testing/web-platform/tests/fledge/tentative/resources/fledge_http_server_util.py


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67

"""Utility functions shared across multiple endpoints."""


def headers_to_ascii(headers):
  """Converts a header map with binary values to one with ASCII values.

  Takes a map of header names to list of values that are all binary strings
  and returns an otherwise identical map where keys and values have both been
  converted to ASCII strings.

  Args:
    headers: header map from binary key to binary value

  Returns header map from ASCII string key to ASCII string value
  """
  header_map = {}
  for pair in headers.items():
      values = []
      for value in pair[1]:
          values.append(value.decode("ASCII"))
      header_map[pair[0].decode("ASCII")] = values
  return header_map


def handle_cors_headers_and_preflight(request, response):
  """Applies CORS logic common to many entrypoints.

  Args:
    request: the wptserve Request that was passed to main
    response: the wptserve Response that was passed to main

  Returns True if the request is a CORS preflight, which is entirely handled by
  this function, so that the calling function should immediately return.
  """
  # Append CORS headers if needed
  if b"origin" in request.headers:
    response.headers.set(b"Access-Control-Allow-Origin",
                        request.headers.get(b"origin"))

  if b"credentials" in request.headers:
    response.headers.set(b"Access-Control-Allow-Credentials",
                        request.headers.get(b"credentials"))

  # Handle CORS preflight requests.
  if not request.method == u"OPTIONS":
    return False

  if not b"Access-Control-Request-Method" in request.headers:
    response.status = (400, b"Bad Request")
    response.headers.set(b"Content-Type", b"text/plain")
    response.content = "Failed to get access-control-request-method in preflight!"
    return True

  if not b"Access-Control-Request-Headers" in request.headers:
    response.status = (400, b"Bad Request")
    response.headers.set(b"Content-Type", b"text/plain")
    response.content = "Failed to get access-control-request-headers in preflight!"
    return True

  response.headers.set(b"Access-Control-Allow-Methods",
                        request.headers[b"Access-Control-Request-Method"])

  response.headers.set(b"Access-Control-Allow-Headers",
                        request.headers[b"Access-Control-Request-Headers"])

  response.status = (204, b"No Content")
  return True