--- a/tests/cors/submitted/opera/js/basic.htm Thu Nov 01 05:42:22 2012 -0400
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,55 +0,0 @@
-<!DOCTYPE html>
-<html>
- <head>
- <title>XMLHttpRequest: Basic CORS</title>
- <script src="/resources/testharness.js"></script>
- <script src="/resources/testharnessreport.js"></script>
- <script src="support.js"></script>
- </head>
- <body>
- <p>This shouldn't be tested inside a tunnel.</p>
- <div id="log"></div>
- <script>
-
- var crossdomain = "http://" + SUBDOMAIN + "." + location.hostname
-
-
- /*
- * Basic usage
- */
-
- test(function() {
- var client = new XMLHttpRequest()
- client.open('GET', 'resources/cors-headers.php', false)
- client.send(null)
-
- assert_equals(client.response, 'TEST')
- }, 'same domain basic usage')
-
- test(function() {
- var client = new XMLHttpRequest()
- client.open('GET', CROSSDOMAIN + 'resources/cors-headers.php', false)
- client.send(null)
-
- assert_equals(client.response, 'TEST')
- }, 'crossdomain basic usage')
-
- test(function() {
- var client = new XMLHttpRequest()
- client.open('GET', 'http://' + location.hostname + ":" + PORT + dirname(location.pathname) + 'resources/cors-headers.php', false)
- client.send(null)
-
- assert_equals(client.response, 'TEST')
- }, 'same domain different port')
-
- test(function() {
- var client = new XMLHttpRequest()
- client.open('GET', 'http://' + SUBDOMAIN + '.' + location.hostname + ':' + PORT + dirname(location.pathname) + 'resources/cors-headers.php', false)
- client.send(null)
-
- assert_equals(client.response, 'TEST')
- }, 'crossdomain different port')
-
- </script>
- </body>
-</html>
--- a/tests/cors/submitted/opera/js/errors-async.htm Thu Nov 01 05:42:22 2012 -0400
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,58 +0,0 @@
-<!DOCTYPE html>
-<html>
- <head>
- <title>XMLHttpRequest: CORS - errors (async)</title>
- <script src="/resources/testharness.js"></script>
- <script src="/resources/testharnessreport.js"></script>
- <script src="support.js"></script>
- </head>
- <body>
- <p>This shouldn't be tested inside a tunnel.</p>
- <div id="log"></div>
- <script>
-
- /*
- * Error checking
- */
-
- ;(function() {
- var test = async_test('CORS fail async, getting onerror')
- test.step(function() {
- var xhr = new XMLHttpRequest()
- xhr.open('GET', CROSSDOMAIN + 'resources/cors-makeheader.php?origin=none', true)
- xhr.onerror = test.step_func(function(e) {
- assert_equals(xhr.readyState, xhr.DONE, "readyState")
- assert_equals(xhr.status, 0, "status")
- test.done()
- })
- xhr.onload = test.step_func(function(e) {
- assert_unreached("should never get a response")
- })
- xhr.send()
- })
- })();
-
- ;(function() {
- var test = async_test('CORS fail async, 1: onreadystatechange, 2: onerror')
- test.step(function() {
- var xhr = new XMLHttpRequest(),
- passed = false
- xhr.open('GET', CROSSDOMAIN + 'resources/cors-makeheader.php?origin=none', true)
- xhr.onreadystatechange = test.step_func(function(e) {
- if (xhr.readyState > xhr.OPENED)
- assert_equals(xhr.status, 0, "status")
-
- if (xhr.readyState == xhr.DONE)
- passed = true
- })
- xhr.onerror = test.step_func(function(e) {
- assert_true(passed, 'readystate DONE should be done first')
- test.done()
- })
- xhr.send()
- })
- })();
-
- </script>
- </body>
-</html>
--- a/tests/cors/submitted/opera/js/origin.htm Thu Nov 01 05:42:22 2012 -0400
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,85 +0,0 @@
-<!DOCTYPE html>
-<html>
- <head>
- <title>XMLHttpRequest: CORS - Access-Control-Allow-Origin, various</title>
- <script src="/resources/testharness.js"></script>
- <script src="/resources/testharnessreport.js"></script>
- <script src="support.js"></script>
- </head>
- <body>
- <p>This shouldn't be tested inside a tunnel.</p>
- <div id="log"></div>
- <script>
-
- /*
- * Origin header
- */
- function shouldPass(origin) {
- test(function () {
- var client = new XMLHttpRequest()
- client.open('GET', CROSSDOMAIN
- + '/resources/cors-makeheader.php?origin='
- + encodeURIComponent(origin),
