1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/content/base/test/file_CrossSiteXHR_server.sjs Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,162 @@
1.4 +const CC = Components.Constructor;
1.5 +const BinaryInputStream = CC("@mozilla.org/binaryinputstream;1",
1.6 + "nsIBinaryInputStream",
1.7 + "setInputStream");
1.8 +
1.9 +function handleRequest(request, response)
1.10 +{
1.11 + var query = {};
1.12 + request.queryString.split('&').forEach(function (val) {
1.13 + var [name, value] = val.split('=');
1.14 + query[name] = unescape(value);
1.15 + });
1.16 +
1.17 + var isPreflight = request.method == "OPTIONS";
1.18 +
1.19 + var bodyStream = new BinaryInputStream(request.bodyInputStream);
1.20 + var bodyBytes = [];
1.21 + while ((bodyAvail = bodyStream.available()) > 0)
1.22 + Array.prototype.push.apply(bodyBytes, bodyStream.readByteArray(bodyAvail));
1.23 +
1.24 + var body = decodeURIComponent(
1.25 + escape(String.fromCharCode.apply(null, bodyBytes)));
1.26 +
1.27 + // Check that request was correct
1.28 +
1.29 + if (!isPreflight && query.body && body != query.body) {
1.30 + sendHttp500(response, "Wrong body. Expected " + query.body + " got " +
1.31 + body);
1.32 + return;
1.33 + }
1.34 +
1.35 + if (!isPreflight && "headers" in query) {
1.36 + headers = eval(query.headers);
1.37 + for(headerName in headers) {
1.38 + // Content-Type is changed if there was a body
1.39 + if (!(headerName == "Content-Type" && body) &&
1.40 + request.getHeader(headerName) != headers[headerName]) {
1.41 + sendHttp500(response,
1.42 + "Header " + headerName + " had wrong value. Expected " +
1.43 + headers[headerName] + " got " + request.getHeader(headerName));
1.44 + return;
1.45 + }
1.46 + }
1.47 + }
1.48 +
1.49 + if (isPreflight && "requestHeaders" in query &&
1.50 + request.getHeader("Access-Control-Request-Headers") != query.requestHeaders) {
1.51 + sendHttp500(response,
1.52 + "Access-Control-Request-Headers had wrong value. Expected " +
1.53 + query.requestHeaders + " got " +
1.54 + request.getHeader("Access-Control-Request-Headers"));
1.55 + return;
1.56 + }
1.57 +
1.58 + if (isPreflight && "requestMethod" in query &&
1.59 + request.getHeader("Access-Control-Request-Method") != query.requestMethod) {
1.60 + sendHttp500(response,
1.61 + "Access-Control-Request-Method had wrong value. Expected " +
1.62 + query.requestMethod + " got " +
1.63 + request.getHeader("Access-Control-Request-Method"));
1.64 + return;
1.65 + }
1.66 +
1.67 + if ("origin" in query && request.getHeader("Origin") != query.origin) {
1.68 + sendHttp500(response,
1.69 + "Origin had wrong value. Expected " + query.origin + " got " +
1.70 + request.getHeader("Origin"));
1.71 + return;
1.72 + }
1.73 +
1.74 + if ("cookie" in query) {
1.75 + cookies = {};
1.76 + request.getHeader("Cookie").split(/ *; */).forEach(function (val) {
1.77 + var [name, value] = val.split('=');
1.78 + cookies[name] = unescape(value);
1.79 + });
1.80 +
1.81 + query.cookie.split(",").forEach(function (val) {
1.82 + var [name, value] = val.split('=');
1.83 + if (cookies[name] != value) {
1.84 + sendHttp500(response,
1.85 + "Cookie " + name + " had wrong value. Expected " + value +
1.86 + " got " + cookies[name]);
1.87 + return;
1.88 + }
1.89 + });
1.90 + }
1.91 +
1.92 + if ("noCookie" in query && request.hasHeader("Cookie")) {
1.93 + sendHttp500(response,
1.94 + "Got cookies when didn't expect to: " + request.getHeader("Cookie"));
1.95 + return;
1.96 + }
1.97 +
1.98 + // Send response
1.99 +
1.100 + if (query.hop) {
1.101 + query.hop = parseInt(query.hop, 10);
1.102 + hops = eval(query.hops);
1.103 + query.allowOrigin = hops[query.hop-1].allowOrigin;
1.104 + query.allowHeaders = hops[query.hop-1].allowHeaders;
1.105 + }
1.106 +
1.107 + if (!isPreflight && query.status) {
1.108 + response.setStatusLine(null, query.status, query.statusMessage);
1.109 + }
1.110 + if (isPreflight && query.preflightStatus) {
1.111 + response.setStatusLine(null, query.preflightStatus, "preflight status");
1.112 + }
1.113 +
1.114 + if (query.allowOrigin && (!isPreflight || !query.noAllowPreflight))
1.115 + response.setHeader("Access-Control-Allow-Origin", query.allowOrigin);
1.116 +
1.117 + if (query.allowCred)
1.118 + response.setHeader("Access-Control-Allow-Credentials", "true");
1.119 +
1.120 + if (query.setCookie)
1.121 + response.setHeader("Set-Cookie", query.setCookie + "; path=/");
1.122 +
1.123 + if (isPreflight) {
1.124 + if (query.allowHeaders)
1.125 + response.setHeader("Access-Control-Allow-Headers", query.allowHeaders);
1.126 +
1.127 + if (query.allowMethods)
1.128 + response.setHeader("Access-Control-Allow-Methods", query.allowMethods);
1.129 + }
1.130 + else {
1.131 + if (query.responseHeaders) {
1.132 + let responseHeaders = eval(query.responseHeaders);
1.133 + for (let responseHeader in responseHeaders) {
1.134 + response.setHeader(responseHeader, responseHeaders[responseHeader]);
1.135 + }
1.136 + }
1.137 +
1.138 + if (query.exposeHeaders)
1.139 + response.setHeader("Access-Control-Expose-Headers", query.exposeHeaders);
1.140 + }
1.141 +
1.142 + if (query.hop && query.hop < hops.length) {
1.143 + newURL = hops[query.hop].server +
1.144 + "/tests/content/base/test/file_CrossSiteXHR_server.sjs?" +
1.145 + "hop=" + (query.hop + 1) + "&hops=" + query.hops;
1.146 + response.setStatusLine(null, 307, "redirect");
1.147 + response.setHeader("Location", newURL);
1.148 +
1.149 + return;
1.150 + }
1.151 +
1.152 + // Send response body
1.153 + if (!isPreflight && request.method != "HEAD") {
1.154 + response.setHeader("Content-Type", "application/xml", false);
1.155 + response.write("<res>hello pass</res>\n");
1.156 + }
1.157 + if (isPreflight && "preflightBody" in query) {
1.158 + response.setHeader("Content-Type", "text/plain", false);
1.159 + response.write(query.preflightBody);
1.160 + }
1.161 +}
1.162 +
1.163 +function sendHttp500(response, text) {
1.164 + response.setStatusLine(null, 500, text);
1.165 +}
