summaryrefslogtreecommitdiffstats
path: root/dom/security/test/cors/file_CrossSiteXHR_inner.html
blob: 9268f0ed70f31145a52a948af043fee9fc4ced33 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
<!DOCTYPE HTML>
<!--
  NOTE! The content of this file is duplicated in file_CrossSiteXHR_inner.jar
  and file_CrossSiteXHR_inner_data.sjs
  Please update those files if you update this one.
-->

<html>
<head>
<script>
function trimString(stringValue) {
  return stringValue.replace(/^\s+|\s+$/g, '');
};

window.addEventListener("message", function(e) {

  sendData = null;

  req = eval(e.data);
  var res = {
    didFail: false,
    events: [],
    progressEvents: 0,
    status: 0,
    responseText: "",
    statusText: "",
    responseXML: null,
    sendThrew: false
  };
  
  var xhr = new XMLHttpRequest();
  for (type of ["load", "abort", "error", "loadstart", "loadend"]) {
    xhr.addEventListener(type, function(e) {
      res.events.push(e.type);
    }, false);
  }
  xhr.addEventListener("readystatechange", function(e) {
    res.events.push("rs" + xhr.readyState);
  }, false);
  xhr.addEventListener("progress", function(e) {
    res.progressEvents++;
  }, false);
  if (req.uploadProgress) {
    xhr.upload.addEventListener(req.uploadProgress, function(e) {
      res.progressEvents++;
    }, false);
  }
  xhr.onerror = function(e) {
    res.didFail = true;
  };
  xhr.onloadend = function (event) {
    res.status = xhr.status;
    try {
      res.statusText = xhr.statusText;
    } catch (e) {
      delete(res.statusText);
    }
    res.responseXML = xhr.responseXML ?
      (new XMLSerializer()).serializeToString(xhr.responseXML) :
      null;
    res.responseText = xhr.responseText;

    res.responseHeaders = {};
    for (responseHeader in req.responseHeaders) {
      res.responseHeaders[responseHeader] =
        xhr.getResponseHeader(responseHeader);
    }
    res.allResponseHeaders = {};
    var splitHeaders = xhr.getAllResponseHeaders().split("\r\n");
    for (var i = 0; i < splitHeaders.length; i++) {
      var headerValuePair = splitHeaders[i].split(":");
        if(headerValuePair[1] != null) {
          var headerName = trimString(headerValuePair[0]);
          var headerValue = trimString(headerValuePair[1]);
          res.allResponseHeaders[headerName] = headerValue;
        }
    }
    post(e, res);
  }

  if (req.withCred)
    xhr.withCredentials = true;
  if (req.body)
    sendData = req.body;

  res.events.push("opening");
  // Allow passign in falsy usernames/passwords so we can test them
  try {
    xhr.open(req.method, req.url, true,
             ("username" in req) ? req.username : "",
             ("password" in req) ? req.password : "aa");
  } catch (ex) {
    res.didFail = true;
    post(e, res);
  }

  for (header in req.headers) {
    xhr.setRequestHeader(header, req.headers[header]);
  }

  res.events.push("sending");
  try {
    xhr.send(sendData);
  } catch (ex) {
    res.didFail = true;
    res.sendThrew = true;
    post(e, res);
  }

}, false);

function post(e, res) {
  e.source.postMessage(res.toSource(), "http://mochi.test:8888");
}

</script>
</head>
<body>
Inner page
</body>
</html>