| CONSOLE ERROR: Access to Script at 'http://localhost:8000/security/resources/localScript.js' from origin 'http://127.0.0.1:8000' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://127.0.0.1:8000' is therefore not allowed access. |
| CONSOLE ERROR: Redirect from 'http://localhost:8000/security/resources/cors-redirect.php?mode=anonymous&url=http://localhost:8000/security/resources/script-allow-credentials.php' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. Origin 'http://127.0.0.1:8000' is therefore not allowed access. |
| CONSOLE ERROR: Redirect from 'http://localhost:8000/security/resources/cors-redirect.php?mode=anonymous&url=http://127.0.0.1:8000/security/resources/script-allow-credentials.php' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. Origin 'http://127.0.0.1:8000' is therefore not allowed access. |
| Testing the handling of CORS-enabled script fetch in the presence of 'anonymous' redirects. |
| |
| On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE". |
| |
| |
| PASS/FAIL descriptions are of the form, 'CORS request type': 'redirect CORS type' => 'resource' |
| |
| PASS: Anonymous request: anonymous => no-CORS script resource. |
| PASS: Anonymous request: anonymous => anonymous-CORS script resource. |
| PASS: Credentialled request: anonymous => credentialled script resource (same origin.) |
| PASS: Credentialled request: anonymous => credentialled script resource (cross origin.) |
| PASS successfullyParsed is true |
| |
| TEST COMPLETE |
| |