The Tor Browser / file revision

content/base/test/file_x-frame-options_page.sjs@6474c204b198

content/base/test/file_x-frame-options_page.sjs

Wed, 31 Dec 2014 06:09:35 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Wed, 31 Dec 2014 06:09:35 +0100
changeset 0
6474c204b198
permissions
-rw-r--r--

Cloned upstream origin tor-browser at tor-browser-31.3.0esr-4.5-1-build1
revision ID fc1c9ff7c1b2defdbc039f12214767608f46423f for hacking purpose.

     1 // SJS file for X-Frame-Options mochitests

     2 function handleRequest(request, response)

     3 {

     4   var query = {};

     5   var BOUNDARY = "BOUNDARYOMG3984";

     6   request.queryString.split('&').forEach(function (val) {

     7     var [name, value] = val.split('=');

     8     query[name] = unescape(value);

     9   });

    10 

    11   if (query['multipart'] == "1") {

    12     response.setHeader("Content-Type", "multipart/x-mixed-replace;boundary=" + BOUNDARY, false);

    13     response.setHeader("Cache-Control", "no-cache", false);

    14     response.setStatusLine(request.httpVersion, 200, "OK");

    15     response.write("--" + BOUNDARY + "\r\n");

    16     response.write("Content-Type: text/html\r\n\r\n");

    17   } else {

    18     response.setHeader("Content-Type", "text/html", false);

    19     response.setHeader("Cache-Control", "no-cache", false);

    20   }

    21 

    22   var testHeaders = {

    23     "deny": "DENY",

    24     "sameorigin": "SAMEORIGIN",

    25     "sameorigin2": "SAMEORIGIN, SAMEORIGIN",

    26     "sameorigin3": "SAMEORIGIN,SAMEORIGIN , SAMEORIGIN",

    27     "mixedpolicy": "DENY,SAMEORIGIN",

    28 

    29     /* added for bug 836132 */

    30     "afa": "ALLOW-FROM http://mochi.test:8888/",

    31     "afd": "ALLOW-FROM http://example.com/",

    32     "afa1": "ALLOW-FROM http://mochi.test:8888",

    33     "afd1": "ALLOW-FROM:example.com",

    34     "afd2": "ALLOW-FROM: example.com",

    35     "afd3": "ALLOW-FROM example.com",

    36     "afd4": "ALLOW-FROM:http://example.com",

    37     "afd5": "ALLOW-FROM: http://example.com",

    38     "afd6": "ALLOW-FROM http://example.com",

    39     "afd7": "ALLOW-FROM:mochi.test:8888",

    40     "afd8": "ALLOW-FROM: mochi.test:8888",

    41     "afd9": "ALLOW-FROM:http://mochi.test:8888",

    42     "afd10": "ALLOW-FROM: http://mochi.test:8888",

    43     "afd11": "ALLOW-FROM mochi.test:8888",

    44     "afd12": "ALLOW-FROM",

    45     "afd13": "ALLOW-FROM ",

    46     "afd14": "ALLOW-FROM:"

    47   };

    48 

    49   if (testHeaders.hasOwnProperty(query['xfo'])) {

    50     response.setHeader("X-Frame-Options", testHeaders[query['xfo']], false);

    51   }

    52 

    53   // from the test harness we'll be checking for the presence of this element

    54   // to test if the page loaded

    55   response.write("<h1 id=\"test\">" + query["testid"] + "</h1>");

    56 

    57   if (query['multipart'] == "1") {

    58     response.write("\r\n--" + BOUNDARY + "\r\n");

    59   }

    60 }

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial