blob: 943fb9495ee35e3cf677af6fc40ed7ee3c057cee [file] [log] [blame]
<!doctype html>
<title>XMLHttpRequest: send() with document.domain set</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<!-- The spec doesn't seem to explicitly cover this case (as of June 2013) -->
<link rel="help" href="" data-tested-assertations="following::ol[1]/li[2]/ol[1]/li[3]" />
<div id="log"></div>
// first make sure we actually run off a domain with at least three parts, in order to be able to shorten it..
if (location.hostname.split(/\./).length < 3) {
location.href = location.protocol+'//www2.'
test(function() {
document.domain = document.domain // this is not a noop, it does actually change the security context
var client = new XMLHttpRequest()"GET", "resources/", false)
assert_equals(client.responseText, "hello")
document.domain = document.domain.replace(/^\w+\./, '')"GET", "resources/", false)
assert_equals(client.responseText, "hello2")
}, "loading documents from original origin after setting document.domain")
// try to load a document from the origin document.domain was set to
test(function () {
var client = new XMLHttpRequest()"GET", location.protocol + '//' + document.domain + location.pathname.replace(/[^\/]*$/, '') + "resources/", false)
// AFAIK this should throw
assert_throws('NetworkError', function(){client.send(null)})
}, "loading documents from the origin document.domain was set to should throw")