content/base/test/file_XHR_anon.sjs@97036ab72558
content/base/test/file_XHR_anon.sjs
Tue, 06 Jan 2015 21:39:09 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Tue, 06 Jan 2015 21:39:09 +0100
- branch
- TOR_BUG_9701
- changeset 8
- 97036ab72558
- permissions
- -rw-r--r--
Conditionally force memory storage according to privacy.thirdparty.isolate;
This solves Tor bug #9701, complying with disk avoidance documented in
https://www.torproject.org/projects/torbrowser/design/#disk-avoidance.
1 function handleRequest(request, response) {
2 let invalidHeaders = ["Cookie"];
3 let headers = {};
5 if (request.queryString == "expectAuth=true") {
6 if (request.hasHeader("Authorization")) {
7 headers["authorization"] = request.getHeader("Authorization");
8 } else {
9 response.setStatusLine(null, 401, "Authentication required");
10 response.setHeader("WWW-Authenticate", "basic realm=\"testrealm\"", true);
11 }
12 } else {
13 invalidHeaders.push("Authorization");
14 }
16 for each (let header in invalidHeaders) {
17 if (request.hasHeader(header)) {
18 response.setStatusLine(null, 500, "Server Error");
19 headers[header.toLowerCase()] = request.getHeader(header);
20 }
21 }
23 response.write(JSON.stringify(headers));
24 }
