content/base/test/file_x-frame-options_page.sjs@6474c204b198 (annotated)
content/base/test/file_x-frame-options_page.sjs
Wed, 31 Dec 2014 06:09:35 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Wed, 31 Dec 2014 06:09:35 +0100
- changeset 0
- 6474c204b198
- permissions
- -rw-r--r--
Cloned upstream origin tor-browser at tor-browser-31.3.0esr-4.5-1-build1
revision ID fc1c9ff7c1b2defdbc039f12214767608f46423f for hacking purpose.
| michael@0 | 1 | // SJS file for X-Frame-Options mochitests |
| michael@0 | 2 | function handleRequest(request, response) |
| michael@0 | 3 | { |
| michael@0 | 4 | var query = {}; |
| michael@0 | 5 | var BOUNDARY = "BOUNDARYOMG3984"; |
| michael@0 | 6 | request.queryString.split('&').forEach(function (val) { |
| michael@0 | 7 | var [name, value] = val.split('='); |
| michael@0 | 8 | query[name] = unescape(value); |
| michael@0 | 9 | }); |
| michael@0 | 10 | |
| michael@0 | 11 | if (query['multipart'] == "1") { |
| michael@0 | 12 | response.setHeader("Content-Type", "multipart/x-mixed-replace;boundary=" + BOUNDARY, false); |
| michael@0 | 13 | response.setHeader("Cache-Control", "no-cache", false); |
| michael@0 | 14 | response.setStatusLine(request.httpVersion, 200, "OK"); |
| michael@0 | 15 | response.write("--" + BOUNDARY + "\r\n"); |
| michael@0 | 16 | response.write("Content-Type: text/html\r\n\r\n"); |
| michael@0 | 17 | } else { |
| michael@0 | 18 | response.setHeader("Content-Type", "text/html", false); |
| michael@0 | 19 | response.setHeader("Cache-Control", "no-cache", false); |
| michael@0 | 20 | } |
| michael@0 | 21 | |
| michael@0 | 22 | var testHeaders = { |
| michael@0 | 23 | "deny": "DENY", |
| michael@0 | 24 | "sameorigin": "SAMEORIGIN", |
| michael@0 | 25 | "sameorigin2": "SAMEORIGIN, SAMEORIGIN", |
| michael@0 | 26 | "sameorigin3": "SAMEORIGIN,SAMEORIGIN , SAMEORIGIN", |
| michael@0 | 27 | "mixedpolicy": "DENY,SAMEORIGIN", |
| michael@0 | 28 | |
| michael@0 | 29 | /* added for bug 836132 */ |
| michael@0 | 30 | "afa": "ALLOW-FROM http://mochi.test:8888/", |
| michael@0 | 31 | "afd": "ALLOW-FROM http://example.com/", |
| michael@0 | 32 | "afa1": "ALLOW-FROM http://mochi.test:8888", |
| michael@0 | 33 | "afd1": "ALLOW-FROM:example.com", |
| michael@0 | 34 | "afd2": "ALLOW-FROM: example.com", |
| michael@0 | 35 | "afd3": "ALLOW-FROM example.com", |
| michael@0 | 36 | "afd4": "ALLOW-FROM:http://example.com", |
| michael@0 | 37 | "afd5": "ALLOW-FROM: http://example.com", |
| michael@0 | 38 | "afd6": "ALLOW-FROM http://example.com", |
| michael@0 | 39 | "afd7": "ALLOW-FROM:mochi.test:8888", |
| michael@0 | 40 | "afd8": "ALLOW-FROM: mochi.test:8888", |
| michael@0 | 41 | "afd9": "ALLOW-FROM:http://mochi.test:8888", |
| michael@0 | 42 | "afd10": "ALLOW-FROM: http://mochi.test:8888", |
| michael@0 | 43 | "afd11": "ALLOW-FROM mochi.test:8888", |
| michael@0 | 44 | "afd12": "ALLOW-FROM", |
| michael@0 | 45 | "afd13": "ALLOW-FROM ", |
| michael@0 | 46 | "afd14": "ALLOW-FROM:" |
| michael@0 | 47 | }; |
| michael@0 | 48 | |
| michael@0 | 49 | if (testHeaders.hasOwnProperty(query['xfo'])) { |
| michael@0 | 50 | response.setHeader("X-Frame-Options", testHeaders[query['xfo']], false); |
| michael@0 | 51 | } |
| michael@0 | 52 | |
| michael@0 | 53 | // from the test harness we'll be checking for the presence of this element |
| michael@0 | 54 | // to test if the page loaded |
| michael@0 | 55 | response.write("<h1 id=\"test\">" + query["testid"] + "</h1>"); |
| michael@0 | 56 | |
| michael@0 | 57 | if (query['multipart'] == "1") { |
| michael@0 | 58 | response.write("\r\n--" + BOUNDARY + "\r\n"); |
| michael@0 | 59 | } |
| michael@0 | 60 | } |
