michael@0: const CC = Components.Constructor; michael@0: const BinaryInputStream = CC("@mozilla.org/binaryinputstream;1", michael@0: "nsIBinaryInputStream", michael@0: "setInputStream"); michael@0: michael@0: function handleRequest(request, response) michael@0: { michael@0: var query = {}; michael@0: request.queryString.split('&').forEach(function (val) { michael@0: var [name, value] = val.split('='); michael@0: query[name] = unescape(value); michael@0: }); michael@0: michael@0: var isPreflight = request.method == "OPTIONS"; michael@0: michael@0: var bodyStream = new BinaryInputStream(request.bodyInputStream); michael@0: var bodyBytes = []; michael@0: while ((bodyAvail = bodyStream.available()) > 0) michael@0: Array.prototype.push.apply(bodyBytes, bodyStream.readByteArray(bodyAvail)); michael@0: michael@0: var body = decodeURIComponent( michael@0: escape(String.fromCharCode.apply(null, bodyBytes))); michael@0: michael@0: // Check that request was correct michael@0: michael@0: if (!isPreflight && query.body && body != query.body) { michael@0: sendHttp500(response, "Wrong body. Expected " + query.body + " got " + michael@0: body); michael@0: return; michael@0: } michael@0: michael@0: if (!isPreflight && "headers" in query) { michael@0: headers = eval(query.headers); michael@0: for(headerName in headers) { michael@0: // Content-Type is changed if there was a body michael@0: if (!(headerName == "Content-Type" && body) && michael@0: request.getHeader(headerName) != headers[headerName]) { michael@0: sendHttp500(response, michael@0: "Header " + headerName + " had wrong value. Expected " + michael@0: headers[headerName] + " got " + request.getHeader(headerName)); michael@0: return; michael@0: } michael@0: } michael@0: } michael@0: michael@0: if (isPreflight && "requestHeaders" in query && michael@0: request.getHeader("Access-Control-Request-Headers") != query.requestHeaders) { michael@0: sendHttp500(response, michael@0: "Access-Control-Request-Headers had wrong value. Expected " + michael@0: query.requestHeaders + " got " + michael@0: request.getHeader("Access-Control-Request-Headers")); michael@0: return; michael@0: } michael@0: michael@0: if (isPreflight && "requestMethod" in query && michael@0: request.getHeader("Access-Control-Request-Method") != query.requestMethod) { michael@0: sendHttp500(response, michael@0: "Access-Control-Request-Method had wrong value. Expected " + michael@0: query.requestMethod + " got " + michael@0: request.getHeader("Access-Control-Request-Method")); michael@0: return; michael@0: } michael@0: michael@0: if ("origin" in query && request.getHeader("Origin") != query.origin) { michael@0: sendHttp500(response, michael@0: "Origin had wrong value. Expected " + query.origin + " got " + michael@0: request.getHeader("Origin")); michael@0: return; michael@0: } michael@0: michael@0: if ("cookie" in query) { michael@0: cookies = {}; michael@0: request.getHeader("Cookie").split(/ *; */).forEach(function (val) { michael@0: var [name, value] = val.split('='); michael@0: cookies[name] = unescape(value); michael@0: }); michael@0: michael@0: query.cookie.split(",").forEach(function (val) { michael@0: var [name, value] = val.split('='); michael@0: if (cookies[name] != value) { michael@0: sendHttp500(response, michael@0: "Cookie " + name + " had wrong value. Expected " + value + michael@0: " got " + cookies[name]); michael@0: return; michael@0: } michael@0: }); michael@0: } michael@0: michael@0: if ("noCookie" in query && request.hasHeader("Cookie")) { michael@0: sendHttp500(response, michael@0: "Got cookies when didn't expect to: " + request.getHeader("Cookie")); michael@0: return; michael@0: } michael@0: michael@0: // Send response michael@0: michael@0: if (query.hop) { michael@0: query.hop = parseInt(query.hop, 10); michael@0: hops = eval(query.hops); michael@0: query.allowOrigin = hops[query.hop-1].allowOrigin; michael@0: query.allowHeaders = hops[query.hop-1].allowHeaders; michael@0: } michael@0: michael@0: if (!isPreflight && query.status) { michael@0: response.setStatusLine(null, query.status, query.statusMessage); michael@0: } michael@0: if (isPreflight && query.preflightStatus) { michael@0: response.setStatusLine(null, query.preflightStatus, "preflight status"); michael@0: } michael@0: michael@0: if (query.allowOrigin && (!isPreflight || !query.noAllowPreflight)) michael@0: response.setHeader("Access-Control-Allow-Origin", query.allowOrigin); michael@0: michael@0: if (query.allowCred) michael@0: response.setHeader("Access-Control-Allow-Credentials", "true"); michael@0: michael@0: if (query.setCookie) michael@0: response.setHeader("Set-Cookie", query.setCookie + "; path=/"); michael@0: michael@0: if (isPreflight) { michael@0: if (query.allowHeaders) michael@0: response.setHeader("Access-Control-Allow-Headers", query.allowHeaders); michael@0: michael@0: if (query.allowMethods) michael@0: response.setHeader("Access-Control-Allow-Methods", query.allowMethods); michael@0: } michael@0: else { michael@0: if (query.responseHeaders) { michael@0: let responseHeaders = eval(query.responseHeaders); michael@0: for (let responseHeader in responseHeaders) { michael@0: response.setHeader(responseHeader, responseHeaders[responseHeader]); michael@0: } michael@0: } michael@0: michael@0: if (query.exposeHeaders) michael@0: response.setHeader("Access-Control-Expose-Headers", query.exposeHeaders); michael@0: } michael@0: michael@0: if (query.hop && query.hop < hops.length) { michael@0: newURL = hops[query.hop].server + michael@0: "/tests/content/base/test/file_CrossSiteXHR_server.sjs?" + michael@0: "hop=" + (query.hop + 1) + "&hops=" + query.hops; michael@0: response.setStatusLine(null, 307, "redirect"); michael@0: response.setHeader("Location", newURL); michael@0: michael@0: return; michael@0: } michael@0: michael@0: // Send response body michael@0: if (!isPreflight && request.method != "HEAD") { michael@0: response.setHeader("Content-Type", "application/xml", false); michael@0: response.write("hello pass\n"); michael@0: } michael@0: if (isPreflight && "preflightBody" in query) { michael@0: response.setHeader("Content-Type", "text/plain", false); michael@0: response.write(query.preflightBody); michael@0: } michael@0: } michael@0: michael@0: function sendHttp500(response, text) { michael@0: response.setStatusLine(null, 500, text); michael@0: }