blob: fe7f44a6598aa348aaef81dd90e9c4e0a9f57352 [file] [log] [blame]
<html>
<body>
<pre id='console'></pre>
<script type="text/javascript">
function log(message)
{
document.getElementById('console').appendChild(document.createTextNode(message + "\n"));
}
if (window.testRunner)
testRunner.dumpAsText();
(function() {
var xhr = new XMLHttpRequest();
try {
xhr.open("GET", "http://localhost:8000/xmlhttprequest/resources/access-control-preflight-denied-xsrf.py?test=access-control-preflight-sync-method-denied&state=reset", false);
xhr.send(null);
} catch(e) {
log("FAIL: Unable to reset server state: [" + e.message + "].");
return;
}
xhr = new XMLHttpRequest();
try {
xhr.open("DELETE", "http://localhost:8000/xmlhttprequest/resources/access-control-preflight-denied-xsrf.py?test=access-control-preflight-sync-method-denied&state=method", false);
} catch(e) {
log("FAIL: Exception thrown. Cross-domain access is not allowed in first 'open'. [" + e.message + "].");
return;
}
try {
xhr.send(null);
log("FAIL: Cross-domain access allowed in first send without throwing an exception");
return;
} catch(e) {
// Eat the exception.
}
xhr = new XMLHttpRequest();
try {
xhr.open("GET", "http://localhost:8000/xmlhttprequest/resources/access-control-preflight-denied-xsrf.py?test=access-control-preflight-sync-method-denied&state=complete", false);
} catch(e) {
log("FAIL: Exception thrown. Cross-domain access is not allowed in second 'open'. [" + e.message + "].");
return;
}
try {
xhr.send(null);
} catch(e) {
log("FAIL: Exception thrown. Cross-domain access is not allowed in second 'send'. [" + e.message + "].");
return;
}
log(xhr.responseText);
})();
</script>
</body>
</html>