- false)
- client.send()
- r = JSON.parse(client.response)
- var host = location.protocol + "//" + location.host
- assert_equals(r['origin'], host, 'Request Origin: should be ' + host)
- }, 'Allow origin: ' + origin.replace(/\t/g, "[tab]").replace(/ /g, '_'));
- }
-
- shouldPass('*');
- shouldPass(' * ');
- shouldPass(' *');
- shouldPass(location.protocol + "//" + location.host);
- shouldPass(" "+location.protocol + "//" + location.host);
- shouldPass(" "+location.protocol + "//" + location.host + " ");
- shouldPass(" "+location.protocol + "//" + location.host);
-
-
- function shouldFail(origin) {
- test(function () {
- var client = new XMLHttpRequest()
- client.open('GET', CROSSDOMAIN
- + '/resources/cors-makeheader.php?origin='
- + encodeURIComponent(origin),
- false)
- assert_throws(null, function() { client.send() }, 'send')
- }, 'Allow origin: ' + origin + ' should throw NETWORK_ERR');
- }
-
- shouldFail(location.protocol + "//" + SUBDOMAIN + "." + location.host)
- shouldFail("//" + location.host)
- shouldFail("://" + location.host)
- shouldFail("ftp://" + location.host)
- shouldFail("http:://" + location.host)
- shouldFail("http:/" + location.host)
- shouldFail("http:" + location.host)
- shouldFail(location.host)
- shouldFail(location.protocol + "//" + location.host + "?")
- shouldFail(location.protocol + "//" + location.host + "/")
- shouldFail(location.protocol + "//" + location.host + " /")
- shouldFail(location.protocol + "//" + location.host + "#")
- shouldFail(location.protocol + "//" + location.host + "%23")
- shouldFail(location.protocol + "//" + location.host + ":80")
- shouldFail(location.protocol + "//" + location.host + ", *")
- shouldFail((location.protocol + "//" + location.host).toUpperCase())
- shouldFail(location.protocol.toUpperCase() + "//" + location.host)
- shouldFail("-")
- shouldFail("**")
- shouldFail("* *")
- shouldFail("*" + location.protocol + "//" + "*")
- shouldFail("*" + location.protocol + "//" + location.host)
- shouldFail("* " + location.protocol + "//" + location.host)
- shouldFail("*, " + location.protocol + "//" + location.host)
- shouldFail("null " + location.protocol + "//" + location.host)
- shouldFail('http://example.net')
- shouldFail('null')
- shouldFail('')
- shouldFail(location.href)
- shouldFail(dirname(location.href))
- shouldFail(CROSSDOMAIN)
-
- </script>
- </body>
-</html>
--- a/tests/cors/submitted/opera/js/redirect-preflight.htm Thu Nov 01 05:42:22 2012 -0400
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,64 +0,0 @@
-<!DOCTYPE html>
-<html>
- <head>
- <title>XMLHttpRequest: CORS - redirect with preflight</title>
- <script src="/resources/testharness.js"></script>
- <script src="/resources/testharnessreport.js"></script>
- <script src="support.js"></script>
- </head>
- <body>
- <p>This shouldn't be tested inside a tunnel.</p>
- <div id="log"></div>
- <script>
-
- var req_c = 0 // Request count for cache busting and easy identifying of request in traffic analyzer
-
- /*
- * Redirection with preflights
- */
-
- function redir_preflight(code) {
- test(function() {
- var client = new XMLHttpRequest(),
- redirect = CROSSDOMAIN + 'resources/cors-makeheader.php?headers=x-test&' + req_c++
-
- client.open('GET', CROSSDOMAIN + 'resources/cors-makeheader.php?'
- + 'headers=x-test&location=' + encodeURIComponent(redirect)
- + '&code=' + code + '&preflight=' + code + '&' + req_c++,
- false)
- client.setRequestHeader('x-test', 'test')
- assert_throws(null, function() { client.send(null) });
-
- },
- 'Redirect ' + code + ' on preflight')
- }
- redir_preflight(301)
- redir_preflight(302)
- redir_preflight(303)
- redir_preflight(307)
-
- /* Even thought the preflight was allowed (200), CORS should not follow
- a subsequent redirect */
- function redir_after_preflight(code) {
- test(function() {
- var client = new XMLHttpRequest(),
- redirect = CROSSDOMAIN + 'resources/cors-makeheader.php?headers=x-test&' + req_c++
-
- client.open('GET', CROSSDOMAIN + 'resources/cors-makeheader.php?'
