin: origin
},
{ server:
"http://sub2.xn--lt-uia.example.org " ,
allowOrigin:
"*"
},
{ server:
"http://sub1.test1.example.org " ,
},
],
},
{ pass: 1,
method:
"POST" ,
body :
"hi there" ,
headers: {
"Content-Type" :
"text/plain" },
hops: [{ server:
"http://example.org " ,
},
{ server:
"http://example.com " ,
allowOrigin: origin,
},
],
},
{ pass: 1,
method:
"POST" ,
body :
"hi there" ,
headers: {
"Content-Type" :
"text/plain" ,
"my-header" :
"myValue" ,
},
hops: [{ server:
"http://example.org " ,
},
{ server:
"http://example.com " ,
allowOrigin: origin,
allowHeaders:
"my-header" ,
},
],
},
{ pass: 0,
method:
"POST" ,
body :
"hi there" ,
headers: {
"Content-Type" :
"text/plain" ,
"my-header" :
"myValue" ,
},
hops: [{ server:
"http://example.org " ,
},
{ server:
"http://example.com " ,
allowOrigin: origin,
allowHeaders:
"my-header" ,
},
{ server:
"http://sub1.test1.example.org " ,
allowOrigin: origin,
allowHeaders:
"my-header" ,
},
],
},
{ pass: 0,
method:
"POST" ,
body :
"hi there" ,
headers: {
"Content-Type" :
"text/plain" ,
"my-header" :
"myValue" ,
},
hops: [{ server:
"http://example.org " ,
},
{ server:
"http://example.com " ,
allowOrigin: origin,
allowHeaders:
"my-header" ,
},
{ server:
"http://example.com " ,
allowOrigin: origin,
allowHeaders:
"my-header" ,
},
],
},
{ pass: 0,
method:
"POST" ,
body :
"hi there" ,
headers: {
"Content-Type" :
"text/plain" ,
"my-header" :
"myValue" ,
},
hops: [{ server:
"http://example.org " ,
},
{ server:
"http://example.com " ,
allowOrigin: origin,
allowHeaders:
"my-header" ,
},
{ server:
"http://example.org " ,
allowOrigin: origin,
allowHeaders:
"my-header" ,
},
],
},
{ pass: 0,
method:
"POST" ,
body :
"hi there" ,
headers: {
"Content-Type" :
"text/plain" ,
"my-header" :
"myValue" ,
},
hops: [{ server:
"http://example.org " ,
},
{ server:
"http://example.com " ,
allowOrigin: origin,
noAllowPreflight: 1,
},
],
},
{ pass: 1,
method:
"DELETE" ,
hops: [{ server:
"http://example.org " ,
},
{ server:
"http://example.com " ,
allowOrigin: origin,
allowMethods:
"DELETE" ,
},
],
},
{ pass: 0,
method:
"DELETE" ,
hops: [{ server:
"http://example.org " ,
},
{ server:
"http://example.com " ,
allowOrigin: origin,
allowMethods:
"DELETE" ,
},
{ server:
"http://sub1.test1.example.org " ,
allowOrigin: origin,
allowMethods:
"DELETE" ,
},
],
},
{ pass: 0,
method:
"DELETE" ,
hops: [{ server:
"http://example.org " ,
},
{ server:
"http://example.com " ,
allowOrigin: origin,
allowMethods:
"DELETE" ,
},
{ server:
"http://example.com " ,
allowOrigin: origin,
allowMethods:
"DELETE" ,
},
],
},
{ pass: 0,
method:
"DELETE" ,
hops: [{ server:
"http://example.org " ,
},
{ server:
"http://example.com " ,
allowOrigin: origin,
allowMethods:
"DELETE" ,
},
{ server:
"http://example.org " ,
allowOrigin: origin,
allowMethods:
"DELETE" ,
},
],
},
{ pass: 0,
method:
"DELETE" ,
hops: [{ server:
"http://example.org " ,
},
{ server:
"http://example.com " ,
allowOrigin: origin,
allowMethods:
"DELETE" ,
noAllowPreflight: 1,
},
],
},
{ pass: 0,
method:
"POST" ,
body :
"hi there" ,
headers: {
"Content-Type" :
"text/plain" ,
"my-header" :
"myValue" ,
},
hops: [{ server:
"http://example.com " ,
allowOrigin: origin,
