mirror of
https://gitlab.winehq.org/wine/wine-gecko.git
synced 2024-09-13 09:24:08 -07:00
8edbabf141
CLOSED TREE Backed out changeset 9318cab3bd13 (bug 1117650) Backed out changeset aff44058c799 (bug 1117650) Backed out changeset eef01ed4d406 (bug 1117650) Backed out changeset 1b25392be437 (bug 1117650) --HG-- rename : dom/security/test/TestCSPParser.cpp => dom/base/test/TestCSPParser.cpp rename : dom/security/test/csp/chrome.ini => dom/base/test/csp/chrome.ini rename : dom/security/test/csp/file_CSP.css => dom/base/test/csp/file_CSP.css rename : dom/security/test/csp/file_CSP.sjs => dom/base/test/csp/file_CSP.sjs rename : dom/security/test/csp/file_bug663567.xsl => dom/base/test/csp/file_CSP_bug663567.xsl rename : dom/security/test/csp/file_bug663567_allows.xml => dom/base/test/csp/file_CSP_bug663567_allows.xml rename : dom/security/test/csp/file_bug663567_allows.xml^headers^ => dom/base/test/csp/file_CSP_bug663567_allows.xml^headers^ rename : dom/security/test/csp/file_bug663567_blocks.xml => dom/base/test/csp/file_CSP_bug663567_blocks.xml rename : dom/security/test/csp/file_bug663567_blocks.xml^headers^ => dom/base/test/csp/file_CSP_bug663567_blocks.xml^headers^ rename : dom/security/test/csp/file_bug802872.html => dom/base/test/csp/file_CSP_bug802872.html rename : dom/security/test/csp/file_bug802872.html^headers^ => dom/base/test/csp/file_CSP_bug802872.html^headers^ rename : dom/security/test/csp/file_bug802872.js => dom/base/test/csp/file_CSP_bug802872.js rename : dom/security/test/csp/file_bug802872.sjs => dom/base/test/csp/file_CSP_bug802872.sjs rename : dom/security/test/csp/file_bug885433_allows.html => dom/base/test/csp/file_CSP_bug885433_allows.html rename : dom/security/test/csp/file_bug885433_allows.html^headers^ => dom/base/test/csp/file_CSP_bug885433_allows.html^headers^ rename : dom/security/test/csp/file_bug885433_blocks.html => dom/base/test/csp/file_CSP_bug885433_blocks.html rename : dom/security/test/csp/file_bug885433_blocks.html^headers^ => dom/base/test/csp/file_CSP_bug885433_blocks.html^headers^ rename : dom/security/test/csp/file_bug888172.html => dom/base/test/csp/file_CSP_bug888172.html rename : dom/security/test/csp/file_bug888172.sjs => dom/base/test/csp/file_CSP_bug888172.sjs rename : dom/security/test/csp/file_bug909029_none.html => dom/base/test/csp/file_CSP_bug909029_none.html rename : dom/security/test/csp/file_bug909029_none.html^headers^ => dom/base/test/csp/file_CSP_bug909029_none.html^headers^ rename : dom/security/test/csp/file_bug909029_star.html => dom/base/test/csp/file_CSP_bug909029_star.html rename : dom/security/test/csp/file_bug909029_star.html^headers^ => dom/base/test/csp/file_CSP_bug909029_star.html^headers^ rename : dom/security/test/csp/file_bug910139.sjs => dom/base/test/csp/file_CSP_bug910139.sjs rename : dom/security/test/csp/file_bug910139.xml => dom/base/test/csp/file_CSP_bug910139.xml rename : dom/security/test/csp/file_bug910139.xsl => dom/base/test/csp/file_CSP_bug910139.xsl rename : dom/security/test/csp/file_bug941404.html => dom/base/test/csp/file_CSP_bug941404.html rename : dom/security/test/csp/file_bug941404_xhr.html => dom/base/test/csp/file_CSP_bug941404_xhr.html rename : dom/security/test/csp/file_bug941404_xhr.html^headers^ => dom/base/test/csp/file_CSP_bug941404_xhr.html^headers^ rename : dom/security/test/csp/file_evalscript_main.html => dom/base/test/csp/file_CSP_evalscript_main.html rename : dom/security/test/csp/file_evalscript_main.html^headers^ => dom/base/test/csp/file_CSP_evalscript_main.html^headers^ rename : dom/security/test/csp/file_evalscript_main.js => dom/base/test/csp/file_CSP_evalscript_main.js rename : dom/security/test/csp/file_evalscript_main_allowed.html => dom/base/test/csp/file_CSP_evalscript_main_allowed.html rename : dom/security/test/csp/file_evalscript_main_allowed.html^headers^ => dom/base/test/csp/file_CSP_evalscript_main_allowed.html^headers^ rename : dom/security/test/csp/file_evalscript_main_allowed.js => dom/base/test/csp/file_CSP_evalscript_main_allowed.js rename : dom/security/test/csp/file_frameancestors.sjs => dom/base/test/csp/file_CSP_frameancestors.sjs rename : dom/security/test/csp/file_frameancestors_main.html => dom/base/test/csp/file_CSP_frameancestors_main.html rename : dom/security/test/csp/file_frameancestors_main.js => dom/base/test/csp/file_CSP_frameancestors_main.js rename : dom/security/test/csp/file_inlinescript_main.html => dom/base/test/csp/file_CSP_inlinescript_main.html rename : dom/security/test/csp/file_inlinescript_main.html^headers^ => dom/base/test/csp/file_CSP_inlinescript_main.html^headers^ rename : dom/security/test/csp/file_inlinescript_main_allowed.html => dom/base/test/csp/file_CSP_inlinescript_main_allowed.html rename : dom/security/test/csp/file_inlinescript_main_allowed.html^headers^ => dom/base/test/csp/file_CSP_inlinescript_main_allowed.html^headers^ rename : dom/security/test/csp/file_inlinestyle_main.html => dom/base/test/csp/file_CSP_inlinestyle_main.html rename : dom/security/test/csp/file_inlinestyle_main.html^headers^ => dom/base/test/csp/file_CSP_inlinestyle_main.html^headers^ rename : dom/security/test/csp/file_inlinestyle_main_allowed.html => dom/base/test/csp/file_CSP_inlinestyle_main_allowed.html rename : dom/security/test/csp/file_inlinestyle_main_allowed.html^headers^ => dom/base/test/csp/file_CSP_inlinestyle_main_allowed.html^headers^ rename : dom/security/test/csp/file_main.html => dom/base/test/csp/file_CSP_main.html rename : dom/security/test/csp/file_main.html^headers^ => dom/base/test/csp/file_CSP_main.html^headers^ rename : dom/security/test/csp/file_main.js => dom/base/test/csp/file_CSP_main.js rename : dom/security/test/csp/file_base-uri.html => dom/base/test/csp/file_base-uri.html rename : dom/security/test/csp/file_bug836922_npolicies.html => dom/base/test/csp/file_bug836922_npolicies.html rename : dom/security/test/csp/file_bug836922_npolicies.html^headers^ => dom/base/test/csp/file_bug836922_npolicies.html^headers^ rename : dom/security/test/csp/file_bug836922_npolicies_ro_violation.sjs => dom/base/test/csp/file_bug836922_npolicies_ro_violation.sjs rename : dom/security/test/csp/file_bug836922_npolicies_violation.sjs => dom/base/test/csp/file_bug836922_npolicies_violation.sjs rename : dom/security/test/csp/file_bug886164.html => dom/base/test/csp/file_bug886164.html rename : dom/security/test/csp/file_bug886164.html^headers^ => dom/base/test/csp/file_bug886164.html^headers^ rename : dom/security/test/csp/file_bug886164_2.html => dom/base/test/csp/file_bug886164_2.html rename : dom/security/test/csp/file_bug886164_2.html^headers^ => dom/base/test/csp/file_bug886164_2.html^headers^ rename : dom/security/test/csp/file_bug886164_3.html => dom/base/test/csp/file_bug886164_3.html rename : dom/security/test/csp/file_bug886164_3.html^headers^ => dom/base/test/csp/file_bug886164_3.html^headers^ rename : dom/security/test/csp/file_bug886164_4.html => dom/base/test/csp/file_bug886164_4.html rename : dom/security/test/csp/file_bug886164_4.html^headers^ => dom/base/test/csp/file_bug886164_4.html^headers^ rename : dom/security/test/csp/file_bug886164_5.html => dom/base/test/csp/file_bug886164_5.html