- + 'preflight=200&headers=x-test&location='
- + encodeURIComponent(redirect) + '&code=' + code + '&' + req_c++,
- false)
- client.setRequestHeader('x-test', 'test')
- assert_throws(null, function() { client.send(null) });
-
- },
- 'Redirect ' + code + ' after succesful (200) preflight')
- }
- redir_after_preflight(301)
- redir_after_preflight(302)
- redir_after_preflight(303)
- redir_after_preflight(307)
-
- </script>
- </body>
-</html>
--- a/tests/cors/submitted/opera/js/status-async.htm Thu Nov 01 05:42:22 2012 -0400
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,101 +0,0 @@
-<!doctype html>
-<html>
- <head>
- <title>XMLHttpRequest: CORS - status (async)</title>
- <script src="/resources/testharness.js"></script>
- <script src="/resources/testharnessreport.js"></script>
- <script src="support.js"></script>
- </head>
- <body>
- <p>This shouldn't be tested inside a tunnel.</p>
- <div id="log"></div>
- <script>
-
- function statusRequest(method, code, text, content, type) {
- var test = async_test("Status on " + method + " " + code)
- test.step(function() {
- var client = new XMLHttpRequest()
- client.open(method, CROSSDOMAIN + "resources/status.php?code="
- + code + "&text=" + text + "&content=" + content + "&type=" + type, true)
- client.onreadystatechange = test.step_func(function() {
- if (client.readyState != client.DONE)
- return
- assert_equals(client.status, code, 'response status')
- assert_equals(client.statusText, text, 'response status text')
- assert_equals(client.getResponseHeader("X-Request-Method"), method, 'method')
- if(method != "HEAD") {
- if(type == "text/xml") {
- assert_equals(client.responseXML.documentElement.localName, "x", 'responseXML')
- }
- assert_equals(client.response, content, 'response content')
- }
- test.done()
- })
- client.send(null)
- })
- }
-
- /* method code text content type */
- statusRequest("GET", 200, 'OK', 'Not today.', '')
- statusRequest("POST", 200, 'OK', '<x>402<\/x>', 'text/xml')
- statusRequest("HEAD", 200, 'OK', 'Nice!', 'text/doesnotmatter')
- statusRequest("PUT", 200, 'OK', '400', 'text/plain')
- statusRequest("CHICKEN", 200, 'OK', 'bah', '')
-
-
- function statusRequestFail(method, code, expect_code, nonsimple) {
- var test = async_test("Status on " + method + " " + code + ((nonsimple===true)?' (nonsimple)':''))
- if (expect_code === undefined)
- expect_code = code
-
- test.step(function() {
- var client = new XMLHttpRequest()
-
- client.open(method, CROSSDOMAIN + "resources/status.php?code="
- + code + '&headers=x-nonsimple&text=OHAI', true)
-
- if (nonsimple === true)
- client.setRequestHeader('x-nonsimple', true)
-
- client.onreadystatechange = test.step_func(function() {
- if (client.readyState < client.HEADERS_RECIEVED)
- return
- assert_equals(client.response, "", "response data")
- assert_equals(client.status, expect_code, "response status")
- assert_equals(client.statusText, (expect_code == 0 ? "" : "OHAI"), "response statusText")
- if (client.readyState == client.DONE)
- test.done()
- })
-
- client.onerror = test.step_func(function(e) {
- assert_unreached("Got error event.")
