file_CrossSiteXHR_cache_server.sjs (1460B)
1 function handleRequest(request, response) { 2 var query = {}; 3 request.queryString.split("&").forEach(function (val) { 4 var [name, value] = val.split("="); 5 query[name] = unescape(value); 6 }); 7 8 if ("setState" in query) { 9 setState( 10 "test/dom/security/test_CrossSiteXHR_cache:secData", 11 query.setState 12 ); 13 14 response.setHeader("Cache-Control", "no-cache", false); 15 response.setHeader("Content-Type", "text/plain", false); 16 response.write("hi"); 17 18 return; 19 } 20 21 var isPreflight = request.method == "OPTIONS"; 22 23 // Send response 24 25 secData = JSON.parse( 26 getState("test/dom/security/test_CrossSiteXHR_cache:secData") 27 ); 28 29 if (secData.allowOrigin) { 30 response.setHeader("Access-Control-Allow-Origin", secData.allowOrigin); 31 } 32 33 if (secData.withCred) { 34 response.setHeader("Access-Control-Allow-Credentials", "true"); 35 } 36 37 if (isPreflight) { 38 if (secData.allowHeaders) { 39 response.setHeader("Access-Control-Allow-Headers", secData.allowHeaders); 40 } 41 42 if (secData.allowMethods) { 43 response.setHeader("Access-Control-Allow-Methods", secData.allowMethods); 44 } 45 46 if (secData.cacheTime) { 47 response.setHeader( 48 "Access-Control-Max-Age", 49 secData.cacheTime.toString() 50 ); 51 } 52 53 return; 54 } 55 56 response.setHeader("Cache-Control", "no-cache", false); 57 response.setHeader("Content-Type", "application/xml", false); 58 response.write("<res>hello pass</res>\n"); 59 }