summaryrefslogtreecommitdiffstats
path: root/dom/base/test/file_x-frame-options_page.sjs
diff options
context:
space:
mode:
Diffstat (limited to 'dom/base/test/file_x-frame-options_page.sjs')
-rw-r--r--dom/base/test/file_x-frame-options_page.sjs67
1 files changed, 67 insertions, 0 deletions
diff --git a/dom/base/test/file_x-frame-options_page.sjs b/dom/base/test/file_x-frame-options_page.sjs
new file mode 100644
index 0000000000..13c9aa7cac
--- /dev/null
+++ b/dom/base/test/file_x-frame-options_page.sjs
@@ -0,0 +1,67 @@
+// SJS file for X-Frame-Options mochitests
+function handleRequest(request, response) {
+ var query = {};
+ var BOUNDARY = "BOUNDARYOMG3984";
+ request.queryString.split("&").forEach(function (val) {
+ var [name, value] = val.split("=");
+ query[name] = unescape(value);
+ });
+
+ if (query.multipart == "1") {
+ response.setHeader(
+ "Content-Type",
+ "multipart/x-mixed-replace;boundary=" + BOUNDARY,
+ false
+ );
+ response.setHeader("Cache-Control", "no-cache", false);
+ response.setStatusLine(request.httpVersion, 200, "OK");
+ response.write("--" + BOUNDARY + "\r\n");
+ response.write("Content-Type: text/html\r\n\r\n");
+ } else {
+ response.setHeader("Content-Type", "text/html", false);
+ response.setHeader("Cache-Control", "no-cache", false);
+ }
+
+ var testHeaders = {
+ deny: "DENY",
+ sameorigin: "SAMEORIGIN",
+ sameorigin2: "SAMEORIGIN, SAMEORIGIN",
+ sameorigin3: "SAMEORIGIN,SAMEORIGIN , SAMEORIGIN",
+ mixedpolicy: "DENY,SAMEORIGIN",
+
+ /* added for bug 836132 */
+ afa: "ALLOW-FROM http://mochi.test:8888/",
+ afd: "ALLOW-FROM http://example.com/",
+ afa1: "ALLOW-FROM http://mochi.test:8888",
+ afd1: "ALLOW-FROM:example.com",
+ afd2: "ALLOW-FROM: example.com",
+ afd3: "ALLOW-FROM example.com",
+ afd4: "ALLOW-FROM:http://example.com",
+ afd5: "ALLOW-FROM: http://example.com",
+ afd6: "ALLOW-FROM http://example.com",
+ afd7: "ALLOW-FROM:mochi.test:8888",
+ afd8: "ALLOW-FROM: mochi.test:8888",
+ afd9: "ALLOW-FROM:http://mochi.test:8888",
+ afd10: "ALLOW-FROM: http://mochi.test:8888",
+ afd11: "ALLOW-FROM mochi.test:8888",
+ afd12: "ALLOW-FROM",
+ afd13: "ALLOW-FROM ",
+ afd14: "ALLOW-FROM:",
+ };
+
+ if (testHeaders.hasOwnProperty(query.xfo)) {
+ response.setHeader("X-Frame-Options", testHeaders[query.xfo], false);
+ }
+
+ // from the test harness we'll be checking for the presence of this element
+ // to test if the page loaded
+ response.write('<h1 id="test">' + query.testid + "</h1>");
+
+ if (query.testid == "postmessage") {
+ response.write("<script>parent.opener.postMessage('ok', '*');</script>");
+ }
+
+ if (query.multipart == "1") {
+ response.write("\r\n--" + BOUNDARY + "\r\n");
+ }
+}