access-control-basic-preflight-cache.py (1798B)
1 from wptserve.utils import isomorphic_encode 2 3 def main(request, response): 4 def fail(message): 5 response.content = b"FAIL " + isomorphic_encode(request.method) + b": " + message 6 response.status = 400 7 8 def getState(token): 9 server_state = request.server.stash.take(token) 10 if not server_state: 11 return b"Uninitialized" 12 return server_state 13 14 def setState(state, token): 15 request.server.stash.put(token, state) 16 17 response.headers.set(b"Access-Control-Allow-Origin", request.headers.get(b"origin")) 18 response.headers.set(b"Access-Control-Allow-Credentials", b"true") 19 token = request.GET.first(b"token", None) 20 state = getState(token) 21 22 if state == b"Uninitialized": 23 if request.method == u"OPTIONS": 24 response.headers.set(b"Access-Control-Allow-Methods", b"PUT") 25 response.headers.set(b"Access-Control-Max-Age", 10) 26 setState(b"OPTIONSSent", token) 27 else: 28 fail(state) 29 elif state == b"OPTIONSSent": 30 if request.method == u"PUT": 31 response.content = b"PASS: First PUT request." 32 setState(b"FirstPUTSent", token) 33 else: 34 fail(state) 35 elif state == b"FirstPUTSent": 36 if request.method == u"PUT": 37 response.content = b"PASS: Second PUT request. Preflight worked." 38 elif request.method == u"OPTIONS": 39 response.headers.set(b"Access-Control-Allow-Methods", b"PUT") 40 setState(b"FAILSecondOPTIONSSent", token) 41 else: 42 fail(state) 43 elif state == b"FAILSecondOPTIONSSent": 44 if request.method == u"PUT": 45 fail(b"Second OPTIONS request was sent. Preflight failed.") 46 else: 47 fail(state) 48 else: 49 fail(state)