Bug 1182120 - Test XMLDocument.load() with fetch interception. r=bkelly

2024-09-13 09:24:08 -07:00 · 2015-08-12 06:43:27 +02:00 · 2015-08-12 06:43:27 +02:00 · 6866b9f227
commit 6866b9f227
parent 7af5261b56
2 changed files with 60 additions and 0 deletions
--- a/dom/workers/test/serviceworkers/fetch/index.html
+++ b/dom/workers/test/serviceworkers/fetch/index.html
@ -117,6 +117,33 @@
    my_ok(this.test_result, "iframe load should be intercepted");
  });

+  gExpected++;
+  var xmlDoc = document.implementation.createDocument(null, null, null);
+  xmlDoc.load('load_cross_origin_xml_document_synthetic.xml');
+  xmlDoc.onload = function(evt) {
+    var content = new XMLSerializer().serializeToString(evt.target);
+    my_ok(!content.includes('parsererror'), "Load synthetic cross origin XML Document should be allowed");
+    finish();
+  };
+
+  gExpected++;
+  var xmlDoc = document.implementation.createDocument(null, null, null);
+  xmlDoc.load('load_cross_origin_xml_document_cors.xml');
+  xmlDoc.onload = function(evt) {
+    var content = new XMLSerializer().serializeToString(evt.target);
+    my_ok(!content.includes('parsererror'), "Load CORS cross origin XML Document should be allowed");
+    finish();
+  };
+
+  gExpected++;
+  var xmlDoc = document.implementation.createDocument(null, null, null);
+  xmlDoc.load('load_cross_origin_xml_document_opaque.xml');
+  xmlDoc.onload = function(evt) {
+    var content = new XMLSerializer().serializeToString(evt.target);
+    my_ok(content.includes('parsererror'), "Load opaque cross origin XML Document should not be allowed");
+    finish();
+  };
+
  gExpected++;
  var worker = new Worker('nonexistent_worker_script.js');
  worker.onmessage = function(e) {
--- a/dom/workers/test/serviceworkers/fetch_event_worker.js
+++ b/dom/workers/test/serviceworkers/fetch_event_worker.js
@ -235,4 +235,37 @@ onfetch = function(ev) {
    // fetch was initiated from a SW.
    ev.respondWith(fetch('redirect_serviceworker.sjs'));
  }
+
+  else if (ev.request.url.includes('load_cross_origin_xml_document_synthetic.xml')) {
+    if (ev.request.mode != 'same-origin') {
+      ev.respondWith(Promise.reject());
+      return;
+    }
+
+    ev.respondWith(Promise.resolve(
+      new Response("<response>body</response>", { headers: {'Content-Type': 'text/xtml'}})
+    ));
+  }
+
+  else if (ev.request.url.includes('load_cross_origin_xml_document_cors.xml')) {
+    if (ev.request.mode != 'same-origin') {
+      ev.respondWith(Promise.reject());
+      return;
+    }
+
+    var url = 'http://example.com/tests/dom/security/test/cors/file_CrossSiteXHR_server.sjs?status=200&allowOrigin=*';
+    ev.respondWith(fetch(url, { mode: 'cors' }));
+  }
+
+  else if (ev.request.url.includes('load_cross_origin_xml_document_opaque.xml')) {
+    if (ev.request.mode != 'same-origin') {
+      Promise.resolve(
+        new Response("<error>Invalid Request mode</error>", { headers: {'Content-Type': 'text/xtml'}})
+      );
+      return;
+    }
+
+    var url = 'http://example.com/tests/dom/security/test/cors/file_CrossSiteXHR_server.sjs?status=200';
+    ev.respondWith(fetch(url, { mode: 'no-cors' }));
+  }
 };