OLD | NEW |
---|---|
1 <?php | 1 <?php |
2 header("Expires: Thu, 01 Dec 2003 16:00:00 GMT"); | 2 header("Expires: Thu, 01 Dec 2003 16:00:00 GMT"); |
3 header("Cache-Control: no-cache, must-revalidate"); | 3 header("Cache-Control: no-cache, must-revalidate"); |
4 header("Pragma: no-cache"); | 4 header("Pragma: no-cache"); |
5 if ($_GET["csp"]) { | 5 if ($_GET["csp"]) { |
6 $csp = $_GET["csp"]; | 6 $csp = $_GET["csp"]; |
7 // If the magic quotes option is enabled, the CSP could be escaped and | 7 // If the magic quotes option is enabled, the CSP could be escaped and |
8 // the test would fail. | 8 // the test would fail. |
9 if (get_magic_quotes_gpc()) { | 9 if (get_magic_quotes_gpc()) { |
10 $csp = stripslashes($csp); | 10 $csp = stripslashes($csp); |
(...skipping 63 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
74 } | 74 } |
75 postMessage(id === 0 ? "setTimeout blocked" : "setTimeout allowed"); | 75 postMessage(id === 0 ? "setTimeout blocked" : "setTimeout allowed"); |
76 | 76 |
77 <?php | 77 <?php |
78 } else if ($_GET["type"] == "alert-pass") { | 78 } else if ($_GET["type"] == "alert-pass") { |
79 ?> | 79 ?> |
80 | 80 |
81 alert('PASS'); | 81 alert('PASS'); |
82 | 82 |
83 <?php | 83 <?php |
84 } else if ($_GET["type"] == "report-referrer") { | |
85 ?> | |
86 | |
87 var xhr = new XMLHttpRequest; | |
Mike West
2015/05/01 14:34:29
Tiny tiny nit: It would be nice for our tests to s
estark
2015/05/01 18:19:55
Acknowledged.
| |
88 xhr.open("GET", "http://127.0.0.1:8000/security/resources/echo-referrer-header.p hp", true); | |
89 xhr.onload = function () { | |
90 postMessage(this.responseText); | |
91 }; | |
92 xhr.send(); | |
93 | |
94 <?php | |
84 } | 95 } |
85 ?> | 96 ?> |
OLD | NEW |