- })
-
- client.send()
- })
- }
-
- /* expect
- method code status */
- statusRequestFail("GET", 204)
- statusRequestFail("GET", 400)
- statusRequestFail("HEAD", 401)
- statusRequestFail("POST", 404)
- statusRequestFail("POST", 500)
-
- /* Preflight response status is not 200, so the algorithm set status to 0. */
- statusRequestFail("PUT", 699, 0)
- statusRequestFail("CHICKEN", 501, 0)
-
- /* "forced"
- preflight */
- statusRequestFail("GET", 204, 0, true)
- statusRequestFail("GET", 400, 0, true)
- statusRequestFail("HEAD", 401, 0, true)
- statusRequestFail("POST", 404, 0, true)
- statusRequestFail("PUT", 699, 0, true)
- statusRequestFail("CHICKEN", 501, 0, true)
-
- </script>
- </body>
-</html>
--- a/tests/cors/submitted/opera/js/status-errors.htm Thu Nov 01 05:42:22 2012 -0400
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,74 +0,0 @@
-<!doctype html>
-<meta charset=utf-8>
-<title>CORS error events</title>
-<script src="/resources/testharness.js"></script>
-<script src="/resources/testharnessreport.js"></script>
-<script src="support.js"></script>
-
-<pre>
- allowed preflight response | status |
- ------- --------- -------- | ------ |
- 1 no x 400 | 0 | fires error
- 2 no 200 x | 0 | fires error
- 3 yes x 400 | 400 |
- 4 yes 200 400 | 400 |
- 5 yes 400 x | 0 | fires error
-</pre>
-
-<div id=log></div>
-
-<script>
-
- var counter = 0
-
- function testit(allow, preflight, response, status) {
- var test = async_test(
- (++counter) + '. ' +
- (allow ? 'CORS allowed' : 'CORS disallowed') +
- (preflight ? ', preflight status '+preflight : '') +
- (response ? ', response status '+response : '') +
- '.'
- )
-
- test.step(function() {
- var client = new XMLHttpRequest()
- client.open('GET', CROSSDOMAIN + 'resources/cors-makeheader.php?' + counter +
- (allow ? '&headers=x-custom': '&origin=none') +
- (response ? '&code='+response : '') +
- (preflight ? '&preflight='+preflight : '')
- )
-
- if (preflight)
- client.setRequestHeader('X-Custom', 'preflight')
-
- client.onload = test.step_func(function() {
- /* Allow wild error events to fire */
- setTimeout(test.step_func(function() {
- if (status != 0)
- test.done()
- }), 10)
- })
-
- client.onerror = test.step_func(function() {
- if (status == 0) {
- assert_equals(client.readyState, client.DONE, 'readyState')
- assert_equals(client.status, 0, 'status')
- test.done()
- }
- else
- assert_unreached("Got unexpected error event.")
- })
-
- client.send()
-
- })
- }
-
- /* allow pref resp status */
- testit(false, null, 400, 0)
- testit(false, 200, null, 0)
- testit(true, null, 400, 400)
- testit(true, 200, 400, 400)
- testit(true, 400, null, 0)
-
-</script>
--- a/tests/cors/submitted/opera/js/status-preflight.htm Thu Nov 01 05:42:22 2012 -0400
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,65 +0,0 @@
-<!doctype html>
-<html>
- <head>
- <title>CORS - status after preflight</title>
- <script src="/resources/testharness.js"></script>
- <script src="/resources/testharnessreport.js"></script>
- <script src="support.js"></script>
- </head>
- <body>
- <p>This shouldn't be tested inside a tunnel.</p>
- <div id="log"></div>
- <script>
- var counter = 0
-
- function statusAfterPreflight(method, code) {
- counter++
- var test = async_test(document.title + " on "
- + method + " " + code)
-
- test.step(function() {
- var client = new XMLHttpRequest()
- client.open(method, CROSSDOMAIN + "resources/status.php?" + counter
- +"&code=" + code + '&headers=x-nonsimple&preflight=200', true)
-
- client.setRequestHeader('x-nonsimple', true)
- client.onreadystatechange = test.step_func(function() {
- assert_equals(client.response, "", "response data")
- assert_equals(client.status, code, "response status")
- if (client.readyState == client.DONE)
- /* Wait for wild error events */
- setTimeout(test.step_func(function() { test.done() }), 10)
- })
-
- client.onerror = test.step_func(function() {
- assert_unreached("Shouldn't throw no error event!")
