summaryrefslogtreecommitdiffstats
path: root/testing/web-platform/tests/xhr/resources/access-control-preflight-request-must-not-contain-cookie.py
diff options
context:
space:
mode:
Diffstat (limited to 'testing/web-platform/tests/xhr/resources/access-control-preflight-request-must-not-contain-cookie.py')
-rw-r--r--testing/web-platform/tests/xhr/resources/access-control-preflight-request-must-not-contain-cookie.py12
1 files changed, 12 insertions, 0 deletions
diff --git a/testing/web-platform/tests/xhr/resources/access-control-preflight-request-must-not-contain-cookie.py b/testing/web-platform/tests/xhr/resources/access-control-preflight-request-must-not-contain-cookie.py
new file mode 100644
index 0000000000..89a0451dd4
--- /dev/null
+++ b/testing/web-platform/tests/xhr/resources/access-control-preflight-request-must-not-contain-cookie.py
@@ -0,0 +1,12 @@
+def main(request, response):
+ if request.method == u"OPTIONS" and request.cookies.get(b"foo"):
+ response.status = 400
+ else:
+ response.headers.set(b"Cache-Control", b"no-store")
+ response.headers.set(b"Access-Control-Allow-Origin", request.headers.get(b"origin"))
+ response.headers.set(b"Access-Control-Allow-Credentials", b"true")
+ response.headers.set(b"Access-Control-Allow-Headers", b"X-Proprietary-Header")
+ response.headers.set(b"Connection", b"close")
+
+ if request.cookies.get(b"foo"):
+ response.content = request.cookies[b"foo"].value