2 files changed, 30 insertions, 0 deletions

diff --git a/testing/web-platform/tests/xhr/resources/auth2/auth.py b/testing/web-platform/tests/xhr/resources/auth2/auth.py
new file mode 100644
index 0000000000..db4f7bc4c9
--- /dev/null
+++ b/testing/web-platform/tests/xhr/resources/auth2/auth.py
@@ -0,0 +1,12 @@
+import imp
+import os
+
+from wptserve.utils import isomorphic_decode
+
+here = os.path.dirname(os.path.abspath(isomorphic_decode(__file__)))
+
+def main(request, response):
+    auth = imp.load_source(u"", os.path.join(here,
+                                             u"..",
+                                             u"authentication.py"))
+    return auth.main(request, response)
diff --git a/testing/web-platform/tests/xhr/resources/auth2/corsenabled.py b/testing/web-platform/tests/xhr/resources/auth2/corsenabled.py
new file mode 100644
index 0000000000..bec6687dbe
--- /dev/null
+++ b/testing/web-platform/tests/xhr/resources/auth2/corsenabled.py
@@ -0,0 +1,18 @@
+import imp
+import os
+
+from wptserve.utils import isomorphic_decode
+
+here = os.path.dirname(isomorphic_decode(__file__))
+
+def main(request, response):
+    response.headers.set(b'Access-Control-Allow-Origin', request.headers.get(b"origin"))
+    response.headers.set(b'Access-Control-Allow-Credentials', b'true')
+    response.headers.set(b'Access-Control-Allow-Methods', b'GET')
+    response.headers.set(b'Access-Control-Allow-Headers', b'authorization, x-user, x-pass')
+    response.headers.set(b'Access-Control-Expose-Headers', b'x-challenge, xhr-user, ses-user')
+    auth = imp.load_source(u"", os.path.abspath(os.path.join(here, os.pardir, u"authentication.py")))
+    if request.method == u"OPTIONS":
+        return b""
+    else:
+        return auth.main(request, response)