--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/tests/cors/submitted/bhill2/origin-null.htm Sat Apr 13 16:15:26 2013 -0700
@@ -0,0 +1,32 @@
+<!DOCTYPE html>
+<meta charset=utf-8>
+<title>Access-Control-Allow-Origin handling</title>
+<meta name=help href=http://dvcs.w3.org/hg/cors/raw-file/tip/Overview.html#resource-sharing-check>
+<meta name=author title="Odin Hørthe Omdal" href="mailto:odiho@opera.com">
+
+<script src=/resources/testharness.js></script>
+<script src=/resources/testharnessreport.js></script>
+<script src=support.js></script>
+
+<h1>Access-Control-Allow-Origin handling</h1>
+
+<div id=log></div>
+
+<script>
+
+/*
+ * Origin header
+ */
+function shouldFail(origin) {
+ test(function () {
+ var client = new XMLHttpRequest()
+ client.open('GET', CROSSDOMAIN
+ + '/resources/cors-makeheader.php?origin='
+ + encodeURIComponent(origin),
+ false)
+ assert_throws(null, function() { client.send() }, 'send')
+ }, 'Disallow origin: ' + origin.replace(/\0/g, "\\0"));
+}
+
+shouldFail(location.protocol + "//" + location.host + "\0")
+</script>