rename : dom/security/test/csp/file_bug886164_5.html^headers^ => dom/base/test/csp/file_bug886164_5.html^headers^ rename : dom/security/test/csp/file_bug886164_6.html => dom/base/test/csp/file_bug886164_6.html rename : dom/security/test/csp/file_bug886164_6.html^headers^ => dom/base/test/csp/file_bug886164_6.html^headers^ rename : dom/security/test/csp/file_connect-src.html => dom/base/test/csp/file_connect-src.html rename : dom/security/test/csp/file_allow_https_schemes.html => dom/base/test/csp/file_csp_allow_https_schemes.html rename : dom/security/test/csp/file_bug768029.html => dom/base/test/csp/file_csp_bug768029.html rename : dom/security/test/csp/file_bug768029.sjs => dom/base/test/csp/file_csp_bug768029.sjs rename : dom/security/test/csp/file_bug773891.html => dom/base/test/csp/file_csp_bug773891.html rename : dom/security/test/csp/file_bug773891.sjs => dom/base/test/csp/file_csp_bug773891.sjs rename : dom/security/test/csp/file_invalid_source_expression.html => dom/base/test/csp/file_csp_invalid_source_expression.html rename : dom/security/test/csp/file_path_matching.html => dom/base/test/csp/file_csp_path_matching.html rename : dom/security/test/csp/file_path_matching.js => dom/base/test/csp/file_csp_path_matching.js rename : dom/security/test/csp/file_path_matching_redirect.html => dom/base/test/csp/file_csp_path_matching_redirect.html rename : dom/security/test/csp/file_path_matching_redirect_server.sjs => dom/base/test/csp/file_csp_path_matching_redirect_server.sjs rename : dom/security/test/csp/file_redirects_main.html => dom/base/test/csp/file_csp_redirects_main.html rename : dom/security/test/csp/file_redirects_page.sjs => dom/base/test/csp/file_csp_redirects_page.sjs rename : dom/security/test/csp/file_redirects_resource.sjs => dom/base/test/csp/file_csp_redirects_resource.sjs rename : dom/security/test/csp/file_referrerdirective.html => dom/base/test/csp/file_csp_referrerdirective.html rename : dom/security/test/csp/file_report.html => dom/base/test/csp/file_csp_report.html rename : dom/security/test/csp/file_testserver.sjs => dom/base/test/csp/file_csp_testserver.sjs rename : dom/security/test/csp/file_form-action.html => dom/base/test/csp/file_form-action.html rename : dom/security/test/csp/file_hash_source.html => dom/base/test/csp/file_hash_source.html rename : dom/security/test/csp/file_hash_source.html^headers^ => dom/base/test/csp/file_hash_source.html^headers^ rename : dom/security/test/csp/file_leading_wildcard.html => dom/base/test/csp/file_leading_wildcard.html rename : dom/security/test/csp/file_multi_policy_injection_bypass.html => dom/base/test/csp/file_multi_policy_injection_bypass.html rename : dom/security/test/csp/file_multi_policy_injection_bypass.html^headers^ => dom/base/test/csp/file_multi_policy_injection_bypass.html^headers^ rename : dom/security/test/csp/file_multi_policy_injection_bypass_2.html => dom/base/test/csp/file_multi_policy_injection_bypass_2.html rename : dom/security/test/csp/file_multi_policy_injection_bypass_2.html^headers^ => dom/base/test/csp/file_multi_policy_injection_bypass_2.html^headers^ rename : dom/security/test/csp/file_nonce_source.html => dom/base/test/csp/file_nonce_source.html rename : dom/security/test/csp/file_nonce_source.html^headers^ => dom/base/test/csp/file_nonce_source.html^headers^ rename : dom/security/test/csp/file_policyuri_regression_from_multipolicy.html => dom/base/test/csp/file_policyuri_regression_from_multipolicy.html rename : dom/security/test/csp/file_policyuri_regression_from_multipolicy.html^headers^ => dom/base/test/csp/file_policyuri_regression_from_multipolicy.html^headers^ rename : dom/security/test/csp/file_policyuri_regression_from_multipolicy_policy => dom/base/test/csp/file_policyuri_regression_from_multipolicy_policy rename : dom/security/test/csp/file_redirect_content.sjs => dom/base/test/csp/file_redirect_content.sjs rename : dom/security/test/csp/file_redirect_report.sjs => dom/base/test/csp/file_redirect_report.sjs rename : dom/security/test/csp/file_report_uri_missing_in_report_only_header.html => dom/base/test/csp/file_report_uri_missing_in_report_only_header.html rename : dom/security/test/csp/file_report_uri_missing_in_report_only_header.html^headers^ => dom/base/test/csp/file_report_uri_missing_in_report_only_header.html^headers^ rename : dom/security/test/csp/file_self_none_as_hostname_confusion.html => dom/base/test/csp/file_self_none_as_hostname_confusion.html rename : dom/security/test/csp/file_self_none_as_hostname_confusion.html^headers^ => dom/base/test/csp/file_self_none_as_hostname_confusion.html^headers^ rename : dom/security/test/csp/file_subframe_run_js_if_allowed.html => dom/base/test/csp/file_subframe_run_js_if_allowed.html rename : dom/security/test/csp/file_subframe_run_js_if_allowed.html^headers^ => dom/base/test/csp/file_subframe_run_js_if_allowed.html^headers^ rename : dom/security/test/csp/file_worker_redirect.html => dom/base/test/csp/file_worker_redirect.html rename : dom/security/test/csp/file_worker_redirect.sjs => dom/base/test/csp/file_worker_redirect.sjs rename : dom/security/test/csp/mochitest.ini => dom/base/test/csp/mochitest.ini rename : dom/security/test/csp/referrerdirective.sjs => dom/base/test/csp/referrerdirective.sjs rename : dom/security/test/csp/test_301_redirect.html => dom/base/test/csp/test_301_redirect.html rename : dom/security/test/csp/test_302_redirect.html => dom/base/test/csp/test_302_redirect.html rename : dom/security/test/csp/test_303_redirect.html => dom/base/test/csp/test_303_redirect.html rename : dom/security/test/csp/test_307_redirect.html => dom/base/test/csp/test_307_redirect.html rename : dom/security/test/csp/test_CSP.html => dom/base/test/csp/test_CSP.html rename : dom/security/test/csp/test_bug663567.html => dom/base/test/csp/test_CSP_bug663567.html rename : dom/security/test/csp/test_bug802872.html => dom/base/test/csp/test_CSP_bug802872.html rename : dom/security/test/csp/test_bug885433.html => dom/base/test/csp/test_CSP_bug885433.html rename : dom/security/test/csp/test_bug888172.html => dom/base/test/csp/test_CSP_bug888172.html rename : dom/security/test/csp/test_bug909029.html => dom/base/test/csp/test_CSP_bug909029.html rename : dom/security/test/csp/test_bug910139.html => dom/base/test/csp/test_CSP_bug910139.html rename : dom/security/test/csp/test_bug941404.html => dom/base/test/csp/test_CSP_bug941404.html rename : dom/security/test/csp/test_evalscript.html => dom/base/test/csp/test_CSP_evalscript.html rename : dom/security/test/csp/test_frameancestors.html => dom/base/test/csp/test_CSP_frameancestors.html rename : dom/security/test/csp/test_inlinescript.html => dom/base/test/csp/test_CSP_inlinescript.html rename : dom/security/test/csp/test_inlinestyle.html => dom/base/test/csp/test_CSP_inlinestyle.html rename : dom/security/test/csp/test_referrerdirective.html => dom/base/test/csp/test_CSP_referrerdirective.html rename : dom/security/test/csp/test_base-uri.html => dom/base/test/csp/test_base-uri.html rename : dom/security/test/csp/test_bug836922_npolicies.html => dom/base/test/csp/test_bug836922_npolicies.html rename : dom/security/test/csp/test_bug886164.html => dom/base/test/csp/test_bug886164.html rename : dom/security/test/csp/test_bug949549.html => dom/base/test/csp/test_bug949549.html rename : dom/security/test/csp/test_connect-src.html => dom/base/test/csp/test_connect-src.html rename : dom/security/test/csp/test_allow_https_schemes.html => dom/base/test/csp/test_csp_allow_https_schemes.html rename : dom/security/test/csp/test_bug768029.html => dom/base/test/csp/test_csp_bug768029.html rename : dom/security/test/csp/test_bug773891.html => dom/base/test/csp/test_csp_bug773891.html rename : dom/security/test/csp/test_invalid_source_expression.html => dom/base/test/csp/test_csp_invalid_source_expression.html rename : dom/security/test/csp/test_path_matching.html => dom/base/test/csp/test_csp_path_matching.html rename : dom/security/test/csp/test_path_matching_redirect.html => dom/base/test/csp/test_csp_path_matching_redirect.html rename : dom/security/test/csp/test_redirects.html => dom/base/test/csp/test_csp_redirects.html rename : dom/security/test/csp/test_report.html => dom/base/test/csp/test_csp_report.html rename : dom/security/test/csp/test_form-action.html => dom/base/test/csp/test_form-action.html rename : dom/security/test/csp/test_hash_source.html => dom/base/test/csp/test_hash_source.html rename : dom/security/test/csp/test_leading_wildcard.html => dom/base/test/csp/test_leading_wildcard.html rename : dom/security/test/csp/test_multi_policy_injection_bypass.html => dom/base/test/csp/test_multi_policy_injection_bypass.html rename : dom/security/test/csp/test_nonce_source.html => dom/base/test/csp/test_nonce_source.html rename : dom/security/test/csp/test_policyuri_regression_from_multipolicy.html => dom/base/test/csp/test_policyuri_regression_from_multipolicy.html rename : dom/security/test/csp/test_report_uri_missing_in_report_only_header.html => dom/base/test/csp/test_report_uri_missing_in_report_only_header.html rename : dom/security/test/csp/test_self_none_as_hostname_confusion.html => dom/base/test/csp/test_self_none_as_hostname_confusion.html rename : dom/security/test/csp/test_subframe_run_js_if_allowed.html => dom/base/test/csp/test_subframe_run_js_if_allowed.html rename : dom/security/test/csp/test_worker_redirect.html => dom/base/test/csp/test_worker_redirect.html rename : dom/security/test/cors/file_CrossSiteXHR_cache_server.sjs => dom/base/test/file_CrossSiteXHR_cache_server.sjs rename : dom/security/test/cors/file_CrossSiteXHR_inner.html => dom/base/test/file_CrossSiteXHR_inner.html rename : dom/security/test/cors/file_CrossSiteXHR_inner.jar => dom/base/test/file_CrossSiteXHR_inner.jar rename : dom/security/test/cors/file_CrossSiteXHR_inner_data.sjs => dom/base/test/file_CrossSiteXHR_inner_data.sjs rename : dom/security/test/cors/file_CrossSiteXHR_server.sjs => dom/base/test/file_CrossSiteXHR_server.sjs rename : dom/security/test/mixedcontentblocker/file_bug803225_test_mailto.html => dom/base/test/mixedcontentblocker/bug803225_test_mailto.html rename : dom/security/test/mixedcontentblocker/file_frameNavigation.html => dom/base/test/mixedcontentblocker/file_mixed_content_frameNavigation.html rename : dom/security/test/mixedcontentblocker/file_frameNavigation_blankTarget.html => dom/base/test/mixedcontentblocker/file_mixed_content_frameNavigation_blankTarget.html rename : dom/security/test/mixedcontentblocker/file_frameNavigation_grandchild.html => dom/base/test/mixedcontentblocker/file_mixed_content_frameNavigation_grandchild.html rename : dom/security/test/mixedcontentblocker/file_frameNavigation_innermost.html => dom/base/test/mixedcontentblocker/file_mixed_content_frameNavigation_innermost.html