},
{ server:
"http://sub1.test1.example.org " ,
allowOrigin: origin,
},
],
},
{ pass: 0,
method:
"DELETE" ,
hops: [{ server:
"http://example.com " ,
allowOrigin: origin,
},
{ server:
"http://sub1.test1.example.org " ,
allowOrigin: origin,
},
],
},
{ pass: 0,
method:
"POST" ,
body :
"hi there" ,
headers: {
"Content-Type" :
"text/plain" ,
"my-header" :
"myValue" ,
},
hops: [{ server:
"http://example.com " ,
},
{ server:
"http://sub1.test1.example.org " ,
allowOrigin: origin,
allowHeaders:
"my-header" ,
},
],
},
{ pass: 1,
method:
"POST" ,
body :
"hi there" ,
headers: {
"Content-Type" :
"text/plain" },
hops: [{ server:
"http://example.org " ,
},
{ server:
"http://example.com " ,
allowOrigin: origin,
},
],
},
{ pass: 0,
method:
"POST" ,
body :
"hi there" ,
headers: {
"Content-Type" :
"text/plain" ,
"my-header" :
"myValue" ,
},
hops: [{ server:
"http://example.com " ,
allowOrigin: origin,
allowHeaders:
"my-header" ,
},
{ server:
"http://example.org " ,
allowOrigin: origin,
allowHeaders:
"my-header" ,
},
],
},
// test redirects with different credentials settings
{
// Initialize by setting a cookies for same- and cross- origins.
pass: 1,
method:
"GET" ,
hops: [{ server: origin,
setCookie: escape(
"a=1" ),
},
{ server:
"http://example.com " ,
allowOrigin: origin,
allowCred: 1,
setCookie: escape(
"a=2" ),
},
],
withCred: 1,
},
{ pass: 1,
method:
"GET" ,
hops: [{ server: origin,
cookie: escape(
"a=1" ),
},
{ server: origin,
cookie: escape(
"a=1" ),
},
{ server:
"http://example.com " ,
allowOrigin: origin,
noCookie: 1,
},
],
withCred: 0,
},
{ pass: 1,
method:
"GET" ,
hops: [{ server: origin,
cookie: escape(
"a=1" ),
},
{ server: origin,
cookie: escape(
"a=1" ),
},
{ server:
"http://example.com " ,
allowOrigin: origin,
allowCred: 1,
cookie: escape(
"a=2" ),
},
],
withCred: 1,
},
// expected fail because allow-credentials CORS
header is not set
{ pass: 0,
method:
"GET" ,
hops: [{ server: origin,
cookie: escape(
"a=1" ),
},
{ server: origin,
cookie: escape(
"a=1" ),
},
{ server:
"http://example.com " ,
allowOrigin: origin,
cookie: escape(
"a=2" ),
},
],
withCred: 1,
},
{ pass: 1,
method:
"GET" ,
hops: [{ server: origin,
cookie: escape(
"a=1" ),
},
{ server: origin,
cookie: escape(
"a=1" ),
},
{ server:
"http://example.com " ,
allowOrigin:
'*' ,
noCookie: 1,
},
],
withCred: 0,
},
{ pass: 0,
method:
"GET" ,
hops: [{ server: origin,
cookie: escape(
"a=1" ),
},
{ server: origin,
cookie: escape(
"a=1" ),
},
{ server:
"http://example.com " ,
allowOrigin:
'*' ,
allowCred: 1,
cookie: escape(
"a=2" ),
},
],
withCred: 1,
},
];
if (!runRedirectTests) {
tests = [];
}
for (test of tests) {
req = {
url: test.hops[0].server + basePath +
"hop=1&hops=" +
escape(JSON.stringify(test.hops)),
method: test.method,
headers: test.headers,
body : test.
body ,
withCred: test.withCred,
};
if (test.pass) {
if (test.
body )
req.url +=
"&body=" + escape(test.
body );
}
loaderWindow.postMessage(JSON.stringify(req), origin);
res = JSON.parse(yield);
}
document.location.href +=
"#finished" ;
}
</
script >
</
pre >
</
body >
</
html >
Messung V0.5 C=93 H=90 G=91
¤ Dauer der Verarbeitung: 0.31 Sekunden
(vorverarbeitet)
¤ *© Formatika GbR, Deutschland
