access-control-preflight-request-header-lowercase.py (683B)
1 def main(request, response): 2 response.headers.set(b"Cache-Control", b"no-store") 3 response.headers.set(b"Access-Control-Allow-Origin", b"*") 4 response.headers.set(b"Access-Control-Max-Age", 0) 5 6 if request.method == u"OPTIONS": 7 if b"x-test" in [header.strip(b" ") for header in 8 request.headers.get(b"Access-Control-Request-Headers").split(b",")]: 9 response.headers.set(b"Access-Control-Allow-Headers", b"X-Test") 10 else: 11 response.status = 400 12 elif request.method == u"GET": 13 if request.headers.get(b"X-Test"): 14 response.content = b"PASS" 15 else: 16 response.status = 400