blob: 6e4467e880a375ed39b3e95d48ab721f50efb8ce [file] [log] [blame]
beidson@apple.com29c8b212009-09-14 20:05:30 +00001<html>
2<head>
3<script>
rniwa@webkit.org14a295a2012-06-13 07:49:51 +00004if (window.testRunner) {
5 testRunner.dumpAsText();
6 testRunner.dumpChildFramesAsText();
7 testRunner.setHandlesAuthenticationChallenges(true);
8 testRunner.setAuthenticationUsername("first");
9 testRunner.setAuthenticationPassword("first-pw");
10 testRunner.waitUntilDone();
beidson@apple.com29c8b212009-09-14 20:05:30 +000011}
12
13function firstFrameLoaded()
14{
rniwa@webkit.org14a295a2012-06-13 07:49:51 +000015 if (window.testRunner) {
16 testRunner.setAuthenticationUsername("second");
17 testRunner.setAuthenticationPassword("second-pw");
beidson@apple.com29c8b212009-09-14 20:05:30 +000018 }
19 var frame = document.createElement("iframe");
cgambrell@apple.come86a8b72021-03-01 21:16:20 +000020 frame.setAttribute("src", "http://127.0.0.1:8000/loading/resources/protected-resource.py");
achristensen@apple.com7cd6c5e2017-10-25 21:19:19 +000021 frame.setAttribute("onload", "setTimeout(secondFrameLoaded, 0)");
beidson@apple.com29c8b212009-09-14 20:05:30 +000022 document.body.appendChild(frame);
23}
24
25function secondFrameLoaded()
26{
rniwa@webkit.org14a295a2012-06-13 07:49:51 +000027 if (window.testRunner) {
28 testRunner.setAuthenticationUsername("third");
29 testRunner.setAuthenticationPassword("third-pw");
beidson@apple.com29c8b212009-09-14 20:05:30 +000030 }
31 var frame = document.createElement("iframe");
cgambrell@apple.come86a8b72021-03-01 21:16:20 +000032 frame.setAttribute("src", "http://127.0.0.1:8000/loading/resources/protected-resource.py");
achristensen@apple.com7cd6c5e2017-10-25 21:19:19 +000033 frame.setAttribute("onload", "setTimeout(thirdFrameLoaded, 0)");
beidson@apple.com29c8b212009-09-14 20:05:30 +000034 document.body.appendChild(frame);
35}
36
37function thirdFrameLoaded()
38{
rniwa@webkit.org14a295a2012-06-13 07:49:51 +000039 if (window.testRunner) {
40 testRunner.setAuthenticationUsername("fourth");
41 testRunner.setAuthenticationPassword("fourth-pw");
beidson@apple.com29c8b212009-09-14 20:05:30 +000042 }
43 var frame = document.createElement("iframe");
cgambrell@apple.come86a8b72021-03-01 21:16:20 +000044 frame.setAttribute("src", "http://127.0.0.1:8000/loading/resources/othersubresources/protected-resource.py");
achristensen@apple.com7cd6c5e2017-10-25 21:19:19 +000045 frame.setAttribute("onload", "setTimeout(fourthFrameLoaded, 0)");
beidson@apple.com29c8b212009-09-14 20:05:30 +000046 document.body.appendChild(frame);
47}
48
49function fourthFrameLoaded()
50{
rniwa@webkit.org14a295a2012-06-13 07:49:51 +000051 if (window.testRunner)
52 testRunner.notifyDone();
beidson@apple.com29c8b212009-09-14 20:05:30 +000053}
54
achristensen@apple.com94739c22017-10-16 23:10:00 +000055function makeIFrame() {
56 var iframe = document.createElement("iframe");
achristensen@apple.com7cd6c5e2017-10-25 21:19:19 +000057 iframe.setAttribute("onload", "setTimeout(firstFrameLoaded, 0)");
cgambrell@apple.come86a8b72021-03-01 21:16:20 +000058 iframe.src="resources/subresources/protected-resource.py";
achristensen@apple.com94739c22017-10-16 23:10:00 +000059 document.body.appendChild(iframe);
60}
61
beidson@apple.com29c8b212009-09-14 20:05:30 +000062</script>
63</head>
achristensen@apple.com7cd6c5e2017-10-25 21:19:19 +000064<body onload="setTimeout(makeIFrame, 0)">
beidson@apple.com29c8b212009-09-14 20:05:30 +000065This test makes sure that once an HTTP Basic Auth. protected path is authenticated once, urls that emanate from that path automatically have their credentials sent without a challenge.<br>
cgambrell@apple.come86a8b72021-03-01 21:16:20 +000066The first frame's path is /loading/resources/subresources/protected-resource.py, and we should get a challenge for it.<br>
beidson@apple.com29c8b212009-09-14 20:05:30 +000067It will be authorized with first/first-pw.<br>
cgambrell@apple.come86a8b72021-03-01 21:16:20 +000068The second frame's path is /loading/resources/protected-resource.py, and we should get a challenge for it, because it does not share a common subpath of the previously authorized resource.<br>
beidson@apple.com29c8b212009-09-14 20:05:30 +000069It will be authorized with second/second-pw.<br>
cgambrell@apple.come86a8b72021-03-01 21:16:20 +000070The third frame's path is also /loading/resources/protected-resource.py, and we should *not* get a challenge for it because we authorized to this path for the second frame.<br>
beidson@apple.com29c8b212009-09-14 20:05:30 +000071It will be authorized with second/second-pw.<br>
cgambrell@apple.come86a8b72021-03-01 21:16:20 +000072The fourth frame's path is /loading/resources/othersubresources/protected-resource.py, and we should *not* get a challenge for it, because it has a common subpath with the previously authorized second and third frames.<br>
beidson@apple.com29c8b212009-09-14 20:05:30 +000073It will be authorized with second/second-pw.<br>
beidson@apple.com29c8b212009-09-14 20:05:30 +000074</body>
75</html>