From 6bf0a5cb5034a7e684dcc3500e841785237ce2dd Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Sun, 7 Apr 2024 19:32:43 +0200
Subject: Adding upstream version 1:115.7.0.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 browser/base/content/test/about/csp_iframe.sjs | 33 ++++++++++++++++++++++++++
 1 file changed, 33 insertions(+)
 create mode 100644 browser/base/content/test/about/csp_iframe.sjs

(limited to 'browser/base/content/test/about/csp_iframe.sjs')

diff --git a/browser/base/content/test/about/csp_iframe.sjs b/browser/base/content/test/about/csp_iframe.sjs
new file mode 100644
index 0000000000..f53ed8498f
--- /dev/null
+++ b/browser/base/content/test/about/csp_iframe.sjs
@@ -0,0 +1,33 @@
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/ */
+
+function handleRequest(request, response) {
+  // let's enjoy the amazing CSP setting
+  response.setHeader(
+    "Content-Security-Policy",
+    "frame-ancestors 'self'",
+    false
+  );
+
+  // let's avoid caching issues
+  response.setHeader("Pragma", "no-cache");
+  response.setHeader("Cache-Control", "no-cache", false);
+
+  // everything is fine - no needs to worry :)
+  response.setStatusLine(request.httpVersion, 200);
+  response.setHeader("Content-Type", "text/html", false);
+  let txt = "<html><body><h1>CSP Page opened in new window!</h1></body></html>";
+  response.write(txt);
+
+  let cookie = request.hasHeader("Cookie")
+    ? request.getHeader("Cookie")
+    : "<html><body>" +
+      "<h2 id='strictCookie'>No same site strict cookie header</h2>" +
+      "</body></html>";
+  response.write(cookie);
+
+  if (!request.hasHeader("Cookie")) {
+    let strictCookie = `matchaCookie=green; Domain=.example.org; SameSite=Strict`;
+    response.setHeader("Set-Cookie", strictCookie);
+  }
+}
-- 
cgit v1.2.3