Porting access-control-basic-allow-preflight-cache-invalidation-by-header from LayoutTest to WPT Bug: 745385 Change-Id: Ib8964b1cc3f35713e7d5e90a7cefb6e0b6f286ef Reviewed-on: https://chromium-review.googlesource.com/601811 Commit-Queue: Austin James Ahlstrom <aahlstrom@google.com> Reviewed-by: Takeshi Yoshino <tyoshino@chromium.org> Reviewed-by: Yutaka Hirano <yhirano@chromium.org> WPT-Export-Revision: a616e5d3ae6622a6516f414e57c050344be51b9b

commit: c5fd271b9a1bbb0e07591ea6b4cba3158496633e [log] [tgz]
author: aahlstrom@google.com <aahlstrom@google.com> Wed Aug 09 22:58:18 2017
committer: Blink WPT Bot <blink-w3c-test-autoroller@chromium.org> Thu Aug 10 01:07:39 2017
tree: e82c8afedd663b4ac2add6528212dcf4b265eb8a
parent: abe14b5c80bd59f188a6f115a7bf376262444548 [diff]
diff --git a/XMLHttpRequest/access-control-basic-allow-preflight-cache-invalidation-by-header.htm b/XMLHttpRequest/access-control-basic-allow-preflight-cache-invalidation-by-header.htm new file mode 100644 index 0000000..5a1e396 --- /dev/null +++ b/XMLHttpRequest/access-control-basic-allow-preflight-cache-invalidation-by-header.htm 
@@ -0,0 +1,48 @@ +<!DOCTYPE html> +<html> + <head> + <title>Preflight cache should be invalidated in presence of custom header</title> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/common/get-host-info.sub.js"></script> + <script src="/common/utils.js"></script> + </head> + <body> + <script type="text/javascript"> + const uuid = token(); + const xhr = new XMLHttpRequest; + + async_test(function(test) { + xhr.onerror = test.unreached_func("FAIL: Network error."); + xhr.onload = test.step_func(function() { + // Token reset. We can start the test now. + assert_equals(xhr.responseText, "PASS"); + firstRequest(); + }); + + xhr.open("GET", get_host_info().HTTP_REMOTE_ORIGIN + "/XMLHttpRequest/resources/reset-token.py?token=" + uuid, true); + xhr.send(); + + function firstRequest() { + xhr.onload = test.step_func(function() { + assert_equals(xhr.responseText, "PASS: First PUT request."); + secondRequest(); + }); + xhr.open("PUT", get_host_info().HTTP_REMOTE_ORIGIN + "/XMLHttpRequest/resources/access-control-basic-preflight-cache-invalidation.py?token=" + uuid, true); + xhr.send(); + } + + function secondRequest() { + xhr.onload = test.step_func(function() { + assert_equals(xhr.responseText, "PASS: Second OPTIONS request was sent."); + test.done(); + }); + // Send a header not included in the inital cache. + xhr.open("PUT", get_host_info().HTTP_REMOTE_ORIGIN + "/XMLHttpRequest/resources/access-control-basic-preflight-cache-invalidation.py?token=" + uuid, true); + xhr.setRequestHeader("x-test", "headerValue"); + xhr.send(); + } + }, "Preflight cache should be invalidated in presence of custom header"); + </script> + </body> +</html> 
diff --git a/XMLHttpRequest/resources/access-control-basic-preflight-cache-invalidation.py b/XMLHttpRequest/resources/access-control-basic-preflight-cache-invalidation.py new file mode 100644 index 0000000..6dc8a2a --- /dev/null +++ b/XMLHttpRequest/resources/access-control-basic-preflight-cache-invalidation.py 
@@ -0,0 +1,47 @@ +def main(request, response): + def fail(message): + response.content = "FAIL " + request.method + ": " + str(message) + + def getState(token): + server_state = request.server.stash.take(token) + if not server_state: + return "Uninitialized" + return server_state + + def setState(state, token): + request.server.stash.put(token, state) + + response.headers.set("Access-Control-Allow-Origin", request.headers.get("origin")) + response.headers.set("Access-Control-Allow-Credentials", "true") + token = request.GET.first("token", None) + state = getState(token) + + if state == "Uninitialized": + if request.method == "OPTIONS": + response.headers.set("Access-Control-Allow-Methods", "PUT") + response.headers.set("Access-Control-Max-Age", 10) + setState("OPTIONSSent", token) + else: + fail(state) + elif state == "OPTIONSSent": + if request.method == "PUT": + response.content = "PASS: First PUT request." + setState("FirstPUTSent", token) + else: + fail(state) + elif state == "FirstPUTSent": + if request.method == "OPTIONS": + response.headers.set("Access-Control-Allow-Methods", "PUT, XMETHOD") + response.headers.set("Access-Control-Allow-Headers", "x-test") + setState("SecondOPTIONSSent", token) + elif request.method == "PUT": + fail("Second PUT request sent without preflight") + else: + fail(state) + elif state == "SecondOPTIONSSent": + if request.method == "PUT" or request.method == "XMETHOD": + response.content = "PASS: Second OPTIONS request was sent." + else: + fail(state) + else: + fail(state) 
diff --git a/XMLHttpRequest/resources/reset-token.py b/XMLHttpRequest/resources/reset-token.py new file mode 100644 index 0000000..5c9a577 --- /dev/null +++ b/XMLHttpRequest/resources/reset-token.py 
@@ -0,0 +1,5 @@ +def main(request, response): + response.headers.set("Access-Control-Allow-Origin", request.headers.get("origin")) + token = request.GET["token"] + request.server.stash.put(token, "") + response.content = "PASS"
commit	c5fd271b9a1bbb0e07591ea6b4cba3158496633e	[log] [tgz]
author	aahlstrom@google.com <aahlstrom@google.com>	Wed Aug 09 22:58:18 2017
committer	Blink WPT Bot <blink-w3c-test-autoroller@chromium.org>	Thu Aug 10 01:07:39 2017
tree	e82c8afedd663b4ac2add6528212dcf4b265eb8a
parent	abe14b5c80bd59f188a6f115a7bf376262444548 [diff]