summaryrefslogtreecommitdiff
path: root/dom/tests/mochitest/beacon/test_beaconOriginHeader.html
blob: 4594b7a8b6ef79f19bdd31ed1612803455176b2f (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
<!DOCTYPE HTML>
<html>
<head>
  <title>Bug 1280692 - navigator.sendBeacon() should not send origin header</title>
  <!-- Including SimpleTest.js so we can use waitForExplicitFinish !-->
  <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
</head>
<body>
  <p id="display"></p>
  <div id="content" style="visibility: hidden">
    <iframe style="width:100%;" id="testframe"></iframe>
  </div>

<script class="testbody" type="text/javascript">

SimpleTest.waitForExplicitFinish();

const BEACON_URL = "http://example.com/tests/dom/tests/mochitest/beacon/beacon-originheader-handler.sjs";
// no origin header should be sent with sendBeacon request;
// server returns any origin-header or 'no-header' if there is no header sent.
const ORIGIN_HEADER = "no-header";

/* Description of the test:
 *   We call sendBeacon() cross origin and make sure that the
 *   origin header is actually *not* set in the request.
 *
 * Since sendBeacon() does not expect any response, we are storing any
 * header on the server (*.sjs) and use an XMLHttpRequest to actually
 * retrieve the potentially set header back from the server. We assert
 * that the header is indeed *not* sent with the request. Since sendBeacon()
 * and also the XMLHttpRequest() are performed in an asynchronous fashion,
 * there is no guarantee that the sendBeacon() is actually executed before
 * the XMLHttpRequest().
 * Hence the xhr-response might be processed asynchronously.
 */

SpecialPowers.pushPrefEnv({'set': [["beacon.enabled", true]]}, runTest);

function queryHeaderFromServer() {
  var xhr = new XMLHttpRequest();
  xhr.open("GET", "beacon-originheader-handler.sjs?queryheader", true);
  xhr.onload = function() {
    is(xhr.responseText, ORIGIN_HEADER, "SendBeacon should not send origin header");
    SimpleTest.finish();
  };
  xhr.onerror = function() {
    ok(false, "xhr request returned error");
    SimpleTest.finish();
  };
  xhr.send();
}

function runTest() {
  // generate data and send beacon
  var formData = new FormData();
  formData.append('name', 'value');
  navigator.sendBeacon(BEACON_URL, formData);

  // start quering the result from the server
  queryHeaderFromServer();
}

</script>
</pre>
</body>
</html>