1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
|
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Security-Policy" content="connect-src http://example.com">
</head>
<body>
<script src="../../resources/js-test.js"></script>
<script>
description("This tests that exceptions thrown by XHR.open() have reasonable messages.");
var xhrException;
try {
var xhr = new XMLHttpRequest();
xhr.open("TRACE", "http://example.com/");
testFailed("xhr.open should throw an exception with a forbidden method type.");
} catch (e) {
xhrException = e;
shouldBeEqualToString("xhrException.message", "Failed to execute 'open' on 'XMLHttpRequest': 'TRACE' HTTP method is unsupported.");
}
try {
var xhr = new XMLHttpRequest();
xhr.open("GET", "http://not.example.com/");
testFailed("xhr.open to a URL blocked by CSP should throw an exception.");
} catch (e) {
xhrException = e;
shouldBeEqualToString("xhrException.message", "Failed to execute 'open' on 'XMLHttpRequest': Refused to connect to 'http://not.example.com/' because it violates the document's Content Security Policy.");
}
var badString = { toString: function() { throw "Exception in toString()"; } };
var xhr = new XMLHttpRequest();
shouldBe("xhr.readyState", "XMLHttpRequest.UNSENT");
shouldThrow("xhr.open('GET', 'resources/xmlhttprequest-get-data.xml', true, badString, 'password');", "'Exception in toString()'");
shouldBe("xhr.readyState", "XMLHttpRequest.UNSENT");
shouldThrow("xhr.open('GET', 'resources/xmlhttprequest-get-data.xml', true, 'username', badString);", "'Exception in toString()'");
shouldBe("xhr.readyState", "XMLHttpRequest.UNSENT");
</script>
</body>
</html>
|
