| CONSOLE ERROR: Access to script at 'http://localhost:8000/security/resources/localScript.js' (redirected from 'http://localhost:8000/security/resources/cors-redirect.php?mode=use-credentials&url=http://localhost:8000/security/resources/localScript.js') from origin 'http://127.0.0.1:8000' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. |
| CONSOLE ERROR: Access to script at 'http://127.0.0.1:8000/security/resources/script-allow-credentials.php' (redirected from 'http://localhost:8000/security/resources/cors-redirect.php?mode=use-credentials&url=http://127.0.0.1:8000/security/resources/script-allow-credentials.php') from origin 'null' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'http://127.0.0.1:8000' that is not equal to the supplied origin. |
| CONSOLE ERROR: Access to script at 'http://localhost:8000/security/resources/script-allow-star.php' (redirected from 'http://localhost:8000/security/resources/cors-redirect.php?mode=use-credentials&url=http://localhost:8000/security/resources/script-allow-star.php') from origin 'http://127.0.0.1:8000' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. |
| CONSOLE ERROR: Access to script at 'http://127.0.0.1:8000/security/resources/script-allow-star.php' (redirected from 'http://localhost:8000/security/resources/cors-redirect.php?mode=use-credentials&url=http://127.0.0.1:8000/security/resources/script-allow-star.php') from origin 'null' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. |
| Testing the handling of CORS-enabled script fetch in the presence of 'credentialled' redirects. |
| |
| On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE". |
| |
| PASS/FAIL descriptions are of the form, 'CORS request type': 'redirect CORS type' => 'resource' |
| |
| |
| PASS: Anonymous request: credentialled => no-CORS script resource. |
| PASS: Anonymous request: credentialled => anonymous CORS script resource (same origin.) |
| PASS: Anonymous request: credentialled => anonymous CORS script resource (cross origin.) |
| PASS: Credentialled request: credentialled => credentialled-CORS script resource (same origin.) |
| PASS: Credentialled request: credentialled => credentialled-CORS script resource (cross origin.) |
| PASS: Credentialled request: credentialled => anonymous-CORS script resource (same origin.) |
| PASS: Credentialled request: credentialled => anonymous-CORS script resource (cross origin.) |
| PASS successfullyParsed is true |
| |
| TEST COMPLETE |
| |