90 lines
2.2 KiB
HTML
90 lines
2.2 KiB
HTML
<html>
|
|
<script>
|
|
function testInvalidMethod() {
|
|
var result = 'FAILURE';
|
|
|
|
var req = new XMLHttpRequest();
|
|
|
|
try {
|
|
req.open('test\r\nfoobar', window.location, true)
|
|
} catch (e) {
|
|
if (e.code == DOMException.SYNTAX_ERR)
|
|
result = 'SUCCESS';
|
|
}
|
|
|
|
debug('testInvalidMethod: ' + result);
|
|
}
|
|
|
|
function testInvalidHeaderName() {
|
|
var result = 'FAILURE';
|
|
|
|
var req = new XMLHttpRequest();
|
|
req.open('GET', window.location, true)
|
|
|
|
try {
|
|
req.setRequestHeader("host:", "example.com");
|
|
} catch (e) {
|
|
if (e.code == DOMException.SYNTAX_ERR)
|
|
result = 'SUCCESS';
|
|
}
|
|
|
|
debug('testInvalidHeaderName: ' + result);
|
|
}
|
|
|
|
function testInvalidHeaderValues() {
|
|
var result = 'FAILURE';
|
|
var successCount = 0;
|
|
|
|
var req = new XMLHttpRequest();
|
|
req.open('GET', window.location, true)
|
|
|
|
try {
|
|
req.setRequestHeader("X-Hack", "Test\r\nHost: www.example.com\r\n\r\nGET / HTTP/1.1");
|
|
} catch (e) {
|
|
if (e.code == DOMException.SYNTAX_ERR)
|
|
successCount++;
|
|
}
|
|
|
|
try {
|
|
req.setRequestHeader("X-Hack", "Test\nHost: www.example.com\n\nGET / HTTP/1.1");
|
|
} catch (e) {
|
|
if (e.code == DOMException.SYNTAX_ERR)
|
|
successCount++;
|
|
}
|
|
|
|
try {
|
|
req.setRequestHeader("X-Hack", "Test\rHost: www.example.com\r\rGET / HTTP/1.1");
|
|
} catch (e) {
|
|
if (e.code == DOMException.SYNTAX_ERR)
|
|
successCount++;
|
|
}
|
|
|
|
if (successCount == 3)
|
|
result = 'SUCCESS';
|
|
|
|
debug('testInvalidHeaderValues: ' + result);
|
|
}
|
|
|
|
function debug(str) {
|
|
var console = document.getElementById('console');
|
|
var li = document.createElement('li');
|
|
li.appendChild(document.createTextNode(str));
|
|
console.appendChild(li);
|
|
}
|
|
|
|
function runTest() {
|
|
if (window.testRunner)
|
|
testRunner.dumpAsText();
|
|
|
|
testInvalidMethod();
|
|
testInvalidHeaderName();
|
|
testInvalidHeaderValues();
|
|
}
|
|
</script>
|
|
<body onload="runTest()">
|
|
This tests that setting invalid header names, values and using an invalid method causes XMLHttpRequest to throw the appropriate exceptions.
|
|
</body>
|
|
<ul id="console">
|
|
</ul>
|
|
</html>
|