blob: 10fb99ac9960cdba0940a3c9c1f2fc4018aefe79 [file] [log] [blame]
<!DOCTYPE html>
<title>CORS test</title>
html,body{font:normal 1em arial,helvetica;}
<script> //
// Create the XHR object.
function createCORSRequest(method, url) {
var xhr = new XMLHttpRequest();
if ("withCredentials" in xhr) {
// XHR for Chrome/Firefox/Opera/Safari., url, true);
} else if (typeof XDomainRequest != "undefined") {
// XDomainRequest for IE.
xhr = new XDomainRequest();, url);
} else {
// CORS not supported.
xhr = null;
return xhr;
// Helper method to parse the title tag from the response.
function getTitle(text) {
return text.match('<title>(.*)?</title>')[1];
// Make the actual CORS request.
function makeCorsRequest(method, resource) {
var url = "http://localhost:8080/cors.reply." + resource;
var xhr = createCORSRequest(method, url);
if (!xhr) {
alert('ERROR: CORS not supported');
// Response handlers.
xhr.onload = function() {
var text = xhr.responseText;
var title = getTitle(text);
alert('Response from CORS request to ' + url + ':\n' + title);
xhr.onerror = function() {
alert('ERROR: the request failed.');
function start() {
var el = document.getElementById("from");
el.innerHTML = "Test CORS from " + document.URL + " to http://localhost:8080/cors.reply.*";
if ((document.URL.indexOf("localhost") >= 0) || (document.URL.indexOf("") >= 0)) {
alert("This CORS test is only meaningful, if you open this site with a different url than \'localhost\' (\nYou may use a different IP of the same machine.");
<body onload="start()">
<h1>Cross-origin resource sharing test</h1>
<p id="from">*** Error: Javascript is not activated. This test will not work. ***</p>
<button onclick="makeCorsRequest('GET', 'html')">Run CORS GET request (static resource)</button>
<button onclick="makeCorsRequest('GET', 'shtml')">Run CORS GET request (ssi)</button>
<button onclick="makeCorsRequest('GET', 'lua/getit')">Run CORS GET request (dynamic resource)</button>
<button onclick="makeCorsRequest('PUT', 'lua/putit')">Run CORS PUT request (dynamic resource)</button>
<p>More information on CORS: See <a href=""></a> and <a href=""></a>.</p>