<?php
if (!isset($_SERVER['PHP_AUTH_USER'])) {
header('WWW-Authenticate: Basic realm="WebKit test - credentials-in-referer"');
header('HTTP/1.0 401 Unauthorized');
echo 'Authentication canceled';
exit;
}
?>
<script>
if (window.testRunner) {
testRunner.waitUntilDone();
testRunner.dumpAsText();
}
function log(message)
{
parent.document.getElementById("log").innerHTML += message + "<br>";
}
window.onload = function() {
var xhr = new XMLHttpRequest;
xhr.open("GET", "credentials-in-referer.php", false);
xhr.send(null);
log("Sync XHR: " + (xhr.responseText.match(/FAIL/) ? "FAIL" : "PASS"));
xhr.open("GET", "credentials-in-referer.php", true);
xhr.send(null);
xhr.onload = onXHRLoad;
}
function onXHRLoad(evt)
{
log("Async XHR: " + (evt.target.responseText.match(/FAIL/) ? "FAIL" : "PASS"));
log("DONE");
if (window.testRunner)
testRunner.notifyDone();
}
</script>
<script src="credentials-in-referer.php"></script>