| <html> |
| <body> |
| <pre id='console'></pre> |
| <script type="text/javascript"> |
| function log(message) |
| { |
| document.getElementById('console').appendChild(document.createTextNode(message + "\n")); |
| } |
| |
| if (window.testRunner) |
| testRunner.dumpAsText(); |
| |
| (function() { |
| var xhr = new XMLHttpRequest; |
| |
| try { |
| xhr.open("PUT", "http://localhost:8000/xmlhttprequest/resources/access-control-basic-non-get-allow.cgi", false); |
| } catch(e) { |
| log("FAIL: Exception thrown. PUT cross-domain access is not allowed in 'open'. [" + e.message + "]."); |
| return; |
| } |
| |
| xhr.setRequestHeader("Content-Type", "text/plain"); |
| |
| try { |
| xhr.send("PASS: PUT data received"); |
| } catch(e) { |
| log("FAIL: Exception thrown. PUT cross-domain access is not allowed in 'send'. [" + e.message + "]."); |
| return; |
| } |
| |
| try { |
| xhr.open("PUT", "http://localhost:8000/xmlhttprequest/resources/access-control-basic-non-get-allow.cgi", false); |
| } catch(e) { |
| log("FAIL: Exception thrown. GET cross-domain access is not allowed in 'open'. [" + e.message + "]."); |
| return; |
| } |
| |
| xhr.setRequestHeader("Content-Type", "application/xml"); |
| |
| try { |
| xhr.send("FAIL: PUT data received"); |
| log("FAIL: Exception not thrown. Cross-domain access was allowed, even though content type was not on white list."); |
| log(xhr.responseText); |
| } catch(e) { |
| log("PASS: Exception thrown. Cross-domain access is not allowed in 'send'. [" + e.message + "]."); |
| return; |
| } |
| })(); |
| </script> |
| </body> |
| </html> |