Bug 1495313 - Fix xhr/fetch tests to allow passwords with no username in URLs r=baku
authorValentin Gosu <valentin.gosu@gmail.com>
Wed, 14 Nov 2018 19:11:02 +0000
changeset 446410 db95e3b861f457a442352ab1e42c451cf3dccb66
parent 446409 ef6d81f0b2989624a9918ec5d790dc2745db20ef
child 446411 37f1746501a43f65e92168f2ead91f8acd318271
push id35041
push useraiakab@mozilla.com
push dateThu, 15 Nov 2018 09:52:43 +0000
treeherdermozilla-central@48720735b142 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbaku
bugs1495313
milestone65.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1495313 - Fix xhr/fetch tests to allow passwords with no username in URLs r=baku Differential Revision: https://phabricator.services.mozilla.com/D11255
dom/security/test/cors/file_CrossSiteXHR_inner.html
dom/security/test/cors/test_CrossSiteXHR.html
dom/tests/mochitest/fetch/test_fetch_cors.js
--- a/dom/security/test/cors/file_CrossSiteXHR_inner.html
+++ b/dom/security/test/cors/file_CrossSiteXHR_inner.html
@@ -83,17 +83,17 @@ window.addEventListener("message", funct
   if (req.body)
     sendData = req.body;
 
   res.events.push("opening");
   // Allow passign in falsy usernames/passwords so we can test them
   try {
     xhr.open(req.method, req.url, true,
              ("username" in req) ? req.username : "",
-             ("password" in req) ? req.password : "aa");
+             ("password" in req) ? req.password : "");
   } catch (ex) {
     res.didFail = true;
     post(e, res);
   }
 
   for (header in req.headers) {
     xhr.setRequestHeader(header, req.headers[header]);
   }
--- a/dom/security/test/cors/test_CrossSiteXHR.html
+++ b/dom/security/test/cors/test_CrossSiteXHR.html
@@ -78,19 +78,17 @@ function* runTest() {
                // nonempty username
                { pass: 0,
                  method: "GET",
                  noAllowPreflight: 1,
                  username: "user",
                },
 
                // nonempty password
-               // XXXbz this passes for now, because we ignore passwords
-               // without usernames in most cases.
-               { pass: 1,
+               { pass: 0,
                  method: "GET",
                  noAllowPreflight: 1,
                  password: "password",
                },
 
                // Default allowed headers
                { pass: 1,
                  method: "GET",
@@ -757,17 +755,17 @@ function* runTest() {
         "should have failed in test for " + test.toSource());
       is(res.status, 0, "wrong status in test for " + test.toSource());
       is(res.statusText, "", "wrong status text for " + test.toSource());
       is(res.responseXML, null,
          "wrong responseXML in test for " + test.toSource());
       is(res.responseText, "",
          "wrong responseText in test for " + test.toSource());
       if (!res.sendThrew) {
-        if (test.username) {
+        if (test.username || test.password) {
           is(res.events.join(","),
              "opening,rs1,sending,loadstart,rs4,error,loadend",
              "wrong events in test for " + test.toSource());
         } else {
           is(res.events.join(","),
              "opening,rs1,sending,loadstart,rs2,rs4,error,loadend",
              "wrong events in test for " + test.toSource());
         }
--- a/dom/tests/mochitest/fetch/test_fetch_cors.js
+++ b/dom/tests/mochitest/fetch/test_fetch_cors.js
@@ -175,19 +175,17 @@ function testModeCors() {
                // nonempty username
                { pass: 0,
                  method: "GET",
                  noAllowPreflight: 1,
                  username: "user",
                },
 
                // nonempty password
-               // XXXbz this passes for now, because we ignore passwords
-               // without usernames in most cases.
-               { pass: 1,
+               { pass: 0,
                  method: "GET",
                  noAllowPreflight: 1,
                  password: "password",
                },
 
                // Default allowed headers
                { pass: 1,
                  method: "GET",