content/base/test/file_CrossSiteXHR_server.sjs@deefc01c0e14
content/base/test/file_CrossSiteXHR_server.sjs
Thu, 15 Jan 2015 21:03:48 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Thu, 15 Jan 2015 21:03:48 +0100
- branch
- TOR_BUG_9701
- changeset 11
- deefc01c0e14
- permissions
- -rw-r--r--
Integrate friendly tips from Tor colleagues to make (or not) 4.5 alpha 3;
This includes removal of overloaded (but unused) methods, and addition of
a overlooked call to DataStruct::SetData(nsISupports, uint32_t, bool.)
1 const CC = Components.Constructor;
2 const BinaryInputStream = CC("@mozilla.org/binaryinputstream;1",
3 "nsIBinaryInputStream",
4 "setInputStream");
6 function handleRequest(request, response)
7 {
8 var query = {};
9 request.queryString.split('&').forEach(function (val) {
10 var [name, value] = val.split('=');
11 query[name] = unescape(value);
12 });
14 var isPreflight = request.method == "OPTIONS";
16 var bodyStream = new BinaryInputStream(request.bodyInputStream);
17 var bodyBytes = [];
18 while ((bodyAvail = bodyStream.available()) > 0)
19 Array.prototype.push.apply(bodyBytes, bodyStream.readByteArray(bodyAvail));
21 var body = decodeURIComponent(
22 escape(String.fromCharCode.apply(null, bodyBytes)));
24 // Check that request was correct
26 if (!isPreflight && query.body && body != query.body) {
27 sendHttp500(response, "Wrong body. Expected " + query.body + " got " +
28 body);
29 return;
30 }
32 if (!isPreflight && "headers" in query) {
33 headers = eval(query.headers);
34 for(headerName in headers) {
35 // Content-Type is changed if there was a body
36 if (!(headerName == "Content-Type" && body) &&
37 request.getHeader(headerName) != headers[headerName]) {
38 sendHttp500(response,
39 "Header " + headerName + " had wrong value. Expected " +
40 headers[headerName] + " got " + request.getHeader(headerName));
41 return;
42 }
43 }
44 }
46 if (isPreflight && "requestHeaders" in query &&
47 request.getHeader("Access-Control-Request-Headers") != query.requestHeaders) {
48 sendHttp500(response,
49 "Access-Control-Request-Headers had wrong value. Expected " +
50 query.requestHeaders + " got " +
51 request.getHeader("Access-Control-Request-Headers"));
52 return;
53 }
55 if (isPreflight && "requestMethod" in query &&
56 request.getHeader("Access-Control-Request-Method") != query.requestMethod) {
57 sendHttp500(response,
58 "Access-Control-Request-Method had wrong value. Expected " +
59 query.requestMethod + " got " +
60 request.getHeader("Access-Control-Request-Method"));
61 return;
62 }
64 if ("origin" in query && request.getHeader("Origin") != query.origin) {
65 sendHttp500(response,
66 "Origin had wrong value. Expected " + query.origin + " got " +
67 request.getHeader("Origin"));
68 return;
69 }
71 if ("cookie" in query) {
72 cookies = {};
73 request.getHeader("Cookie").split(/ *; */).forEach(function (val) {
74 var [name, value] = val.split('=');
75 cookies[name] = unescape(value);
76 });
78 query.cookie.split(",").forEach(function (val) {
79 var [name, value] = val.split('=');
80 if (cookies[name] != value) {
81 sendHttp500(response,
82 "Cookie " + name + " had wrong value. Expected " + value +
83 " got " + cookies[name]);
84 return;
85 }
86 });
87 }
89 if ("noCookie" in query && request.hasHeader("Cookie")) {
90 sendHttp500(response,
91 "Got cookies when didn't expect to: " + request.getHeader("Cookie"));
92 return;
93 }
95 // Send response
97 if (query.hop) {
98 query.hop = parseInt(query.hop, 10);
99 hops = eval(query.hops);
100 query.allowOrigin = hops[query.hop-1].allowOrigin;
101 query.allowHeaders = hops[query.hop-1].allowHeaders;
102 }
104 if (!isPreflight && query.status) {
105 response.setStatusLine(null, query.status, query.statusMessage);
106 }
107 if (isPreflight && query.preflightStatus) {
108 response.setStatusLine(null, query.preflightStatus, "preflight status");
109 }
111 if (query.allowOrigin && (!isPreflight || !query.noAllowPreflight))
112 response.setHeader("Access-Control-Allow-Origin", query.allowOrigin);
114 if (query.allowCred)
115 response.setHeader("Access-Control-Allow-Credentials", "true");
117 if (query.setCookie)
118 response.setHeader("Set-Cookie", query.setCookie + "; path=/");
120 if (isPreflight) {
121 if (query.allowHeaders)
122 response.setHeader("Access-Control-Allow-Headers", query.allowHeaders);
124 if (query.allowMethods)
125 response.setHeader("Access-Control-Allow-Methods", query.allowMethods);
126 }
127 else {
128 if (query.responseHeaders) {
129 let responseHeaders = eval(query.responseHeaders);
130 for (let responseHeader in responseHeaders) {
131 response.setHeader(responseHeader, responseHeaders[responseHeader]);
132 }
133 }
135 if (query.exposeHeaders)
136 response.setHeader("Access-Control-Expose-Headers", query.exposeHeaders);
137 }
139 if (query.hop && query.hop < hops.length) {
140 newURL = hops[query.hop].server +
141 "/tests/content/base/test/file_CrossSiteXHR_server.sjs?" +
142 "hop=" + (query.hop + 1) + "&hops=" + query.hops;
143 response.setStatusLine(null, 307, "redirect");
144 response.setHeader("Location", newURL);
146 return;
147 }
149 // Send response body
150 if (!isPreflight && request.method != "HEAD") {
151 response.setHeader("Content-Type", "application/xml", false);
152 response.write("<res>hello pass</res>\n");
153 }
154 if (isPreflight && "preflightBody" in query) {
155 response.setHeader("Content-Type", "text/plain", false);
156 response.write(query.preflightBody);
157 }
158 }
160 function sendHttp500(response, text) {
161 response.setStatusLine(null, 500, text);
162 }
