diff options
Diffstat (limited to 'testing/web-platform/tests/XMLHttpRequest/anonymous-mode-unsupported.htm')
-rw-r--r-- | testing/web-platform/tests/XMLHttpRequest/anonymous-mode-unsupported.htm | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/testing/web-platform/tests/XMLHttpRequest/anonymous-mode-unsupported.htm b/testing/web-platform/tests/XMLHttpRequest/anonymous-mode-unsupported.htm new file mode 100644 index 000000000..9cacf61b7 --- /dev/null +++ b/testing/web-platform/tests/XMLHttpRequest/anonymous-mode-unsupported.htm @@ -0,0 +1,40 @@ +<!doctype html> +<html> + <head> + <title>XMLHttpRequest: anonymous mode unsupported</title> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + </head> + <body> + <div id="log"></div> + <script> + /* + Older versions of the XMLHttpRequest spec had an 'anonymous' mode + The point of this mode was to handle same-origin requests like other-origin requests, + i.e. require preflight, drop authentication data (cookies and HTTP auth) + Also the Origin: and Referer: headers would not be sent + + This mode was dropped due to lack of implementations and interest, + and this test is here just to assert failure if any implementation + supports this based on an older spec version. + */ + document.cookie = 'test=anonymous-mode-unsupported' + test = async_test(); + test.add_cleanup(function(){ + // make sure we clean up the cookie again to avoid confusing other tests.. + document.cookie = 'test=;expires=Fri, 28 Feb 2014 07:25:59 GMT'; + }) + test.step(function() { + var client = new XMLHttpRequest({anonymous:true}) + client.open("GET", "resources/inspect-headers.py?filter_name=cookie") + client.onreadystatechange = test.step_func(function(){ + if(client.readyState === 4){ + assert_equals(client.responseText, 'cookie: test=anonymous-mode-unsupported\n', 'The deprecated anonymous:true should be ignored, cookie sent anyway') + test.done(); + } + }); + client.send(null) + }) + </script> + </body> +</html> |