blob: cf5b06d5c4f4b60749e38f6a469a85e5efff0ea6 [file] [log] [blame]
// META: script=/common/get-host-info.sub.js
const crossOriginURL = get_host_info().HTTP_REMOTE_ORIGIN + "/fetch/cross-origin-resource-policy/resources/hello.py?corp=";
[
"same",
"same, same-origin",
"SAME-ORIGIN",
"Same-Origin",
"same-origin, <>",
"same-origin, same-origin"
].forEach(incorrectHeaderValue => {
// Note: an incorrect value results in a successful load, so this test is only meaningful in
// implementations with support for the header.
promise_test(t => {
return fetch(crossOriginURL + encodeURIComponent(incorrectHeaderValue), { mode: "no-cors" });
}, "Parsing Cross-Origin-Resource-Policy: " + incorrectHeaderValue);
});