testing/web-platform/tests/signed-exchange/sxg-head-request.tentative.html
author Kunihiko Sakamoto <ksakamoto@chromium.org>
Fri, 30 Nov 2018 18:02:44 +0000
changeset 449801 67220e78c452484ac222132331797052e8a904f9
child 456904 f7427be281e9ce9961142194d93a5b99ef7eb1d7
permissions -rw-r--r--
Bug 1509766 [wpt PR 14226] - Signed Exchange: Disallow HEAD request method, a=testonly Automatic update from web-platform-tests Signed Exchange: Disallow HEAD request method As per the Loading Signed Exchanges spec [1], this patch makes SignedExchangeEnvelope::Parse() fail if the exchange's request method is not "GET". [1] https://wicg.github.io/webpackage/loading.html#parse-cbor-headers Bug: 803774 Change-Id: I4729403f3dae5038bae702b0359e1b98f9a11233 Reviewed-on: https://chromium-review.googlesource.com/c/1350017 Reviewed-by: Kouhei Ueno <kouhei@chromium.org> Reviewed-by: Tsuyoshi Horo <horo@chromium.org> Commit-Queue: Kunihiko Sakamoto <ksakamoto@chromium.org> Cr-Commit-Position: refs/heads/master@{#610767} -- wpt-commits: 4edb777ed3a216e6be6b8a7c13820a25340017dc wpt-pr: 14226

<!DOCTYPE html>
<title>Loading SignedHTTPExchange with HEAD request method must fail</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/common/get-host-info.sub.js"></script>
<script src="./resources/sxg-util.js"></script>
<body>
<script>
promise_test(async (t) => {
  const sxgUrl = get_host_info().HTTPS_ORIGIN + '/signed-exchange/resources/sxg-head-request.sxg';
  const message = await openSXGInIframeAndWaitForMessage(t, sxgUrl);
  assert_equals(message.location, innerURLOrigin() + '/signed-exchange/resources/inner-url.html');
  assert_true(message.is_fallback);
}, 'Loading SignedHTTPExchange with HEAD request method must fail');

</script>
</body>