From 26a029d407be480d791972afb5975cf62c9360a6 Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Fri, 19 Apr 2024 02:47:55 +0200
Subject: Adding upstream version 124.0.1.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 .../test/https-only/file_redirect_to_insecure.sjs        | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)
 create mode 100644 dom/security/test/https-only/file_redirect_to_insecure.sjs

(limited to 'dom/security/test/https-only/file_redirect_to_insecure.sjs')

diff --git a/dom/security/test/https-only/file_redirect_to_insecure.sjs b/dom/security/test/https-only/file_redirect_to_insecure.sjs
new file mode 100644
index 0000000000..ea88223926
--- /dev/null
+++ b/dom/security/test/https-only/file_redirect_to_insecure.sjs
@@ -0,0 +1,16 @@
+// Redirect back to http if visited via https. This way we can simulate
+// a site which can not be upgraded by HTTPS-Only.
+
+function handleRequest(request, response) {
+  response.setHeader("Cache-Control", "no-cache", false);
+  if (request.scheme === "https") {
+    response.setStatusLine(request.httpVersion, "302", "Found");
+    response.setHeader(
+      "Location",
+      // We explicitly want a insecure URL here, so disable eslint
+      // eslint-disable-next-line @microsoft/sdl/no-insecure-url
+      `http://${request.host}${request.path}`,
+      false
+    );
+  }
+}
-- 
cgit v1.2.3