// SJS file for X-Frame-Options mochitests
function handleRequest(request, response) {
var query = {};
var BOUNDARY = "BOUNDARYOMG3984";
request.queryString.split("&").forEach(function (val) {
var [name, value] = val.split("=");
query[name] = unescape(value);
});
if (query.multipart == "1") {
response.setHeader(
"Content-Type",
"multipart/x-mixed-replace;boundary=" + BOUNDARY,
false
);
response.setHeader("Cache-Control", "no-cache", false);
response.setStatusLine(request.httpVersion, 200, "OK");
response.write("--" + BOUNDARY + "\r\n");
response.write("Content-Type: text/html\r\n\r\n");
} else {
response.setHeader("Content-Type", "text/html", false);
response.setHeader("Cache-Control", "no-cache", false);
}
var testHeaders = {
deny: "DENY",
sameorigin: "SAMEORIGIN",
sameorigin2: "SAMEORIGIN, SAMEORIGIN",
sameorigin3: "SAMEORIGIN,SAMEORIGIN , SAMEORIGIN",
mixedpolicy: "DENY,SAMEORIGIN",
/* added for bug 836132 */
afa: "ALLOW-FROM http://mochi.test:8888/",
afd: "ALLOW-FROM http://example.com/",
afa1: "ALLOW-FROM http://mochi.test:8888",
afd1: "ALLOW-FROM:example.com",
afd2: "ALLOW-FROM: example.com",
afd3: "ALLOW-FROM example.com",
afd4: "ALLOW-FROM:http://example.com",
afd5: "ALLOW-FROM: http://example.com",
afd6: "ALLOW-FROM http://example.com",
afd7: "ALLOW-FROM:mochi.test:8888",
afd8: "ALLOW-FROM: mochi.test:8888",
afd9: "ALLOW-FROM:http://mochi.test:8888",
afd10: "ALLOW-FROM: http://mochi.test:8888",
afd11: "ALLOW-FROM mochi.test:8888",
afd12: "ALLOW-FROM",
afd13: "ALLOW-FROM ",
afd14: "ALLOW-FROM:",
};
if (testHeaders.hasOwnProperty(query.xfo)) {
response.setHeader("X-Frame-Options", testHeaders[query.xfo], false);
}
// from the test harness we'll be checking for the presence of this element
// to test if the page loaded
response.write('' + query.testid + "
");
if (query.testid == "postmessage") {
response.write("");
}
if (query.multipart == "1") {
response.write("\r\n--" + BOUNDARY + "\r\n");
}
}