content/base/test/test_XHR_anon.html
author Gregor Wagner <anygregor@gmail.com>
Fri, 17 Aug 2012 17:42:00 -0700
changeset 102691 07d5886658b2a4f48f5325c363512636e5cd4067
parent 96096 57c5763ac3ac9630caa7c5fc30a1626a14c73b7d
child 107903 1f7c4fae49c0d80075e7b0380c4b841a5ed30ab0
permissions -rw-r--r--
Bug 781331 - Hook up systemXHR to permissions manager. r=sicking

<!DOCTYPE html>
<html>
<head>
  <meta charset="utf-8">
  <title>Test for XMLHttpRequest with system privileges</title>
  <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>        
  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
</head>
<body onload="runTests();">
<p id="display">
<iframe id="loader"></iframe>
</p>
<div id="content" style="display: none">
  
</div>
<pre id="test">
<script class="testbody" type="application/javascript;version=1.8">


function runTests() {
  let tearDown = (function setUp() {
    SimpleTest.waitForExplicitFinish();

    const {classes: Cc, interfaces: Ci} = SpecialPowers.wrap(Components);

    let authMgr = Cc["@mozilla.org/network/http-auth-manager;1"]
                    .getService(Components.interfaces.nsIHttpAuthManager)
    authMgr.setAuthIdentity("http", "example.com", 80, "basic", "testrealm",
                            "", "example.com", "user1", "password1");

    SpecialPowers.addPermission("systemXHR", true, document);

    return function tearDown() {
      authMgr.clearAll();
      SpecialPowers.removePermission("systemXHR", document);
      SimpleTest.finish();
    }
  }());

  // An XHR with the anon flag set will not send cookie and auth information.

  const TEST_URL = "http://example.com/tests/content/base/test/file_XHR_anon.sjs";

  document.cookie = "foo=bar";


  function withoutCredentials() {
    let xhr = new XMLHttpRequest({mozAnon: true, mozSystem: true});
    is(xhr.mozAnon, true, "withoutCredentials: .mozAnon == true");
    xhr.open("GET", TEST_URL);
    xhr.onload = function onload() {
      is(xhr.status, 200, "withoutCredentials: " + xhr.responseText);
      withCredentials();
    };
    xhr.onerror = function onerror() {
      ok(false, "Got an error event!");
      tearDown();
    }
    xhr.send();
  }

  function withCredentials() {
    // TODO: this currently does not work as expected, see bug 761479
    let xhr = new XMLHttpRequest({mozAnon: true, mozSystem: true});
    is(xhr.mozAnon, true, "withCredentials: .mozAnon == true");
    xhr.open("GET", TEST_URL + "?expectAuth=true", true,
             "user2name", "pass2word");
    xhr.onload = function onload() {
      todo_is(xhr.status, 200, "withCredentials: " + xhr.responseText);
      let response = JSON.parse(xhr.responseText);
      todo_is(response.authorization, "Basic dXNlcjJuYW1lOnBhc3Myd29yZA==");
      tearDown();
    };
    xhr.onerror = function onerror() {
      ok(false, "Got an error event!");
      tearDown();
    }
    xhr.send();
  }

  withoutCredentials();
}

</script>
</pre>
</body>
</html>