| <html> |
| <head> |
| <script> |
| var success = false; |
| |
| function OnLoad() { |
| try { |
| var request = new XMLHttpRequest(); |
| request.open("GET", "file:///c:/foo.txt", false); |
| request.send(null); |
| } catch (e) { |
| success = true; |
| } |
| document.getElementById("console").appendChild( |
| document.createTextNode(success ? "SUCCESS" : "FAILURE")); |
| } |
| |
| function DidSucceed() { |
| return success; |
| } |
| |
| </script> |
| </head> |
| <body onload="OnLoad();"> |
| This page sends a synchronous XMLHttpRequest to fetch a local file, which |
| should not be allowed. |
| <div id="console"></div> |
| </body> |
| </html> |