summaryrefslogtreecommitdiffstats
path: root/dom/base/test/file_x-frame-options_page.sjs
diff options
context:
space:
mode:
Diffstat (limited to 'dom/base/test/file_x-frame-options_page.sjs')
-rw-r--r--dom/base/test/file_x-frame-options_page.sjs64
1 files changed, 64 insertions, 0 deletions
diff --git a/dom/base/test/file_x-frame-options_page.sjs b/dom/base/test/file_x-frame-options_page.sjs
new file mode 100644
index 0000000000..af1a81329c
--- /dev/null
+++ b/dom/base/test/file_x-frame-options_page.sjs
@@ -0,0 +1,64 @@
+// SJS file for X-Frame-Options mochitests
+function handleRequest(request, response)
+{
+ var query = {};
+ var BOUNDARY = "BOUNDARYOMG3984";
+ request.queryString.split('&').forEach(function (val) {
+ var [name, value] = val.split('=');
+ query[name] = unescape(value);
+ });
+
+ if (query['multipart'] == "1") {
+ response.setHeader("Content-Type", "multipart/x-mixed-replace;boundary=" + BOUNDARY, false);
+ response.setHeader("Cache-Control", "no-cache", false);
+ response.setStatusLine(request.httpVersion, 200, "OK");
+ response.write("--" + BOUNDARY + "\r\n");
+ response.write("Content-Type: text/html\r\n\r\n");
+ } else {
+ response.setHeader("Content-Type", "text/html", false);
+ response.setHeader("Cache-Control", "no-cache", false);
+ }
+
+ var testHeaders = {
+ "deny": "DENY",
+ "sameorigin": "SAMEORIGIN",
+ "sameorigin2": "SAMEORIGIN, SAMEORIGIN",
+ "sameorigin3": "SAMEORIGIN,SAMEORIGIN , SAMEORIGIN",
+ "mixedpolicy": "DENY,SAMEORIGIN",
+
+ /* added for bug 836132 */
+ "afa": "ALLOW-FROM http://mochi.test:8888/",
+ "afd": "ALLOW-FROM http://example.com/",
+ "afa1": "ALLOW-FROM http://mochi.test:8888",
+ "afd1": "ALLOW-FROM:example.com",
+ "afd2": "ALLOW-FROM: example.com",
+ "afd3": "ALLOW-FROM example.com",
+ "afd4": "ALLOW-FROM:http://example.com",
+ "afd5": "ALLOW-FROM: http://example.com",
+ "afd6": "ALLOW-FROM http://example.com",
+ "afd7": "ALLOW-FROM:mochi.test:8888",
+ "afd8": "ALLOW-FROM: mochi.test:8888",
+ "afd9": "ALLOW-FROM:http://mochi.test:8888",
+ "afd10": "ALLOW-FROM: http://mochi.test:8888",
+ "afd11": "ALLOW-FROM mochi.test:8888",
+ "afd12": "ALLOW-FROM",
+ "afd13": "ALLOW-FROM ",
+ "afd14": "ALLOW-FROM:"
+ };
+
+ if (testHeaders.hasOwnProperty(query['xfo'])) {
+ response.setHeader("X-Frame-Options", testHeaders[query['xfo']], false);
+ }
+
+ // from the test harness we'll be checking for the presence of this element
+ // to test if the page loaded
+ response.write("<h1 id=\"test\">" + query["testid"] + "</h1>");
+
+ if (query['testid'] == "postmessage") {
+ response.write("<script>parent.opener.postMessage('ok', '*');</script>");
+ }
+
+ if (query['multipart'] == "1") {
+ response.write("\r\n--" + BOUNDARY + "\r\n");
+ }
+}