- })
-
- client.send()
- })
- }
-
- /* method code */
- statusAfterPreflight("GET", 200)
- statusAfterPreflight("GET", 204)
- statusAfterPreflight("GET", 400)
- statusAfterPreflight("GET", 401)
-
- statusAfterPreflight("HEAD", 200)
- statusAfterPreflight("HEAD", 204)
- statusAfterPreflight("HEAD", 400)
- statusAfterPreflight("HEAD", 401)
- statusAfterPreflight("HEAD", 501)
- statusAfterPreflight("HEAD", 699)
-
- statusAfterPreflight("POST", 204)
- statusAfterPreflight("POST", 400)
- statusAfterPreflight("POST", 401)
- statusAfterPreflight("POST", 404)
-
- statusAfterPreflight("PUT", 699)
- statusAfterPreflight("CHICKEN", 501)
-
- </script>
- </body>
-</html>
--- a/tests/cors/submitted/opera/js/status.htm Thu Nov 01 05:42:22 2012 -0400
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,68 +0,0 @@
-<!doctype html>
-<meta charset=utf-8>
-<title>CORS status</title>
-<script src="/resources/testharness.js"></script>
-<script src="/resources/testharnessreport.js"></script>
-<script src="support.js"></script>
-
-<h1>The returned status code in different scenarios</h1>
-
-<pre>
- allowed preflight response | status |
- ------- --------- -------- | ------ |
- 1 no x 400 | 0 |
- 2 no 200 x | 0 |
- 3 yes x 400 | 400 |
- 4 yes 200 400 | 400 |
- 5 yes 400 x | 0 |
-</pre>
-
-<div id=log></div>
-
-<script>
-
- var counter = 0
-
- function testit(allow, preflight, response, status) {
- var test = async_test(
- (++counter) + '. ' +
- (allow ? 'CORS allowed' : 'CORS disallowed') +
- (preflight ? ', preflight status '+preflight : '') +
- (response ? ', response status '+response : '') +
- '.'
- )
-
- test.step(function() {
- var client = new XMLHttpRequest()
- client.open('GET', CROSSDOMAIN + 'resources/cors-makeheader.php?' + counter +
- (allow ? '&headers=x-custom': '&origin=none') +
- (response ? '&code='+response : '') +
- (preflight ? '&preflight='+preflight : '')
- )
-
- if (preflight)
- client.setRequestHeader('X-Custom', 'preflight')
-
- client.onreadystatechange = test.step_func(function(){
- if (client.readyState > client.OPENED)
- assert_equals(client.status, status, "status")
-
- if (client.readyState == client.DONE)
- {
- test.done()
- }
- })
-
- client.send()
-
- })
- }
-
- /* allow pref resp status */
- testit(false, null, 400, 0)
- testit(false, 200, null, 0)
- testit(true, null, 400, 400)
- testit(true, 200, 400, 400)
- testit(true, 400, null, 0)
-
-</script>
--- a/tests/cors/submitted/opera/staging/basic.htm Thu Nov 01 05:42:22 2012 -0400
+++ b/tests/cors/submitted/opera/staging/basic.htm Thu Nov 01 18:22:00 2012 +0100
@@ -1,6 +1,8 @@
<!DOCTYPE html>
<meta charset=utf-8>
<title>Basic CORS</title>
+<meta name=help href=http://dvcs.w3.org/hg/cors/raw-file/tip/Overview.html#simple-cross-origin-request-0>
+<meta name=author title="Odin Hørthe Omdal" href="mailto:odiho@opera.com">
<script src=/resources/testharness.js></script>
<script src=/resources/testharnessreport.js></script>
<script src=support.js></script>
@@ -8,11 +10,15 @@
<script>
+var counter = 0;
+
function cors(desc, url) {
async_test(desc).step(function() {
- console.log(url);
var client = new XMLHttpRequest();
- client.open("GET", url + "resources/cors-makeheader.php?get_value=hest_er_best&origin=none");
+ this.count = counter++;
+
+ client.open("GET", url + "resources/cors-makeheader.php?get_value=hest_er_best&origin=none&" + this.count);
+
client.onreadystatechange = this.step_func(function(e) {
// First request, test that it fails with no origin
if (client.readyState < 4) return;
@@ -21,10 +27,11 @@
else
assert_false(!!client.response, "Got CORS-disallowed response");
- client.open("GET", url + "resources/cors-makeheader.php?get_value=hest_er_best");
+ client.open("GET", url + "resources/cors-makeheader.php?get_value=hest_er_best&" + this.count);
client.onreadystatechange = this.step_func(function(e) {
// Second request, test that it passes with the allowed-origin
if (client.readyState < 4) return;
+ console.log(client.response);
assert_true(client.response.indexOf("hest_er_best") != -1, "Got CORS-allowed response");
this.done();
});
--- a/tests/cors/submitted/opera/staging/origin.htm Thu Nov 01 05:42:22 2012 -0400
+++ b/tests/cors/submitted/opera/staging/origin.htm Thu Nov 01 18:22:00 2012 +0100
@@ -1,6 +1,8 @@
<!DOCTYPE html>
<meta charset=utf-8>
<title>Access-Control-Allow-Origin handling</title>
+<meta name=help href=http://dvcs.w3.org/hg/cors/raw-file/tip/Overview.html#resource-sharing-check>
+<meta name=author title="Odin Hørthe Omdal" href="mailto:odiho@opera.com">
<script src=/resources/testharness.js></script>
<script src=/resources/testharnessreport.js></script>
<script src=support.js></script>
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/tests/cors/submitted/opera/staging/redirect-preflight.htm Thu Nov 01 18:22:00 2012 +0100
@@ -0,0 +1,64 @@
+<!DOCTYPE html>
+<html>
+ <head>
+ <title>XMLHttpRequest: CORS - redirect with preflight</title>
+ <script src="/resources/testharness.js"></script>
+ <script src="/resources/testharnessreport.js"></script>
+ <script src="support.js"></script>
+ </head>
+ <body>
+ <p>This shouldn't be tested inside a tunnel.</p>
+ <div id="log"></div>
+ <script>
+
+ var req_c = 0 // Request count for cache busting and easy identifying of request in traffic analyzer
+
+ /*
+ * Redirection with preflights
+ */
+
+ function redir_preflight(code) {
+ test(function() {
+ var client = new XMLHttpRequest(),
+ redirect = CROSSDOMAIN + 'resources/cors-makeheader.php?headers=x-test&' + req_c++
+
+ client.open('GET', CROSSDOMAIN + 'resources/cors-makeheader.php?'
