client-hint-request-headers.htm (3611B)
1 <!DOCTYPE html> 2 <meta charset=utf-8> 3 <title>CORS and Client Hints</title> 4 5 <script src=/resources/testharness.js></script> 6 <script src=/resources/testharnessreport.js></script> 7 <script src=support.js?pipe=sub></script> 8 9 <h1>Request headers</h1> 10 <div id=log></div> 11 <script> 12 13 test(function() { 14 var client = new XMLHttpRequest() 15 client.open('GET', CROSSDOMAIN + 'resources/cors-makeheader.py?headers=x-print', false) 16 client.setRequestHeader('x-print', 'unicorn') 17 client.setRequestHeader('y-print', 'unicorn') 18 assert_throws_dom("NetworkError", function() { client.send(null) }) 19 }, 'Unspecified request headers are disallowed') 20 21 test(function() { 22 var client = new XMLHttpRequest() 23 client.open('GET', CROSSDOMAIN + 'resources/cors-makeheader.py?headers=x-print', false) 24 client.setRequestHeader('device-memory', '') 25 assert_throws_dom("NetworkError", function() { client.send(null) }) 26 }, 'Unextractable device-memory client hint header is disallowed') 27 28 test(function() { 29 var client = new XMLHttpRequest() 30 client.open('GET', CROSSDOMAIN + 'resources/cors-makeheader.py?headers=x-print', false) 31 client.setRequestHeader('dpr', '') 32 assert_throws_dom("NetworkError", function() { client.send(null) }) 33 }, 'Unextractable DPR client hint header is disallowed') 34 35 test(function() { 36 var client = new XMLHttpRequest() 37 client.open('GET', CROSSDOMAIN + 'resources/cors-makeheader.py?headers=x-print', false) 38 client.setRequestHeader('width', '') 39 assert_throws_dom("NetworkError", function() { client.send(null) }) 40 }, 'Unextractable width client hint header is disallowed') 41 42 test(function() { 43 var client = new XMLHttpRequest() 44 client.open('GET', CROSSDOMAIN + 'resources/cors-makeheader.py?headers=x-print', false) 45 client.setRequestHeader('viewport-width', '') 46 assert_throws_dom("NetworkError", function() { client.send(null) }) 47 }, 'Unextractable viewport-width client hint header is disallowed') 48 49 test(function() { 50 var client = new XMLHttpRequest() 51 client.open('GET', CROSSDOMAIN + 'resources/cors-makeheader.py?headers=x-print', false) 52 client.setRequestHeader('rtt', '') 53 assert_throws_dom("NetworkError", function() { client.send(null) }) 54 client = new XMLHttpRequest() 55 client.open('GET', CROSSDOMAIN + 'resources/cors-makeheader.py?headers=x-print', false) 56 client.setRequestHeader('rtt', '-1') 57 assert_throws_dom("NetworkError", function() { client.send(null) }) 58 }, 'Test invalid rtt value is disallowed') 59 60 test(function() { 61 var client = new XMLHttpRequest() 62 client.open('GET', CROSSDOMAIN + 'resources/cors-makeheader.py?headers=x-print', false) 63 client.setRequestHeader('downlink', '') 64 assert_throws_dom("NetworkError", function() { client.send(null) }) 65 client = new XMLHttpRequest() 66 client.open('GET', CROSSDOMAIN + 'resources/cors-makeheader.py?headers=x-print', false) 67 client.setRequestHeader('downlink', '-1.0') 68 assert_throws_dom("NetworkError", function() { client.send(null) }) 69 }, 'Test invalid downlink value is disallowed') 70 71 test(function() { 72 var client = new XMLHttpRequest() 73 client.open('GET', CROSSDOMAIN + 'resources/cors-makeheader.py?headers=x-print', false) 74 client.setRequestHeader('ect', '') 75 assert_throws_dom("NetworkError", function() { client.send(null) }) 76 client = new XMLHttpRequest() 77 client.open('GET', CROSSDOMAIN + 'resources/cors-makeheader.py?headers=x-print', false) 78 client.setRequestHeader('ect', '6g') 79 assert_throws_dom("NetworkError", function() { client.send(null) }) 80 }, 'Test invalid ect value is disallowed') 81 82 </script>