summaryrefslogtreecommitdiffstats
path: root/testing/web-platform/tests/cors/resources
diff options
context:
space:
mode:
Diffstat (limited to 'testing/web-platform/tests/cors/resources')
-rw-r--r--testing/web-platform/tests/cors/resources/.gitignore1
-rw-r--r--testing/web-platform/tests/cors/resources/checkandremove.py6
-rw-r--r--testing/web-platform/tests/cors/resources/cors-cookie.py21
-rw-r--r--testing/web-platform/tests/cors/resources/cors-headers.asis24
-rw-r--r--testing/web-platform/tests/cors/resources/cors-makeheader.py67
-rw-r--r--testing/web-platform/tests/cors/resources/preflight.py35
-rw-r--r--testing/web-platform/tests/cors/resources/remote-xhrer.html28
-rw-r--r--testing/web-platform/tests/cors/resources/status.py37
8 files changed, 219 insertions, 0 deletions
diff --git a/testing/web-platform/tests/cors/resources/.gitignore b/testing/web-platform/tests/cors/resources/.gitignore
new file mode 100644
index 000000000..7b987d036
--- /dev/null
+++ b/testing/web-platform/tests/cors/resources/.gitignore
@@ -0,0 +1 @@
+logs.txt
diff --git a/testing/web-platform/tests/cors/resources/checkandremove.py b/testing/web-platform/tests/cors/resources/checkandremove.py
new file mode 100644
index 000000000..f713d990a
--- /dev/null
+++ b/testing/web-platform/tests/cors/resources/checkandremove.py
@@ -0,0 +1,6 @@
+def main(request, response):
+ token = request.GET.first("token")
+ if request.server.stash.remove(token) is not None:
+ return "1"
+ else:
+ return "0"
diff --git a/testing/web-platform/tests/cors/resources/cors-cookie.py b/testing/web-platform/tests/cors/resources/cors-cookie.py
new file mode 100644
index 000000000..76fa6c165
--- /dev/null
+++ b/testing/web-platform/tests/cors/resources/cors-cookie.py
@@ -0,0 +1,21 @@
+
+def main(request, response):
+ origin = request.GET.first("origin", request.headers["origin"])
+ credentials = request.GET.first("credentials", "true")
+
+ headers = [("Content-Type", "text/plain")]
+ if origin != 'none':
+ headers.append(("Access-Control-Allow-Origin", origin))
+ if credentials != 'none':
+ headers.append(("Access-Control-Allow-Credentials", credentials))
+
+ ident = request.GET.first('ident', 'test')
+
+ if ident in request.cookies:
+ body = request.cookies[ident].value
+ response.delete_cookie(ident)
+ else:
+ response.set_cookie(ident, "COOKIE");
+ body = "NO_COOKIE"
+
+ return headers, body
diff --git a/testing/web-platform/tests/cors/resources/cors-headers.asis b/testing/web-platform/tests/cors/resources/cors-headers.asis
new file mode 100644
index 000000000..ce21245f1
--- /dev/null
+++ b/testing/web-platform/tests/cors/resources/cors-headers.asis
@@ -0,0 +1,24 @@
+HTTP/1.1 200 OK
+Access-Control-Allow-Origin: *
+Access-Control-Expose-Headers: X-Custom-Header, X-Custom-Header-Empty, X-Custom-Header-Comma, X-Custom-Header-Bytes
+Access-Control-Expose-Headers: X-Second-Expose
+Access-Control-Expose-Headers: Date
+Content-Type: text/plain
+X-Custom-Header: test
+X-Custom-Header: test
+Set-Cookie: test1=t1;max-age=2
+Set-Cookie2: test2=t2;Max-Age=2
+X-Custom-Header-Empty:
+X-Custom-Header-Comma: 1
+X-Custom-Header-Comma: 2
+X-Custom-Header-Bytes: …
+X-Nonexposed: unicorn
+X-Second-Expose: flyingpig
+Cache-Control: no-cache
+Content-Language: nn
+Expires: Thu, 01 Dec 1994 16:00:00 GMT
+Last-Modified: Thu, 01 Dec 1994 10:00:00 GMT
+Pragma: no-cache
+Date: Wed, 22 Oct 2013 10:00:00 GMT
+
+TEST
diff --git a/testing/web-platform/tests/cors/resources/cors-makeheader.py b/testing/web-platform/tests/cors/resources/cors-makeheader.py
new file mode 100644
index 000000000..eab35eedf
--- /dev/null
+++ b/testing/web-platform/tests/cors/resources/cors-makeheader.py
@@ -0,0 +1,67 @@
+import json
+
+def main(request, response):
+ origin = request.GET.first("origin", request.headers.get('origin'))
+
+ if "check" in request.GET:
+ token = request.GET.first("token")
+ value = request.server.stash.take(token)
+ if value is not None:
+ if request.GET.first("check", None) == "keep":
+ request.server.stash.put(token, value)
+ body = "1"
+ else:
+ body = "0"
+ return [("Content-Type", "text/plain")], body
+
+
+ if origin != 'none':
+ response.headers.set("Access-Control-Allow-Origin", origin)
+ if 'origin2' in request.GET:
+ response.headers.append("Access-Control-Allow-Origin", request.GET.first('origin2'))
+
+ #Preflight
+ if 'headers' in request.GET:
+ response.headers.set("Access-Control-Allow-Headers", request.GET.first('headers'))
+ if 'credentials' in request.GET:
+ response.headers.set("Access-Control-Allow-Credentials", request.GET.first('credentials'))
+ if 'methods' in request.GET:
+ response.headers.set("Access-Control-Allow-Methods", request.GET.first('methods'))
+