rename : dom/security/test/mixedcontentblocker/file_frameNavigation_secure.html => dom/base/test/mixedcontentblocker/file_mixed_content_frameNavigation_secure.html rename : dom/security/test/mixedcontentblocker/file_frameNavigation_secure_grandchild.html => dom/base/test/mixedcontentblocker/file_mixed_content_frameNavigation_secure_grandchild.html rename : dom/security/test/mixedcontentblocker/file_main.html => dom/base/test/mixedcontentblocker/file_mixed_content_main.html rename : dom/security/test/mixedcontentblocker/file_main_bug803225.html => dom/base/test/mixedcontentblocker/file_mixed_content_main_bug803225.html rename : dom/security/test/mixedcontentblocker/file_main_bug803225_websocket_wsh.py => dom/base/test/mixedcontentblocker/file_mixed_content_main_bug803225_websocket_wsh.py rename : dom/security/test/mixedcontentblocker/file_server.sjs => dom/base/test/mixedcontentblocker/file_mixed_content_server.sjs rename : dom/security/test/mixedcontentblocker/mochitest.ini => dom/base/test/mixedcontentblocker/mochitest.ini rename : dom/security/test/mixedcontentblocker/test_main.html => dom/base/test/mixedcontentblocker/test_mixed_content_blocker.html rename : dom/security/test/mixedcontentblocker/test_bug803225.html => dom/base/test/mixedcontentblocker/test_mixed_content_blocker_bug803225.html rename : dom/security/test/mixedcontentblocker/test_frameNavigation.html => dom/base/test/mixedcontentblocker/test_mixed_content_blocker_frameNavigation.html rename : dom/security/test/cors/test_CrossSiteXHR.html => dom/base/test/test_CrossSiteXHR.html rename : dom/security/test/cors/test_CrossSiteXHR_cache.html => dom/base/test/test_CrossSiteXHR_cache.html rename : dom/security/test/cors/test_CrossSiteXHR_origin.html => dom/base/test/test_CrossSiteXHR_origin.html rename : dom/security/test/unit/test_cspreports.js => dom/base/test/unit/test_cspreports.js
163 lines
5.1 KiB
JavaScript
163 lines
5.1 KiB
JavaScript
const CC = Components.Constructor;
|
|
const BinaryInputStream = CC("@mozilla.org/binaryinputstream;1",
|
|
"nsIBinaryInputStream",
|
|
"setInputStream");
|
|
|
|
function handleRequest(request, response)
|
|
{
|
|
var query = {};
|
|
request.queryString.split('&').forEach(function (val) {
|
|
var [name, value] = val.split('=');
|
|
query[name] = unescape(value);
|
|
});
|
|
|
|
var isPreflight = request.method == "OPTIONS";
|
|
|
|
var bodyStream = new BinaryInputStream(request.bodyInputStream);
|
|
var bodyBytes = [];
|
|
while ((bodyAvail = bodyStream.available()) > 0)
|
|
Array.prototype.push.apply(bodyBytes, bodyStream.readByteArray(bodyAvail));
|
|
|
|
var body = decodeURIComponent(
|
|
escape(String.fromCharCode.apply(null, bodyBytes)));
|
|
|
|
// Check that request was correct
|
|
|
|
if (!isPreflight && query.body && body != query.body) {
|
|
sendHttp500(response, "Wrong body. Expected " + query.body + " got " +
|
|
body);
|
|
return;
|
|
}
|
|
|
|
if (!isPreflight && "headers" in query) {
|
|
headers = eval(query.headers);
|
|
for(headerName in headers) {
|
|
// Content-Type is changed if there was a body
|
|
if (!(headerName == "Content-Type" && body) &&
|
|
request.getHeader(headerName) != headers[headerName]) {
|
|
sendHttp500(response,
|
|
"Header " + headerName + " had wrong value. Expected " +
|
|
headers[headerName] + " got " + request.getHeader(headerName));
|
|
return;
|
|
}
|
|
}
|
|
}
|
|
|
|
if (isPreflight && "requestHeaders" in query &&
|
|
request.getHeader("Access-Control-Request-Headers") != query.requestHeaders) {
|
|
sendHttp500(response,
|
|