+ + 'headers=x-test&location=' + encodeURIComponent(redirect)
+ + '&code=' + code + '&preflight=' + code + '&' + req_c++,
+ false)
+ client.setRequestHeader('x-test', 'test')
+ assert_throws(null, function() { client.send(null) });
+
+ },
+ 'Redirect ' + code + ' on preflight')
+ }
+ redir_preflight(301)
+ redir_preflight(302)
+ redir_preflight(303)
+ redir_preflight(307)
+
+ /* Even thought the preflight was allowed (200), CORS should not follow
+ a subsequent redirect */
+ function redir_after_preflight(code) {
+ test(function() {
+ var client = new XMLHttpRequest(),
+ redirect = CROSSDOMAIN + 'resources/cors-makeheader.php?headers=x-test&' + req_c++
+
+ client.open('GET', CROSSDOMAIN + 'resources/cors-makeheader.php?'
+ + 'preflight=200&headers=x-test&location='
+ + encodeURIComponent(redirect) + '&code=' + code + '&' + req_c++,
+ false)
+ client.setRequestHeader('x-test', 'test')
+ assert_throws(null, function() { client.send(null) });
+
+ },
+ 'Redirect ' + code + ' after succesful (200) preflight')
+ }
+ redir_after_preflight(301)
+ redir_after_preflight(302)
+ redir_after_preflight(303)
+ redir_after_preflight(307)
+
+ </script>
+ </body>
+</html>
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/tests/cors/submitted/opera/staging/resources/status.php Thu Nov 01 18:22:00 2012 +0100
@@ -0,0 +1,40 @@
+<?php
+
+ header("Access-Control-Allow-Origin: {$_SERVER['HTTP_ORIGIN']}");
+ header("Access-Control-Expose-Headers: X-Request-Method");
+ if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS')
+ header("Access-Control-Allow-Methods: GET, CHICKEN, HEAD, POST, PUT");
+ if (isset($_GET['headers']))
+ header("Access-Control-Allow-Headers: {$_GET['headers']}");
+ header("X-Request-Method: " .
+ (isset($_SERVER["REQUEST_METHOD"]) ? $_SERVER["REQUEST_METHOD"] : ""));
+ header("X-A-C-Request-Method: " .
+ (isset($_SERVER["HTTP_ACCESS_CONTROL_REQUEST_METHOD"])
+ ? $_SERVER["HTTP_ACCESS_CONTROL_REQUEST_METHOD"] : ""));
+
+ // Hack for PHP
+ function stripslashes_recursive($var) {
+ foreach($var as $i => $value)
+ $var[$i] = stripslashes($value);
+ return $var;
+ }
+ if(get_magic_quotes_gpc()) {
+ $_GET = stripslashes_recursive($_GET);
+ }
+
+ // This should reasonably work for most response codes.
