From 6bf0a5cb5034a7e684dcc3500e841785237ce2dd Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 7 Apr 2024 19:32:43 +0200 Subject: Adding upstream version 1:115.7.0. Signed-off-by: Daniel Baumann --- browser/base/content/test/about/xfo_iframe.sjs | 34 ++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 browser/base/content/test/about/xfo_iframe.sjs (limited to 'browser/base/content/test/about/xfo_iframe.sjs') diff --git a/browser/base/content/test/about/xfo_iframe.sjs b/browser/base/content/test/about/xfo_iframe.sjs new file mode 100644 index 0000000000..e8a6352ce0 --- /dev/null +++ b/browser/base/content/test/about/xfo_iframe.sjs @@ -0,0 +1,34 @@ +/* Any copyright is dedicated to the Public Domain. + * http://creativecommons.org/publicdomain/zero/1.0/ */ + +function handleRequest(request, response) { + // let's enjoy the amazing XFO setting + response.setHeader("X-Frame-Options", "SAMEORIGIN"); + + // let's avoid caching issues + response.setHeader("Pragma", "no-cache"); + response.setHeader("Cache-Control", "no-cache", false); + + // everything is fine - no needs to worry :) + response.setStatusLine(request.httpVersion, 200); + + response.setHeader("Content-Type", "text/html", false); + let txt = + "XFO page" + + "

" + + "XFO blocked page opened in new window!" + + "

"; + response.write(txt); + + let cookie = request.hasHeader("Cookie") + ? request.getHeader("Cookie") + : "" + + "

No same site strict cookie header

" + + ""; + response.write(cookie); + + if (!request.hasHeader("Cookie")) { + let strictCookie = `matchaCookie=creamy; Domain=.example.org; SameSite=Strict`; + response.setHeader("Set-Cookie", strictCookie); + } +} -- cgit v1.2.3