| CONSOLE MESSAGE: XMLHttpRequest cannot load http://localhost:8000/xmlhttprequest/resources/cross-origin-no-authorization.php. Credentials flag is true, but Access-Control-Allow-Credentials is not "true". |
| CONSOLE MESSAGE: XMLHttpRequest cannot load http://localhost:8000/xmlhttprequest/resources/cross-origin-no-authorization.php. Credentials flag is true, but Access-Control-Allow-Credentials is not "true". |
| Start |
| Trying different ways to access a password protected resource from another origin. The UA already has login and password for this protection space. |
| |
| You should see several PASS messages followed by a DONE |
| |
| SCRIPT SRC='...' Should succeed, since authorization is sent for cross-origin subresource loads. |
| PASS: Loaded, user test |
| Cross-origin XMLHttpRequest (sync), authorization will not be sent, because withCredentials is false. |
| PASS: 401 Authorization required |
| Cross-origin XMLHttpRequest (sync), testing authorization that's not allowed by the server (withCredentials is true, but access control headers are not set). |
| PASS: Got an exception. Error: NETWORK_ERR: XMLHttpRequest Exception 101 |
| Cross-origin XMLHttpRequest (sync), testing cookies. |
| PASS |
| Cross-origin XMLHttpRequest (async), authorization will not be sent, because withCredentials is false. |
| PASS: 401 Authorization required |
| Cross-origin XMLHttpRequest (async), testing authorization that's not allowed by the server (withCredentials is true, but access control headers are not set). |
| PASS: Received error event. |
| Cross-origin XMLHttpRequest (async), testing cookies. |
| PASS |
| Cross-origin XMLHttpRequest (sync), testing authorization with explicitly provided credentials that should be ignored. |
| PASS: 401 Authorization required |
| Cross-origin XMLHttpRequest (async), testing authorization with explicitly provided credentials that should be ignored. |
| PASS: 401 Authorization required |
| DONE |
| |
