Skip to main content

Browse the archive

https://github.com/web-platform-tests/wpt
26 December 2018, 22:31:15 UTC
Raw File
Tip revision: 34dfe32379a4e905b318f825fd6eab4c96bfc8c4 authored by Luke Bjerring on 11 May 2018, 19:30:08 UTC
Merge branch 'master' into idlharness-dependencies
Tip revision: 34dfe32
eventsource-cross-origin.htm 
<!DOCTYPE html>
<html>
  <head>
    <meta charset=utf-8>
    <title>EventSource: cross-origin</title>
    <meta name=author title="Odin Hørthe Omdal" href="mailto:odiho@opera.com">
    <script src="/resources/testharness.js"></script>
    <script src="/resources/testharnessreport.js"></script>
  </head>
  <body>
    <div id="log"></div>
    <script>
      const crossdomain = location.href.replace('://', '://élève.').replace(/\/[^\/]*$/, '/'),
            origin = location.origin.replace('://', '://xn--lve-6lad.');


      function doCORS(url, title) {
        async_test(document.title + " " + title).step(function() {
          var source = new EventSource(url, { withCredentials: true })
          source.onmessage = this.step_func_done(e => {
            assert_equals(e.data, "data");
            assert_equals(e.origin, origin);
            source.close();
          })
        })
      }

      doCORS(crossdomain + "resources/cors.py?run=message",
        "basic use")
      doCORS(crossdomain + "resources/cors.py?run=redirect&location=/eventsource/resources/cors.py?run=message",
        "redirect use")
      doCORS(crossdomain + "resources/cors.py?run=status-reconnect&status=200",
        "redirect use recon")

      function failCORS(url, title) {
        async_test(document.title + " " + title).step(function() {
          var source = new EventSource(url)
          source.onerror = this.step_func(function(e) {
            assert_equals(source.readyState, source.CLOSED, 'readyState')
            assert_false(e.hasOwnProperty('data'))
            source.close()
            this.done()
          })

          /* Shouldn't happen */
          source.onmessage = this.step_func(function(e) {
            assert_unreached("shouldn't fire message event")
          })
          source.onopen = this.step_func(function(e) {
            assert_unreached("shouldn't fire open event")
          })
        })
      }

      failCORS(crossdomain + "resources/cors.py?run=message&origin=http://example.org",
        "allow-origin: http://example.org should fail")
      failCORS(crossdomain + "resources/cors.py?run=message&origin=",
        "allow-origin:'' should fail")
      failCORS(crossdomain + "resources/message.py",
        "No allow-origin should fail")
    </script>
  </body>
</html>
back to top