diff options
Diffstat (limited to 'testing/web-platform/tests/xhr/resources/access-control-preflight-request-must-not-contain-cookie.py')
| -rw-r--r-- | testing/web-platform/tests/xhr/resources/access-control-preflight-request-must-not-contain-cookie.py | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/testing/web-platform/tests/xhr/resources/access-control-preflight-request-must-not-contain-cookie.py b/testing/web-platform/tests/xhr/resources/access-control-preflight-request-must-not-contain-cookie.py new file mode 100644 index 0000000000..89a0451dd4 --- /dev/null +++ b/testing/web-platform/tests/xhr/resources/access-control-preflight-request-must-not-contain-cookie.py @@ -0,0 +1,12 @@ +def main(request, response): + if request.method == u"OPTIONS" and request.cookies.get(b"foo"): + response.status = 400 + else: + response.headers.set(b"Cache-Control", b"no-store") + response.headers.set(b"Access-Control-Allow-Origin", request.headers.get(b"origin")) + response.headers.set(b"Access-Control-Allow-Credentials", b"true") + response.headers.set(b"Access-Control-Allow-Headers", b"X-Proprietary-Header") + response.headers.set(b"Connection", b"close") + + if request.cookies.get(b"foo"): + response.content = request.cookies[b"foo"].value |