| <!DOCTYPE html> |
| <html> |
| <head> |
| <title>XMLHttpRequest: open() - "insecure" methods</title> |
| <script src="/resources/testharness.js"></script> |
| <script src="/resources/testharnessreport.js"></script> |
| <link rel="help" href="https://xhr.spec.whatwg.org/#the-open()-method" data-tested-assertations="following::ol/li[5] following::ol/li[6]" /> |
| </head> |
| <body> |
| <div id="log"></div> |
| <script> |
| function method(method) { |
| test(function() { |
| var client = new XMLHttpRequest() |
| assert_throws_dom("SecurityError", function() { client.open(method, "...") }) |
| }, document.title + " (" + method + ")") |
| } |
| method("track") |
| method("TRACK") |
| method("trAck") |
| method("TRACE") |
| method("trace") |
| method("traCE") |
| method("connect") |
| method("CONNECT") |
| method("connECT") |
| </script> |
| </body> |
| </html> |