blob: 5cf9c6b0eecc685ff0478e37b998abde37fcada3 [file] [log] [blame]
CONSOLE MESSAGE: Credentials flag is true, but Access-Control-Allow-Credentials is not "true".
CONSOLE MESSAGE: XMLHttpRequest cannot load http://localhost:8000/xmlhttprequest/resources/cross-origin-no-authorization.py due to access control checks.
CONSOLE MESSAGE: Credentials flag is true, but Access-Control-Allow-Credentials is not "true".
CONSOLE MESSAGE: XMLHttpRequest cannot load http://localhost:8000/xmlhttprequest/resources/cross-origin-no-authorization.py due to access control checks.
Start
Trying different ways to access a password protected resource from another origin. The UA already has login and password for this protection space.
You should see several PASS messages followed by a DONE
SCRIPT SRC='...' Should succeed, since authorization is sent for cross-origin subresource loads.
PASS: Loaded, user test
Cross-origin XMLHttpRequest (sync), authorization will not be sent, because withCredentials is false.
PASS: 401 Authorization required
Cross-origin XMLHttpRequest (sync), testing authorization that's not allowed by the server (withCredentials is true, but access control headers are not set).
PASS: Got an exception. NetworkError: A network error occurred.
Cross-origin XMLHttpRequest (sync), testing cookies.
PASS
Cross-origin XMLHttpRequest (async), authorization will not be sent, because withCredentials is false.
PASS: 401 Authorization required
Cross-origin XMLHttpRequest (async), testing authorization that's not allowed by the server (withCredentials is true, but access control headers are not set).
PASS: Received error event.
Cross-origin XMLHttpRequest (async), testing cookies.
PASS
Cross-origin XMLHttpRequest (sync), testing authorization with explicitly provided credentials that should be ignored.
PASS: 401 Authorization required
Cross-origin XMLHttpRequest (async), testing authorization with explicitly provided credentials that should be ignored.
PASS: 401 Authorization required
DONE