"Access-Control-Request-Headers had wrong value. Expected " +
|
|
query.requestHeaders + " got " +
|
|
request.getHeader("Access-Control-Request-Headers"));
|
|
return;
|
|
}
|
|
|
|
if (isPreflight && "requestMethod" in query &&
|
|
request.getHeader("Access-Control-Request-Method") != query.requestMethod) {
|
|
sendHttp500(response,
|
|
"Access-Control-Request-Method had wrong value. Expected " +
|
|
query.requestMethod + " got " +
|
|
request.getHeader("Access-Control-Request-Method"));
|
|
return;
|
|
}
|
|
|
|
if ("origin" in query && request.getHeader("Origin") != query.origin) {
|
|
sendHttp500(response,
|
|
"Origin had wrong value. Expected " + query.origin + " got " +
|
|
request.getHeader("Origin"));
|
|
return;
|
|
}
|
|
|
|
if ("cookie" in query) {
|
|
cookies = {};
|
|
request.getHeader("Cookie").split(/ *; */).forEach(function (val) {
|
|
var [name, value] = val.split('=');
|
|
cookies[name] = unescape(value);
|
|
});
|
|
|
|
query.cookie.split(",").forEach(function (val) {
|
|
var [name, value] = val.split('=');
|
|
if (cookies[name] != value) {
|
|
sendHttp500(response,
|
|
"Cookie " + name + " had wrong value. Expected " + value +
|
|
" got " + cookies[name]);
|
|
return;
|
|
}
|
|
});
|
|
}
|
|
|
|
if ("noCookie" in query && request.hasHeader("Cookie")) {
|
|
sendHttp500(response,
|
|
"Got cookies when didn't expect to: " + request.getHeader("Cookie"));
|
|
return;
|
|
}
|
|
|
|
// Send response
|
|
|
|
if (query.hop) {
|
|
query.hop = parseInt(query.hop, 10);
|
|
hops = eval(query.hops);
|
|
query.allowOrigin = hops[query.hop-1].allowOrigin;
|
|
query.allowHeaders = hops[query.hop-1].allowHeaders;
|
|
}
|
|
|
|
if (!isPreflight && query.status) {
|
|
response.setStatusLine(null, query.status, query.statusMessage);
|
|
}
|
|
if (isPreflight && query.preflightStatus) {
|
|
response.setStatusLine(null, query.preflightStatus, "preflight status");
|
|
}
|
|
|
|
if (query.allowOrigin && (!isPreflight || !query.noAllowPreflight))
|
|
response.setHeader("Access-Control-Allow-Origin", query.allowOrigin);
|
|
|
|
if (query.allowCred)
|
|
response.setHeader("Access-Control-Allow-Credentials", "true");
|
|
|
|
if (query.setCookie)
|
|
response.setHeader("Set-Cookie", query.setCookie + "; path=/");
|
|
|
|
if (isPreflight) {
|
|
if (query.allowHeaders)
|
|
response.setHeader("Access-Control-Allow-Headers", query.allowHeaders);
|
|
|
|
if (query.allowMethods)
|
|
response.setHeader("Access-Control-Allow-Methods", query.allowMethods);
|
|
}
|
|
else {
|
|
if (query.responseHeaders) {
|
|
let responseHeaders = eval(query.responseHeaders);
|
|
for (let responseHeader in responseHeaders) {
|
|
response.setHeader(responseHeader, responseHeaders[responseHeader]);
|
|
}
|
|
}
|
|
|
|
if (query.exposeHeaders)
|
|
response.setHeader("Access-Control-Expose-Headers", query.exposeHeaders);
|
|
}
|
|
|
|
if (query.hop && query.hop < hops.length) {
|
|
newURL = hops[query.hop].server +
|
|
"/tests/dom/base/test/file_CrossSiteXHR_server.sjs?" +
|
|
"hop=" + (query.hop + 1) + "&hops=" + query.hops;
|
|
response.setStatusLine(null, 307, "redirect");
|
|
response.setHeader("Location", newURL);
|
|
|
|
return;
|
|
}
|
|
|
|
// Send response body
|
|
if (!isPreflight && request.method != "HEAD") {
|
|
response.setHeader("Content-Type", "application/xml", false);
|
|
response.write("<res>hello pass</res>\n");
|
|
}
|
|
if (isPreflight && "preflightBody" in query) {
|
|
response.setHeader("Content-Type", "text/plain", false);
|
|
response.write(query.preflightBody);
|
|
}
|
|
}
|
|
|
|
function sendHttp500(response, text) {
|
|
response.setStatusLine(null, 500, text);
|
|
}
|