tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

send-authentication-competing-names-passwords.htm (2404B)

      1 <!doctype html>
      2 <html>
      3  <head>
      4    <title>XMLHttpRequest: send() - "Basic" authenticated requests with competing user name/password options</title>
      5    <script src="/resources/testharness.js"></script>
      6    <script src="/resources/testharnessreport.js"></script>
      7    <script src="/common/utils.js"></script>
      8  </head>
      9  <body>
     10    <div id="log"></div>
     11    <script>
     12      function request(user1, pass1, user2, pass2, name) {
     13        test(function() {
     14          const client = new XMLHttpRequest(),
     15                userwin = user2 || user1,
     16                passwin = pass2 || pass1;
     17          let urlstart = "";
     18          if (user1 || pass1) {
     19            urlstart = "http://";
     20            if (user1) {
     21              urlstart += user1;
     22            }
     23            if (pass1) {
     24              urlstart += ":" + pass1;
     25            }
     26            urlstart += "@" + location.host + location.pathname.replace(/\/[^\/]*$/, '/');
     27          }
     28          client.open("GET", urlstart + "resources/authentication.py", false, user2, pass2);
     29          client.setRequestHeader("x-user", userwin);
     30          client.send(null);
     31          assert_equals(client.responseText, ((userwin||'') + "\n" + (passwin||'')), 'responseText should contain the right user and password');
     32        }, "XMLHttpRequest user/pass options: " + name);
     33      }
     34      // Cannot have just a password
     35      request(null, null, token(), null, "user in open()");
     36      request(null, null, token(), token(), "user/pass in open()");
     37      request(null, null, token(), token(), "another user/pass in open(); must override cached credentials from previous test");
     38      request(null, token(), token(), null, "pass in URL, user in open()");
     39      request(null, token(), token(), token(), "pass in URL, user/pass in open()");
     40      request(token(), null, null, null, "user in URL");
     41      request(token(), null, null, token(), "user in URL, pass in open()");
     42      request(token(), token(), null, null, "user/pass in URL");
     43      request(token(), null, token(), null, "user in URL and open()");
     44      request(token(), null, token(), token(), "user in URL; user/pass in open()");
     45      request(token(), token(), token(), null, "user/pass in URL; user in open()");
     46      request(token(), token(), null, token(), "user/pass in URL; pass in open()");
     47      request(token(), token(), token(), token(), "user/pass in URL and open()");
     48    </script>
     49  </body>
     50 </html>