cors-upload.any.js (1478B)
1 // META: title=Cross-Origin POST with preflight and FormData body should send body 2 // META: script=/common/get-host-info.sub.js 3 "use strict"; 4 5 function testCorsFormDataUpload(description, path, method, form, headers, withCredentials) { 6 const test = async_test(description); 7 const client = new XMLHttpRequest(); 8 const url = corsURL(path); 9 10 client.open(method, url, true); 11 client.withCredentials = withCredentials; 12 for (const key of Object.keys(headers)) { 13 client.setRequestHeader(key, headers[key]); 14 } 15 16 client.send(form); 17 18 client.onload = () => { 19 test.step(() => { 20 assert_equals(client.status, 200); 21 assert_regexp_match(client.responseText, /Content-Disposition: form-data/); 22 23 for (const key of form.keys()) { 24 assert_regexp_match(client.responseText, new RegExp(key)); 25 assert_regexp_match(client.responseText, new RegExp(form.get(key))); 26 } 27 }); 28 test.done(); 29 }; 30 } 31 32 function corsURL(path) { 33 const url = new URL(path, location.href); 34 url.hostname = get_host_info().REMOTE_HOST; 35 return url.href; 36 } 37 38 const form = new FormData(); 39 form.append("key", "value"); 40 41 testCorsFormDataUpload( 42 "Cross-Origin POST FormData body but no preflight", 43 "resources/echo-content-cors.py", 44 "POST", 45 form, 46 {}, 47 false 48 ); 49 50 testCorsFormDataUpload( 51 "Cross-Origin POST with preflight and FormData body", 52 "resources/echo-content-cors.py", 53 "POST", 54 form, 55 { 56 Authorization: "Bearer access-token" 57 }, 58 true 59 );