forked from mozilla/gecko-dev
-
Notifications
You must be signed in to change notification settings - Fork 2
/
file_x-frame-options_page.sjs
39 lines (36 loc) · 1.38 KB
/
file_x-frame-options_page.sjs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
// SJS file for X-Frame-Options mochitests
function handleRequest(request, response)
{
var query = {};
request.queryString.split('&').forEach(function (val) {
var [name, value] = val.split('=');
query[name] = unescape(value);
});
response.setHeader("Cache-Control", "no-cache", false);
response.setHeader("Content-Type", "text/html", false);
// X-Frame-Options header value
if (query['xfo'] == "deny") {
response.setHeader("X-Frame-Options", "DENY", false);
}
else if (query['xfo'] == "sameorigin") {
response.setHeader("X-Frame-Options", "SAMEORIGIN", false);
}
else if (query['xfo'] == "sameorigin2") {
response.setHeader("X-Frame-Options", "SAMEORIGIN, SAMEORIGIN", false);
}
else if (query['xfo'] == "sameorigin3") {
response.setHeader("X-Frame-Options", "SAMEORIGIN,SAMEORIGIN , SAMEORIGIN", false);
}
else if (query['xfo'] == "mixedpolicy") {
response.setHeader("X-Frame-Options", "DENY,SAMEORIGIN", false);
}
else if (query['xfo'] == "afa") {
response.setHeader("X-Frame-Options", "ALLOW-FROM http://mochi.test:8888/", false);
}
else if (query['xfo'] == "afd") {
response.setHeader("X-Frame-Options", "ALLOW-FROM http://example.com/", false);
}
// from the test harness we'll be checking for the presence of this element
// to test if the page loaded
response.write("<h1 id=\"test\">" + query["testid"] + "</h1>");
}