tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

simple-requests.htm (3195B)

      1 <!DOCTYPE html>
      2 <meta charset=utf-8>
      3 <title>CORS - simple requests</title>
      4 <meta name=author title="Odin Hørthe Omdal" href="mailto:odiho@opera.com">
      5 
      6 <script src=/resources/testharness.js></script>
      7 <script src=/resources/testharnessreport.js></script>
      8 <script src=support.js?pipe=sub></script>
      9 <script src=/common/utils.js></script>
     10 
     11 <h1>Simple requests</h1>
     12 <p>Simple requests shouldn't trigger preflight</p>
     13 
     14 <div id=log></div>
     15 <script>
     16 
     17 var test_c = 0;
     18 
     19 function check_simple(method, headers)
     20 {
     21    test(function() {
     22        var client = new XMLHttpRequest()
     23        var uuid_token = token();
     24        client.open(method, CROSSDOMAIN + 'resources/preflight.py?token='
     25                            + uuid_token, false)
     26        for (head in headers)
     27            client.setRequestHeader(head, headers[head])
     28        client.send("data")
     29        assert_equals(client.getResponseHeader('content-type'), "text/plain")
     30        if (method == 'HEAD')
     31            assert_equals(client.response, '', 'response')
     32        else
     33            assert_equals(client.response, 'NO', 'response')
     34 
     35        client.open('GET', 'resources/preflight.py?check&token='
     36                          + uuid_token, false)
     37        client.send("data")
     38        assert_equals(client.response, "0", "Found preflight log")
     39    },
     40    'No preflight ' + method + ' and ' + JSON.stringify(headers))
     41 }
     42 
     43 function check_simple_headers(headers) {
     44    check_simple('GET', headers)
     45    check_simple('HEAD', headers)
     46    check_simple('POST', headers)
     47 }
     48 
     49 check_simple_headers({'Accept': 'test'})
     50 check_simple_headers({'accept-language': 'test'})
     51 check_simple_headers({'CONTENT-language': 'test'})
     52 
     53 check_simple_headers({'Content-Type': 'application/x-www-form-urlencoded'})
     54 check_simple_headers({'content-type': 'multipart/form-data'})
     55 check_simple_headers({'content-type': 'text/plain'})
     56 
     57 check_simple_headers({
     58                        'accept': 'test',
     59                        'accept-language': 'test',
     60                        'content-language': 'test',
     61                        'content-type': 'text/plain; parameter=whatever'
     62                     })
     63 
     64 check_simple('Get', {'content-type': 'text/plain; parameter=extra_bonus'})
     65 check_simple('post', {'content-type': 'text/plain'})
     66 
     67 /* Extra async test */
     68 
     69 var simple_async = async_test("Check simple headers (async)")
     70 simple_async.step(function (){
     71    var time = new Date().getTime(),
     72        client = new XMLHttpRequest()
     73    var uuid_token = token();
     74    client.open('POST', CROSSDOMAIN + 'resources/preflight.py?token='
     75                        + uuid_token, true)
     76 
     77    client.setRequestHeader('Accept', 'jewelry')
     78    client.setRequestHeader('accept-language', 'nn-NO,nn,en')
     79    client.setRequestHeader('content-type', 'text/plain; parameter=extra')
     80    client.setRequestHeader('content-Language', 'nn-NO')
     81 
     82    client.onload = simple_async.step_func(function() {
     83        assert_equals(client.getResponseHeader('content-type'), "text/plain", 'content-type response header')
     84        assert_equals(client.response, 'NO', 'response')
     85        simple_async.done()
     86    })
     87    client.onerror = simple_async.step_func(function () { assert_unreached('onerror') })
     88    client.send()
     89 })
     90 </script>