LayoutTests/imported/w3c/web-platform-tests/html/semantics/scripting-1/the-script-element/script-crossorigin-network.html - WebKit - Git at Google

 <!doctype html>
 <meta charset="utf-8">
 <title>HTMLScriptElement: crossorigin attribute network test</title>
 <link rel="author" title="KiChjang" href="mailto:kungfukeith11@gmail.com">
 <link rel="help" href="https://html.spec.whatwg.org/multipage/#cors-settings-attribute">
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>

 <body>
   <script type="text/javascript">
   var test1 = async_test(document.title + "1");
   var test2 = async_test(document.title + "2");
   var test3 = async_test(document.title + "3");

   var script1 = document.createElement("script");
   script1.src = "resources/cross-origin.py";
   script1.crossOrigin = "use-credentials";
   var script2 = document.createElement("script");
   script2.src = "resources/cross-origin.py";
   script2.crossOrigin = "gibberish";
   var script3 = document.createElement("script");
   script3.src = "resources/cross-origin.py";

   document.cookie = "milk=yes";
   document.body.appendChild(script1);
   script1.onload = function() {
     test1.step(function() {
       assert_true(included, "credentials should be included in script request");
       test1.done();
     });
   };

   document.body.appendChild(script2);
   script2.onload = function() {
     test2.step(function() {
       assert_true(included, "invalid values should default to include credentials due to response tainting");
       test2.done();
     });
   };

   document.body.appendChild(script3);
   script3.onload = function() {
     test3.step(function() {
       assert_true(included, "missing value should default to include credentials");
       test3.done();
     });
   };
   </script>
 </body>
	<!doctype html>
	<meta charset="utf-8">
	<title>HTMLScriptElement: crossorigin attribute network test</title>
	<link rel="author" title="KiChjang" href="mailto:kungfukeith11@gmail.com">
	<link rel="help" href="https://html.spec.whatwg.org/multipage/#cors-settings-attribute">
	<script src="/resources/testharness.js"></script>
	<script src="/resources/testharnessreport.js"></script>

	<body>
	<script type="text/javascript">
	var test1 = async_test(document.title + "1");
	var test2 = async_test(document.title + "2");
	var test3 = async_test(document.title + "3");

	var script1 = document.createElement("script");
	script1.src = "resources/cross-origin.py";
	script1.crossOrigin = "use-credentials";
	var script2 = document.createElement("script");
	script2.src = "resources/cross-origin.py";
	script2.crossOrigin = "gibberish";
	var script3 = document.createElement("script");
	script3.src = "resources/cross-origin.py";

	document.cookie = "milk=yes";
	document.body.appendChild(script1);
	script1.onload = function() {
	test1.step(function() {
	assert_true(included, "credentials should be included in script request");
	test1.done();
	});
	};

	document.body.appendChild(script2);
	script2.onload = function() {
	test2.step(function() {
	assert_true(included, "invalid values should default to include credentials due to response tainting");
	test2.done();
	});
	};

	document.body.appendChild(script3);
	script3.onload = function() {
	test3.step(function() {
	assert_true(included, "missing value should default to include credentials");
	test3.done();
	});
	};
	</script>
	</body>