CONSOLE ERROR: Access to XMLHttpRequest at 'http://localhost:8080/xmlhttprequest/resources/forbidden.txt' (redirected from 'http://127.0.0.1:8000/xmlhttprequest/resources/redirect.php?url=http://localhost:8080/xmlhttprequest/resources/forbidden.txt') from origin 'http://127.0.0.1:8000' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
CONSOLE ERROR: Access to XMLHttpRequest at 'http://localhost:8080/xmlhttprequest/resources/forbidden.txt' (redirected from 'http://127.0.0.1:8000/xmlhttprequest/resources/redirect.php?url=http://localhost:8080/xmlhttprequest/resources/forbidden.txt') from origin 'http://127.0.0.1:8000' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
This tests that unsafe redirects won't be allowed when making an XMLHttpRequest.
Sync XHR started.
readyState change 1
Exception: NetworkError: Failed to execute 'send' on 'XMLHttpRequest': Failed to load 'http://127.0.0.1:8000/xmlhttprequest/resources/redirect.php?url=http://localhost:8080/xmlhttprequest/resources/forbidden.txt'.
Async XHR started.
readyState change 1
readyState change 4
SUCCESS: Error handler was called with readyState 4
Codebase Browser
chromium