1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/security/manager/ssl/tests/mochitest/stricttransportsecurity/verify.sjs Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,47 @@
1.4 +/* This Source Code Form is subject to the terms of the Mozilla Public
1.5 + * License, v. 2.0. If a copy of the MPL was not distributed with this
1.6 + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
1.7 +
1.8 +// SJS file that serves un-cacheable responses for STS tests that postMessage
1.9 +// to the parent saying whether or not they were loaded securely.
1.10 +
1.11 +function handleRequest(request, response)
1.12 +{
1.13 + var query = {};
1.14 + request.queryString.split('&').forEach(function (val) {
1.15 + var [name, value] = val.split('=');
1.16 + query[name] = unescape(value);
1.17 + });
1.18 +
1.19 + response.setHeader("Cache-Control", "no-cache", false);
1.20 + response.setHeader("Content-Type", "text/html", false);
1.21 +
1.22 + if ('id' in query) {
1.23 + var outstr = [
1.24 + " <!DOCTYPE html>",
1.25 + " <html> <head> <title>subframe for STS</title>",
1.26 + " <script type='text/javascript'>",
1.27 + " var self = window;",
1.28 + " window.addEventListener('load', function() {",
1.29 + " if (document.location.protocol === 'https:') {",
1.30 + " self.parent.postMessage('SECURE " + query['id'] + "',",
1.31 + " 'http://mochi.test:8888');",
1.32 + " } else {",
1.33 + " self.parent.postMessage('INSECURE " + query['id'] + "',",
1.34 + " 'http://mochi.test:8888');",
1.35 + " }",
1.36 + " }, false);",
1.37 + " </script>",
1.38 + " </head>",
1.39 + " <body>",
1.40 + " STS state verification frame loaded via",
1.41 + " <script>",
1.42 + " document.write(document.location.protocol);",
1.43 + " </script>",
1.44 + " </body>",
1.45 + " </html>"].join("\n");
1.46 + response.write(outstr);
1.47 + } else {
1.48 + response.write("ERROR: no id provided");
1.49 + }
1.50 +}
