browser_default_credentialless_fetch.js (1396B)
1 /* Any copyright is dedicated to the Public Domain. 2 https://creativecommons.org/publicdomain/zero/1.0/ */ 3 4 "use strict"; 5 6 const RESOURCE_URL = 7 getRootDirectory(gTestPath).replace( 8 "chrome://mochitests/content", 9 "https://example.com" 10 ) + "store_header.sjs"; 11 12 add_task(async function test_fetch_defaults_to_credentialless() { 13 // Ensure cookie is set up: 14 let expiry = Date.now() + 1000 * 24 * 60 * 60; 15 const cv = Services.cookies.add( 16 "example.com", 17 "/", 18 "foo", 19 "bar", 20 false, 21 false, 22 false, 23 expiry, 24 {}, 25 Ci.nsICookie.SAMESITE_UNSET, 26 Ci.nsICookie.SCHEME_HTTPS 27 ); 28 is(cv.result, Ci.nsICookieValidation.eOK, "Valid cookie"); 29 30 // Explicitly send cookie header by using `same-origin` in the init dict, to 31 // ensure cookies are stored correctly and can be sent. 32 await fetch(RESOURCE_URL + "?checkheader", { credentials: "same-origin" }); 33 34 Assert.equal( 35 await fetch(RESOURCE_URL + "?getstate").then(r => r.text()), 36 "hasCookie", 37 "Should have cookie when explicitly passing credentials info in 'checkheader' request." 38 ); 39 40 // Check the default behaviour. 41 await fetch(RESOURCE_URL + "?checkheader"); 42 Assert.equal( 43 await fetch(RESOURCE_URL + "?getstate").then(r => r.text()), 44 "noCookie", 45 "Should not have cookie in the default case (no explicit credentials mode) for chrome privileged requests." 46 ); 47 });