diff options
Diffstat (limited to 'dom/security/test/https-only/file_redirect_to_insecure.sjs')
| -rw-r--r-- | dom/security/test/https-only/file_redirect_to_insecure.sjs | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/dom/security/test/https-only/file_redirect_to_insecure.sjs b/dom/security/test/https-only/file_redirect_to_insecure.sjs new file mode 100644 index 0000000000..ea88223926 --- /dev/null +++ b/dom/security/test/https-only/file_redirect_to_insecure.sjs @@ -0,0 +1,16 @@ +// Redirect back to http if visited via https. This way we can simulate +// a site which can not be upgraded by HTTPS-Only. + +function handleRequest(request, response) { + response.setHeader("Cache-Control", "no-cache", false); + if (request.scheme === "https") { + response.setStatusLine(request.httpVersion, "302", "Found"); + response.setHeader( + "Location", + // We explicitly want a insecure URL here, so disable eslint + // eslint-disable-next-line @microsoft/sdl/no-insecure-url + `http://${request.host}${request.path}`, + false + ); + } +} |