+ $code = isset($_GET['code']) && ctype_digit($_GET["code"]) ? $_GET["code"] : "200";
+ $text = isset($_GET["text"]) ? $_GET["text"] : "OMG";
+
+ if (isset($_GET['preflight'])
+ && ctype_digit($_GET['preflight'])
+ && $_SERVER['REQUEST_METHOD'] == 'OPTIONS')
+ $code = $_GET['preflight'];
+
+ header("HTTP/1.1 " . $code . " " . $text);
+
+ if (isset($_GET['type']))
+ header("Content-Type:" . $_GET['type']);
+ if (isset($_GET["content"]))
+ echo $_GET['content'];
+?>
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/tests/cors/submitted/opera/staging/status-async.htm Thu Nov 01 18:22:00 2012 +0100
@@ -0,0 +1,98 @@
+<!doctype html>
+<title>CORS - status</title>
+<script src=/resources/testharness.js></script>
+<script src=/resources/testharnessreport.js></script>
+<script src=support.js></script>
+
+<div id=log></div>
+<script>
+
+function statusRequest(method, code, text, content, type) {
+ async_test("Status on " + method + " " + code)
+ .step(function() {
+ var client = new XMLHttpRequest()
+ client.open(method, CROSSDOMAIN + "resources/status.php?code="
+ + code + "&text=" + text + "&content=" + content + "&type=" + type, true)
+ client.onreadystatechange = this.step_func(function() {
+ if (client.readyState != client.DONE)
+ return
+
+ assert_equals(client.status, code, 'response status')
+ assert_equals(client.statusText, text, 'response status text')
+ assert_equals(client.getResponseHeader("X-Request-Method"), method, 'method')
+ if(method != "HEAD") {
+ if(type == "text/xml") {
+ assert_equals(client.responseXML.documentElement.localName,
+ "x", 'responseXML')
+ }
+ assert_equals(client.response, content, 'response content')
+ }
+ this.done()
+ })
+
+ client.send(null)
+ })
+}
+
+ /* method code text content type */
+ statusRequest("GET", 200, 'OK', 'Not today.', '')
+ statusRequest("POST", 200, 'OK', '<x>402<\/x>', 'text/xml')
+ statusRequest("HEAD", 200, 'OK', 'Nice!', 'text/doesnotmatter')
+ statusRequest("PUT", 200, 'OK', '400', 'text/plain')
+ statusRequest("CHICKEN", 200, 'OK', 'bah', '')
+
+
+function statusRequestFail(method, code, expect_code, nonsimple) {
+ if (expect_code === undefined)
+ expect_code = code
+
+ async_test("Status on " + method + " " + code + (nonsimple?' (nonsimple)':''))
+ .step(function() {
+ var client = new XMLHttpRequest()
+
+ client.open(method, CROSSDOMAIN + "resources/status.php?code="
+ + code + '&headers=x-nonsimple&text=OHAI', true)
+
+ if (nonsimple)
+ client.setRequestHeader('x-nonsimple', true)
+
+ client.onreadystatechange = this.step_func(function() {
+ if (client.readyState < client.HEADERS_RECIEVED)
+ return
+ assert_equals(client.response, "", "response data")
+ assert_equals(client.status, expect_code, "response status")
+ assert_equals(client.statusText, (expect_code == 0 ? "" : "OHAI"), "response statusText")
+ if (client.readyState == client.DONE)
+ this.done()
+ })
+
+ client.onerror = this.step_func(function(e) {
+ assert_unreached("Got error event.")
+ })
+
+ client.send()
+ })
+}
+
+ /* expect
+ method code status */
+ statusRequestFail("GET", 204)
+ statusRequestFail("GET", 400)
+ statusRequestFail("HEAD", 401)
+ statusRequestFail("POST", 404)
+ statusRequestFail("POST", 500)
+
+ /* Preflight response status is not 200, so the algorithm set status to 0. */
+ statusRequestFail("PUT", 699, 0)
+ statusRequestFail("CHICKEN", 501, 0)
+
+ /* "forced"
+ preflight */
+ statusRequestFail("GET", 204, 0, true)
+ statusRequestFail("GET", 400, 0, true)
+ statusRequestFail("HEAD", 401, 0, true)
+ statusRequestFail("POST", 404, 0, true)
+ statusRequestFail("PUT", 699, 0, true)
+ statusRequestFail("CHICKEN", 501, 0, true)
+
+</script>
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/tests/cors/submitted/opera/staging/status-preflight.htm Thu Nov 01 18:22:00 2012 +0100
@@ -0,0 +1,57 @@
+<!doctype html>
+<title>CORS - status after preflight</title>
+<script src=/resources/testharness.js></script>
+<script src=/resources/testharnessreport.js></script>
+<script src=support.js></script>
+
+<div id=log></div>
+<script>
+var counter = 0
+
+function statusAfterPreflight(method, code) {
+ counter++
+
+ async_test(document.title + " on " + method + " " + code).step(function() {
+ var client = new XMLHttpRequest()
+ client.open(method, CROSSDOMAIN + "resources/status.php?" + counter
+ +"&code=" + code + '&headers=x-nonsimple&preflight=200', true)
+
+ client.setRequestHeader('x-nonsimple', true)
+ client.onreadystatechange = this.step_func(function() {
+ assert_equals(client.response, "", "response data")
+ assert_equals(client.status, code, "response status")
+ if (client.readyState == client.DONE)
+ /* Wait for wild error events */
+ setTimeout(this.step_func(function() { this.done() }), 10)
+ })
+
+ client.onerror = this.step_func(function() {
+ assert_unreached("Shouldn't throw no error event!")
