third_party/blink/web_tests/external/wpt/xhr/send-authentication-competing-names-passwords.htm - chromium/src - Git at Google

 <!doctype html>
 <html>
   <head>
     <title>XMLHttpRequest: send() - "Basic" authenticated requests with competing user name/password options</title>
     <script src="/resources/testharness.js"></script>
     <script src="/resources/testharnessreport.js"></script>
     <script src="/common/utils.js"></script>
   </head>
   <body>
     <div id="log"></div>
     <script>
       function request(user1, pass1, user2, pass2, name) {
         test(function() {
           const client = new XMLHttpRequest(),
                 userwin = user2 || user1,
                 passwin = pass2 || pass1;
           let urlstart = "";
           if (user1 || pass1) {
             urlstart = "http://";
             if (user1) {
               urlstart += user1;
             }
             if (pass1) {
               urlstart += ":" + pass1;
             }
             urlstart += "@" + location.host + location.pathname.replace(/\/[^\/]*$/, '/');
           }
           client.open("GET", urlstart + "resources/authentication.py", false, user2, pass2);
           client.setRequestHeader("x-user", userwin);
           client.send(null);
           assert_equals(client.responseText, ((userwin||'') + "\n" + (passwin||'')), 'responseText should contain the right user and password');
         }, "XMLHttpRequest user/pass options: " + name);
       }
       // Cannot have just a password
       request(null, null, token(), null, "user in open()");
       request(null, null, token(), token(), "user/pass in open()");
       request(null, null, token(), token(), "another user/pass in open(); must override cached credentials from previous test");
       request(null, token(), token(), null, "pass in URL, user in open()");
       request(null, token(), token(), token(), "pass in URL, user/pass in open()");
       request(token(), null, null, null, "user in URL");
       request(token(), null, null, token(), "user in URL, pass in open()");
       request(token(), token(), null, null, "user/pass in URL");
       request(token(), null, token(), null, "user in URL and open()");
       request(token(), null, token(), token(), "user in URL; user/pass in open()");
       request(token(), token(), token(), null, "user/pass in URL; user in open()");
       request(token(), token(), null, token(), "user/pass in URL; pass in open()");
       request(token(), token(), token(), token(), "user/pass in URL and open()");
     </script>
   </body>
 </html>
	<!doctype html>
	<html>
	<head>
	<title>XMLHttpRequest: send() - "Basic" authenticated requests with competing user name/password options</title>
	<script src="/resources/testharness.js"></script>
	<script src="/resources/testharnessreport.js"></script>
	<script src="/common/utils.js"></script>
	</head>
	<body>
	<div id="log"></div>
	<script>
	function request(user1, pass1, user2, pass2, name) {
	test(function() {
	const client = new XMLHttpRequest(),
	userwin = user2 \|\| user1,
	passwin = pass2 \|\| pass1;
	let urlstart = "";
	if (user1 \|\| pass1) {
	urlstart = "http://";
	if (user1) {
	urlstart += user1;
	}
	if (pass1) {
	urlstart += ":" + pass1;
	}
	urlstart += "@" + location.host + location.pathname.replace(/\/[^\/]*$/, '/');
	}
	client.open("GET", urlstart + "resources/authentication.py", false, user2, pass2);
	client.setRequestHeader("x-user", userwin);
	client.send(null);
	assert_equals(client.responseText, ((userwin\|\|'') + "\n" + (passwin\|\|'')), 'responseText should contain the right user and password');
	}, "XMLHttpRequest user/pass options: " + name);
	}
	// Cannot have just a password
	request(null, null, token(), null, "user in open()");
	request(null, null, token(), token(), "user/pass in open()");
	request(null, null, token(), token(), "another user/pass in open(); must override cached credentials from previous test");
	request(null, token(), token(), null, "pass in URL, user in open()");
	request(null, token(), token(), token(), "pass in URL, user/pass in open()");
	request(token(), null, null, null, "user in URL");
	request(token(), null, null, token(), "user in URL, pass in open()");
	request(token(), token(), null, null, "user/pass in URL");
	request(token(), null, token(), null, "user in URL and open()");
	request(token(), null, token(), token(), "user in URL; user/pass in open()");
	request(token(), token(), token(), null, "user/pass in URL; user in open()");
	request(token(), token(), null, token(), "user/pass in URL; pass in open()");
	request(token(), token(), token(), token(), "user/pass in URL and open()");
	</script>
	</body>
	</html>