From b0716525e5f0deae8d4045fdfcc41f67390a2d32 Mon Sep 17 00:00:00 2001 From: Anne van Kesteren Date: Fri, 8 Jun 2018 11:28:42 +0200 Subject: [PATCH 1/2] Fetch: basic syntax tests for Cross-Origin-Resource-Policy Supplements #11171. --- .../resources/hello.py | 6 ++++++ .../cross-origin-resource-policy/syntax.any.js | 17 +++++++++++++++++ 2 files changed, 23 insertions(+) create mode 100644 fetch/cross-origin-resource-policy/resources/hello.py create mode 100644 fetch/cross-origin-resource-policy/syntax.any.js diff --git a/fetch/cross-origin-resource-policy/resources/hello.py b/fetch/cross-origin-resource-policy/resources/hello.py new file mode 100644 index 00000000000000..2b7cb6c6fc9fa9 --- /dev/null +++ b/fetch/cross-origin-resource-policy/resources/hello.py @@ -0,0 +1,6 @@ +def main(request, response): + headers = [("Cross-Origin-Resource-Policy", request.GET['corp'])] + if 'origin' in request.headers: + headers.append(('Access-Control-Allow-Origin', request.headers['origin'])) + + return 200, headers, "hello" diff --git a/fetch/cross-origin-resource-policy/syntax.any.js b/fetch/cross-origin-resource-policy/syntax.any.js new file mode 100644 index 00000000000000..9d97f310ed3ef8 --- /dev/null +++ b/fetch/cross-origin-resource-policy/syntax.any.js @@ -0,0 +1,17 @@ +// META: script=/common/get-host-info.sub.js + +const crossOriginURL = get_host_info().HTTP_REMOTE_ORIGIN + "/fetch/cross-origin-resource-policy/resources/hello.py?corp="; + +[ + "same", + "same, same-origin", + "SAME-ORIGIN", + "Same-Origin", + "same-origin, <>" +].forEach(incorrectHeaderValue => { + // Note: an incorrect value results in a successful load, so this test is only meaningful in + // implementations with support for the header. + promise_test(t => { + return fetch(crossOriginURL + encodeURIComponent(incorrectHeaderValue), { mode: "no-cors" }); + }, "Parsing Cross-Origin-Resource-Policy: " + incorrectHeaderValue); +}); From e65068511f2c3fce10b5d94e68b355d1664743e1 Mon Sep 17 00:00:00 2001 From: Anne van Kesteren Date: Mon, 18 Jun 2018 14:24:48 +0200 Subject: [PATCH 2/2] add one more test --- fetch/cross-origin-resource-policy/syntax.any.js | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/fetch/cross-origin-resource-policy/syntax.any.js b/fetch/cross-origin-resource-policy/syntax.any.js index 9d97f310ed3ef8..cf5b06d5c4f4b6 100644 --- a/fetch/cross-origin-resource-policy/syntax.any.js +++ b/fetch/cross-origin-resource-policy/syntax.any.js @@ -7,7 +7,8 @@ const crossOriginURL = get_host_info().HTTP_REMOTE_ORIGIN + "/fetch/cross-origin "same, same-origin", "SAME-ORIGIN", "Same-Origin", - "same-origin, <>" + "same-origin, <>", + "same-origin, same-origin" ].forEach(incorrectHeaderValue => { // Note: an incorrect value results in a successful load, so this test is only meaningful in // implementations with support for the header.