+ })
+
+ client.send()
+ })
+}
+
+/* method code */
+statusAfterPreflight("GET", 200)
+statusAfterPreflight("GET", 204)
+statusAfterPreflight("GET", 400)
+statusAfterPreflight("GET", 401)
+
+statusAfterPreflight("HEAD", 200)
+statusAfterPreflight("HEAD", 204)
+statusAfterPreflight("HEAD", 400)
+statusAfterPreflight("HEAD", 401)
+statusAfterPreflight("HEAD", 501)
+statusAfterPreflight("HEAD", 699)
+
+statusAfterPreflight("POST", 204)
+statusAfterPreflight("POST", 400)
+statusAfterPreflight("POST", 401)
+statusAfterPreflight("POST", 404)
+
+statusAfterPreflight("PUT", 699)
+statusAfterPreflight("CHICKEN", 501)
+
+</script>
--- a/tests/cors/submitted/opera/staging/status.htm Thu Nov 01 05:42:22 2012 -0400
+++ b/tests/cors/submitted/opera/staging/status.htm Thu Nov 01 18:22:00 2012 +0100
@@ -1,38 +1,26 @@
<!doctype html>
<meta charset=utf-8>
<title>CORS status</title>
+<meta name=help href=http://dvcs.w3.org/hg/cors/raw-file/tip/Overview.html#cross-origin-request-with-preflight-0>
+<meta name=author title="Odin Hørthe Omdal" href="mailto:odiho@opera.com">
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="support.js"></script>
<h1>The returned status code in different scenarios</h1>
-<pre>
- allowed preflight response | status |
- ------- --------- -------- | ------ |
- 1 no x 400 | 0 |
- 2 no 200 x | 0 |
- 3 yes x 400 | 400 |
- 4 yes 200 400 | 400 |
- 5 yes 400 x | 0 |
-</pre>
-
-<div id=log></div>
-
<script>
var counter = 0
function testit(allow, preflight, response, status) {
- var test = async_test(
+ async_test(
(++counter) + '. ' +
(allow ? 'CORS allowed' : 'CORS disallowed') +
(preflight ? ', preflight status '+preflight : '') +
(response ? ', response status '+response : '') +
'.'
- )
-
- test.step(function() {
+ ).step(function() {
var client = new XMLHttpRequest()
client.open('GET', CROSSDOMAIN + 'resources/cors-makeheader.php?' + counter +
(allow ? '&headers=x-custom': '&origin=none') +
@@ -43,14 +31,24 @@
if (preflight)
client.setRequestHeader('X-Custom', 'preflight')
- client.onreadystatechange = test.step_func(function(){
- if (client.readyState > client.OPENED)
- assert_equals(client.status, status, "status")
+ client.onload = this.step_func(function() {
+ if (!status)
+ assert_unreached("load event")
- if (client.readyState == client.DONE)
- {
- test.done()
- }
+ /* Allow spurious error events to fire */
+ setTimeout(this.step_func(function() {
+ assert_equals(client.status, status, "status")
+ this.done()
+ }), 10)
+ })
+
+ client.onerror = this.step_func(function() {
+ if (status)
+ assert_unreached("error event")
+
+ assert_equals(client.readyState, client.DONE, 'readyState')
+ assert_equals(client.status, 0, 'status')
+ this.done()
})
client.send()
@@ -66,3 +64,16 @@
testit(true, 400, null, 0)
</script>
+
+<pre>
+ allowed preflight response | status |
+ ------- --------- -------- | ------ |
+ 1 no x 400 | 0 |
+ 2 no 200 x | 0 |
+ 3 yes x 400 | 400 |
+ 4 yes 200 400 | 400 |
+ 5 yes 400 x | 0 |
+</pre>
+
+<div id=log></div>
+