| Austin James Ahlstrom | 4d4ae4b | 2017-08-31 02:25:13 | [diff] [blame] | 1 | <!DOCTYPE html> |
| 2 | <html> |
| 3 | <head> |
| 4 | <title>Tests proper handling of cross-origin async request with credentials</title> |
| 5 | <script src="/resources/testharness.js"></script> |
| 6 | <script src="/resources/testharnessreport.js"></script> |
| 7 | <script src="/common/get-host-info.sub.js"></script> |
| 8 | </head> |
| 9 | <body> |
| 10 | <script type="text/javascript"> |
| 11 | async_test((test) => { |
| 12 | const xhr = new XMLHttpRequest; |
| 13 | |
| 14 | xhr.open("PUT", get_host_info().HTTP_REMOTE_ORIGIN + |
| Philip Jägenstedt | 2cb86af | 2018-01-06 16:35:27 | [diff] [blame] | 15 | "/xhr/resources/access-control-auth-basic.py?uid=fooUser", |
| Austin James Ahlstrom | 4d4ae4b | 2017-08-31 02:25:13 | [diff] [blame] | 16 | true, "fooUser", "barPass"); |
| 17 | xhr.withCredentials = true; |
| 18 | |
| 19 | xhr.onerror = test.unreached_func("Unexpected error."); |
| 20 | |
| 21 | xhr.onload = test.step_func_done(() => { |
| 22 | assert_equals(xhr.status, 401, "Request raises HTTP 401: Unauthorized error."); |
| 23 | }); |
| 24 | |
| 25 | xhr.send(); |
| 26 | }, "CORS async request with URL credentials"); |
| 27 | </script> |
| 28 | </body> |
| 29 | </html> |
