file_upgrade_insecure_cors.html (1359B)
1 <!DOCTYPE HTML> 2 <html> 3 <head> 4 <meta charset="utf-8"> 5 <title>Bug 1139297 - Implement CSP upgrade-insecure-requests directive</title> 6 </head> 7 <body> 8 9 <script type="text/javascript"> 10 // === TEST 1 11 var url1 = "http://test1.example.com/tests/dom/security/test/csp/file_upgrade_insecure_cors_server.sjs?test1"; 12 var xhr1 = new XMLHttpRequest(); 13 xhr1.open("GET", url1, true); 14 xhr1.onload = function() { 15 window.parent.postMessage(xhr1.response, "*"); 16 }; 17 xhr1.onerror = function() { 18 window.parent.postMessage("test1-failed", "*"); 19 }; 20 xhr1.send(); 21 22 // === TEST 2 23 var url2 = "http://test1.example.com/tests/dom/security/test/csp/file_upgrade_insecure_cors_server.sjs?test2"; 24 var xhr2 = new XMLHttpRequest(); 25 xhr2.open("GET", url2, true); 26 xhr2.onload = function() { 27 window.parent.postMessage(xhr2.response, "*"); 28 }; 29 xhr2.onerror = function() { 30 window.parent.postMessage("test2-failed", "*"); 31 }; 32 xhr2.send(); 33 34 // === TEST 3 35 var url3 = "http://test2.example.com/tests/dom/security/test/csp/file_upgrade_insecure_cors_server.sjs?test3"; 36 var xhr3 = new XMLHttpRequest(); 37 xhr3.open("GET", url3, true); 38 xhr3.onload = function() { 39 window.parent.postMessage(xhr3.response, "*"); 40 }; 41 xhr3.onerror = function() { 42 window.parent.postMessage("test3-failed", "*"); 43 }; 44 xhr3.send(); 45 46 </script> 47 48 </body> 49 </html>