summaryrefslogtreecommitdiffstats
path: root/dom/security/test/https-only/hsts_headers.sjs
blob: 72e82caaf34667e7b8a43b00900c18615a1756af (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24

/* Any copyright is dedicated to the Public Domain.
 * http://creativecommons.org/publicdomain/zero/1.0/ */

function handleRequest(request, response) {
  if (request.queryString === "reset") {
    // Reset the HSTS policy, prevent influencing other tests
    response.setStatusLine(request.httpVersion, 200, "OK");
    response.setHeader("Strict-Transport-Security", "max-age=0");
    response.write("Resetting HSTS");
    return;
  }
  let hstsHeader = "max-age=60";
  response.setHeader("Strict-Transport-Security", hstsHeader);
  response.setHeader("Cache-Control", "no-cache", false);
  response.setHeader("Content-Type", "text/html", false);
  // Set header for csp upgrade
  response.setHeader(
    "Content-Security-Policy",
    "upgrade-insecure-requests",
    false
  );
  response.setStatusLine(request.httpVersion, 200);
  response.write("<!DOCTYPE html><html><body><h1>Ok!</h1></body></html>");
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-21 23:02:33 +0000