| <!DOCTYPE HTML> |
| <head> |
| <title>No credentials should be prompted for on seeing a 401 for <img crossorigin>.</title> |
| <script src="/resources/testharness.js"></script> |
| <script src="/resources/testharnessreport.js"></script> |
| </head> |
| <body> |
| <script> |
| async_test(t => { |
| var i = document.createElement('img'); |
| i.src = "http://localhost:8000/security/resources/img-basic-auth.php?uid=41532"; |
| i.crossorigin = "anonymous"; |
| i.onload = t.unreached_func("Expected cross-origin access check failure."); |
| i.onerror = t.step_func_done(); |
| }, 'crossorigin="anonymous"'); |
| |
| async_test(t => { |
| var i = document.createElement('img'); |
| i.src = "http://localhost:8000/security/resources/img-basic-auth.php?uid=41533"; |
| i.crossorigin = "use-credentials"; |
| i.onload = t.unreached_func("Expected cross-origin access check failure."); |
| i.onerror = t.step_func_done(); |
| }, 'crossorigin="use-credentials"'); |
| </script> |
| </body> |