4 <script src="../../../resources/testharness.js"></script>
5 <script src="../../../resources/testharnessreport.js"></script>
6 <link rel="help" "https://dvcs.w3.org/hg/webcomponents/raw-file/tip/spec/imports/index.html#imported-document" />
8 <link id="same" rel="import" href="http://127.0.0.1:8000/htmlimports/resources/hello.html">
9 <link id="cors" rel="import" href="http://localhost:8000/htmlimports/resources/cors-basic.cgi">
10 <link id="xs" rel="import" href="http://localhost:8000/htmlimports/resources/hello.html">
12 <link id="same-same" rel="import" href="/security/resources/redir.php?url=http://127.0.0.1:8000/htmlimports/resources/hello.html">
13 <link id="same-cors" rel="import" href="/security/resources/redir.php?url=http://localhost:8000/htmlimports/resources/cors-basic.cgi">
14 <link id="same-xs" rel="import" href="/security/resources/redir.php?url=http://localhost:8000/htmlimports/resources/hello.html">
19 function assert_loaded(id)
21 var target = document.getElementById(id);
22 assert_true(target.import instanceof Document)
23 assert_true(0 <= target.import.querySelector("h1").innerHTML.indexOf("Hello"));
26 function assert_not_loaded(id)
28 var target = document.getElementById(id);
29 assert_equals(target.import, null);
32 test(function() { assert_loaded("same"); }, "Accessing to a same origin import");
33 test(function() { assert_loaded("cors"); }, "Accessing to CORS-enabled origin import");
34 test(function() { assert_not_loaded("xs"); }, "Blocking access to a cross origin import");
36 test(function() { assert_loaded("same-same"); }, "Accessing to a same origin import including same domain redirect");
37 test(function() { assert_loaded("same-cors"); }, "Accessing to a CORS origin import including same domain redirect");
38 test(function() { assert_not_loaded("same-xs"); }, "Blocking access to a cross origin iamport including same domain redirect");