file_nosniff_navigation.sjs (1318B)
1 // Custom *.sjs file specifically for the needs of Bug 1286861 2 3 // small red image 4 const IMG = atob( 5 "iVBORw0KGgoAAAANSUhEUgAAAAUAAAAFCAYAAACNbyblAAAAHElEQVQI12" + 6 "P4//8/w38GIAXDIBKE0DHxgljNBAAO9TXL0Y4OHwAAAABJRU5ErkJggg==" 7 ); 8 9 // https://stackoverflow.com/questions/17279712/what-is-the-smallest-possible-valid-pdf 10 const PDF = `%PDF-1.0 11 1 0 obj<</Type/Catalog/Pages 2 0 R>>endobj 2 0 obj<</Type/Pages/Kids[3 0 R]/Count 1>>endobj 3 0 obj<</Type/Page/MediaBox[0 0 3 3]>>endobj 12 trailer<</Size 4/Root 1 0 R>>`; 13 14 function getSniffableContent(type) { 15 switch (type) { 16 case "xml": 17 return `<?xml version="1.0"?><test/>`; 18 case "html": 19 return `<!Doctype html> <html> <head></head> <body> Test test </body></html>`; 20 case "css": 21 return `*{ color: pink !important; }`; 22 case "json": 23 return `{ 'test':'yes' }`; 24 case "img": 25 return IMG; 26 case "pdf": 27 return PDF; 28 } 29 return "Basic UTF-8 Text"; 30 } 31 32 function handleRequest(request, response) { 33 let query = new URLSearchParams(request.queryString); 34 35 // avoid confusing cache behaviors (XXXX no sure what this means?) 36 response.setHeader("X-Content-Type-Options", "nosniff"); // Disable Sniffing 37 response.setHeader("Content-Type", query.get("mime")); 38 response.write(getSniffableContent(query.get("content"))); 39 }