[Webkit-unassigned] [Bug 35920] Test for referer information being stripped when the header is removed in willSendRequest
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Mar 9 07:38:32 PST 2010
https://bugs.webkit.org/show_bug.cgi?id=35920
Jeremy Orlow <jorlow at chromium.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #50303|1 |0
is obsolete| |
--- Comment #8 from Jeremy Orlow <jorlow at chromium.org> 2010-03-09 07:38:32 PST ---
(From update of attachment 50303)
> diff --git a/LayoutTests/http/tests/security/no-referer.html b/LayoutTests/http/tests/security/no-referer.html
> new file mode 100644
> index 0000000..31e1625
> --- /dev/null
> +++ b/LayoutTests/http/tests/security/no-referer.html
> @@ -0,0 +1,9 @@
> +<script>
> +if (window.layoutTestController) {
> + layoutTestController.waitUntilDone();
> + layoutTestController.dumpAsText();
> + layoutTestController.setWillSendRequestClearHeader("Referer");
> +}
> +</script>
> +<div id=log></div>
> +<iframe src="http://127.0.0.1:8000/security/resources/no-referer-frame.php"></iframe>
> diff --git a/LayoutTests/http/tests/security/resources/no-referer-frame.php b/LayoutTests/http/tests/security/resources/no-referer-frame.php
Does this have to be done with an iframe? Is it the normal way to do it?
> new file mode 100644
> index 0000000..f00b9bb
> --- /dev/null
> +++ b/LayoutTests/http/tests/security/resources/no-referer-frame.php
> @@ -0,0 +1,39 @@
> +<script>
> +function log(message)
> +{
> + parent.document.getElementById("log").innerHTML += message + "<br>";
> +}
> +
> +if (document.referrer.toString() != "") {
> + log("JavaScript: FAIL");
> +} else {
> + log("JavaScript: PASS");
> +}
No {}'s
I don't know enough about DRT to r+ this, but it looks pretty solid to me.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list