+ code_raw = request.GET.first('code', None)
+ if code_raw:
+ code = int(code_raw)
+ else:
+ code = None
+ if request.method == 'OPTIONS':
+ #Override the response code if we're in a preflight and it's asked
+ if 'preflight' in request.GET:
+ code = int(request.GET.first('preflight'))
+
+ #Log that the preflight actually happened if we have an ident
+ if 'token' in request.GET:
+ request.server.stash.put(request.GET['token'], True)
+
+ if 'location' in request.GET:
+ if code is None:
+ code = 302
+
+ if code >= 300 and code < 400:
+ response.headers.set("Location", request.GET.first('location'))
+
+ headers = {}
+ for name, values in request.headers.iteritems():
+ if len(values) == 1:
+ headers[name] = values[0]
+ else:
+ #I have no idea, really
+ headers[name] = values
+
+ headers['get_value'] = request.GET.first('get_value', '')
+
+ body = json.dumps(headers)
+
+ if code:
+ return (code, "StatusText"), [], body
+ else:
+ return body
diff --git a/testing/web-platform/tests/cors/resources/preflight.py b/testing/web-platform/tests/cors/resources/preflight.py
new file mode 100644
index 000000000..978e97c5d
--- /dev/null
+++ b/testing/web-platform/tests/cors/resources/preflight.py
@@ -0,0 +1,35 @@
+def main(request, response):
+ headers = [("Content-Type", "text/plain")]
+
+ if "check" in request.GET:
+ token = request.GET.first("token")
+ value = request.server.stash.take(token)
+ if value == None:
+ body = "0"
+ else:
+ if request.GET.first("check", None) == "keep":
+ request.server.stash.put(token, value)
+ body = "1"
+
+ return headers, body
+
+ if request.method == "OPTIONS":
+ if not "Access-Control-Request-Method" in request.headers:
+ response.set_error(400, "No Access-Control-Request-Method header")
+ return "ERROR: No access-control-request-method in preflight!"
+
+ headers.append(("Access-Control-Allow-Methods",
+ request.headers['Access-Control-Request-Method']))
+
+ if "max_age" in request.GET:
+ headers.append(("Access-Control-Max-Age", request.GET['max_age']))
+
+ if "token" in request.GET:
+ request.server.stash.put(request.GET.first("token"), 1)
+
+ headers.append(("Access-Control-Allow-Origin", "*"))
+ headers.append(("Access-Control-Allow-Headers", "x-print"))
+
+ body = request.headers.get("x-print", "NO")
+
+ return headers, body
diff --git a/testing/web-platform/tests/cors/resources/remote-xhrer.html b/testing/web-platform/tests/cors/resources/remote-xhrer.html
new file mode 100644
index 000000000..73a7cb444
--- /dev/null
+++ b/testing/web-platform/tests/cors/resources/remote-xhrer.html
@@ -0,0 +1,28 @@
+<!doctype html>
+<title>Child helper</title>
+
+<script>
+window.addEventListener("message", function(e) {
+// e.source.postMessage(e.data, e.origin);
+
+ var client = new XMLHttpRequest();
+ var localurl = e.data.url
+ .replace("<host>", location.host)
+ .replace("<protocol>", location.protocol);
+
+ client.open('GET', localurl, true);
+ client.onload = function() {
+ e.data.state = "load";
+ e.data.response = client.response;
+ e.source.postMessage(e.data, e.origin);
+ }
+ client.onerror = function() {
+ e.data.state = "error";
+ e.data.response = client.response;
+ e.source.postMessage(e.data, e.origin);
+ }
+ client.send();
+});
+</script>
+
+The remote window
diff --git a/testing/web-platform/tests/cors/resources/status.py b/testing/web-platform/tests/cors/resources/status.py
new file mode 100644
index 000000000..8d441f06e
--- /dev/null
+++ b/testing/web-platform/tests/cors/resources/status.py
@@ -0,0 +1,37 @@
+def main(request, response):
+ response.headers.set("Access-Control-Allow-Origin", request.headers.get("origin") )
+ response.headers.set("Access-Control-Expose-Headers", "X-Request-Method")
+
+ if request.method == 'OPTIONS':
+ response.headers.set("Access-Control-Allow-Methods", "GET, CHICKEN, HEAD, POST, PUT")
+
+ if 'headers' in request.GET:
+ response.headers.set("Access-Control-Allow-Headers", request.GET.first('headers'))
+
+ response.headers.set("X-Request-Method", request.method)
+
+ response.headers.set("X-A-C-Request-Method", request.headers.get("Access-Control-Request-Method", ""));
+
+
+ #This should reasonably work for most response codes.
+ try:
+ code = int(request.GET.first("code", 200))
+ except ValueError:
+ code = 200
+
+ text = request.GET.first("text", "OMG")
+
+ if request.method == "OPTIONS" and "preflight" in request.GET:
+ try:
+ code = int(request.GET.first('preflight'))
+ except KeyError, ValueError:
+ pass
+
+ status = code, text
+
+ if "type" in request.GET:
+ response.headers.set("Content-Type", request.GET.first('type'))
+
+ body = request.GET.first('content', "")
+
+ return status, [], body
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-25 18:23:32 +0000