1<html> 2<head> 3<script> 4var success = false; 5 6function OnLoad() { 7 try { 8 var request = new XMLHttpRequest(); 9 request.open("GET", "file:///c:/foo.txt", false); 10 request.send(null); 11 } catch (e) { 12 success = true; 13 } 14 document.getElementById("console").appendChild( 15 document.createTextNode(success ? "SUCCESS" : "FAILURE")); 16} 17 18function DidSucceed() { 19 return success; 20} 21 22</script> 23</head> 24<body onload="OnLoad();"> 25This page sends a synchronous XMLHttpRequest to fetch a local file, which 26should not be allowed. 27<div id="console"></div> 28</body> 29</html> 30