1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
|
<!DOCTYPE html>
<html>
<head>
<meta charset=utf-8>
<title>EventSource: cross-origin</title>
<meta name=author title="Odin Hørthe Omdal" href="mailto:odiho@opera.com">
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
</head>
<body>
<div id="log"></div>
<script>
var crossdomain = location.href
.replace('://', '://www2.')
.replace(/\/[^\/]*$/, '/')
function doCORS(url, title) {
async_test(document.title + " " + title).step(function() {
var source = new EventSource(url, { withCredentials: true })
source.onmessage = this.step_func(function(e) {
assert_equals(e.data, "data")
source.close()
this.done()
})
})
}
doCORS(crossdomain + "resources/cors.py?run=message",
"basic use")
doCORS(crossdomain + "resources/cors.py?run=redirect&location=/eventsource/resources/cors.py?run=message",
"redirect use")
doCORS(crossdomain + "resources/cors.py?run=status-reconnect&status=200",
"redirect use recon")
function failCORS(url, title) {
async_test(document.title + " " + title).step(function() {
var source = new EventSource(url)
source.onerror = this.step_func(function(e) {
assert_equals(source.readyState, source.CLOSED, 'readyState')
assert_false(e.hasOwnProperty('data'))
source.close()
this.done()
})
/* Shouldn't happen */
source.onmessage = this.step_func(function(e) {
assert_unreached("shouldn't fire message event")
})
source.onopen = this.step_func(function(e) {
assert_unreached("shouldn't fire open event")
})
})
}
failCORS(crossdomain + "resources/cors.py?run=message&origin=http://example.org",
"allow-origin: http://example.org should fail")
failCORS(crossdomain + "resources/cors.py?run=message&origin=",
"allow-origin:'' should fail")
failCORS(crossdomain + "resources/message.py",
"No allow-origin should fail")
</script>
</body>
</html>
|
