summaryrefslogtreecommitdiffstats
path: root/dom/security/test/cors/file_CrossSiteXHR_cache_server.sjs
diff options
context:
space:
mode:
Diffstat (limited to 'dom/security/test/cors/file_CrossSiteXHR_cache_server.sjs')
-rw-r--r--dom/security/test/cors/file_CrossSiteXHR_cache_server.sjs59
1 files changed, 59 insertions, 0 deletions
diff --git a/dom/security/test/cors/file_CrossSiteXHR_cache_server.sjs b/dom/security/test/cors/file_CrossSiteXHR_cache_server.sjs
new file mode 100644
index 0000000000..c8e3243101
--- /dev/null
+++ b/dom/security/test/cors/file_CrossSiteXHR_cache_server.sjs
@@ -0,0 +1,59 @@
+function handleRequest(request, response) {
+ var query = {};
+ request.queryString.split("&").forEach(function (val) {
+ var [name, value] = val.split("=");
+ query[name] = unescape(value);
+ });
+
+ if ("setState" in query) {
+ setState(
+ "test/dom/security/test_CrossSiteXHR_cache:secData",
+ query.setState
+ );
+
+ response.setHeader("Cache-Control", "no-cache", false);
+ response.setHeader("Content-Type", "text/plain", false);
+ response.write("hi");
+
+ return;
+ }
+
+ var isPreflight = request.method == "OPTIONS";
+
+ // Send response
+
+ secData = JSON.parse(
+ getState("test/dom/security/test_CrossSiteXHR_cache:secData")
+ );
+
+ if (secData.allowOrigin) {
+ response.setHeader("Access-Control-Allow-Origin", secData.allowOrigin);
+ }
+
+ if (secData.withCred) {
+ response.setHeader("Access-Control-Allow-Credentials", "true");
+ }
+
+ if (isPreflight) {
+ if (secData.allowHeaders) {
+ response.setHeader("Access-Control-Allow-Headers", secData.allowHeaders);
+ }
+
+ if (secData.allowMethods) {
+ response.setHeader("Access-Control-Allow-Methods", secData.allowMethods);
+ }
+
+ if (secData.cacheTime) {
+ response.setHeader(
+ "Access-Control-Max-Age",
+ secData.cacheTime.toString()
+ );
+ }
+
+ return;
+ }
+
+ response.setHeader("Cache-Control", "no-cache", false);
+ response.setHeader("Content-Type", "application/xml", false);
+ response.write("<res>hello pass</res>\n");
+}