open-method-insecure.htm (894B)
1 <!DOCTYPE html> 2 <html> 3 <head> 4 <title>XMLHttpRequest: open() - "insecure" methods</title> 5 <script src="/resources/testharness.js"></script> 6 <script src="/resources/testharnessreport.js"></script> 7 <link rel="help" href="https://xhr.spec.whatwg.org/#the-open()-method" data-tested-assertations="following::ol/li[5] following::ol/li[6]" /> 8 </head> 9 <body> 10 <div id="log"></div> 11 <script> 12 function method(method) { 13 test(function() { 14 var client = new XMLHttpRequest() 15 assert_throws_dom("SecurityError", function() { client.open(method, "...") }) 16 }, document.title + " (" + method + ")") 17 } 18 method("track") 19 method("TRACK") 20 method("trAck") 21 method("TRACE") 22 method("trace") 23 method("traCE") 24 method("connect") 25 method("CONNECT") 26 method("connECT") 27 </script> 28 </body> 29 </html>