src/third_party/web_platform_tests/XMLHttpRequest/open-method-insecure.htm - cobalt - Git at Google

 <!DOCTYPE html>
 <html>
   <head>
     <title>XMLHttpRequest: open() - "insecure" methods</title>
     <script src="/resources/testharness.js"></script>
     <script src="/resources/testharnessreport.js"></script>
     <link rel="help" href="https://xhr.spec.whatwg.org/#the-open()-method" data-tested-assertations="following::ol/li[5] following::ol/li[6]" />
   </head>
   <body>
     <div id="log"></div>
     <script>
       function method(method) {
         test(function() {
           var client = new XMLHttpRequest()
           assert_throws("SecurityError", function() { client.open(method, "...") })
         }, document.title + " (" + method + ")")
       }
       method("track")
       method("TRACK")
       method("trAck")
       method("TRACE")
       method("trace")
       method("traCE")
       method("connect")
       method("CONNECT")
       method("connECT")
     </script>
   </body>
 </html>
	<!DOCTYPE html>
	<html>
	<head>
	<title>XMLHttpRequest: open() - "insecure" methods</title>
	<script src="/resources/testharness.js"></script>
	<script src="/resources/testharnessreport.js"></script>
	<link rel="help" href="https://xhr.spec.whatwg.org/#the-open()-method" data-tested-assertations="following::ol/li[5] following::ol/li[6]" />
	</head>
	<body>
	<div id="log"></div>
	<script>
	function method(method) {
	test(function() {
	var client = new XMLHttpRequest()
	assert_throws("SecurityError", function() { client.open(method, "...") })
	}, document.title + " (" + method + ")")
	}
	method("track")
	method("TRACK")
	method("trAck")
	method("TRACE")
	method("trace")
	method("traCE")
	method("connect")
	method("CONNECT")
	method("connECT")
	</script>
	</body>
	</html>