Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(501)

Side by Side Diff: third_party/WebKit/LayoutTests/http/tests/serviceworker/resources/fetch-access-control.php

Issue 2651943002: Block subresource requests whose URLs include credentials. (Closed)
Patch Set: Test. Created 3 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
1 <?php 1 <?php
2 header('X-ServiceWorker-ServerHeader: SetInTheServer'); 2 header('X-ServiceWorker-ServerHeader: SetInTheServer');
3 3
4 $prefix = ''; 4 $prefix = '';
5 // If PreflightTest is set: 5 // If PreflightTest is set:
6 // - Use PACAOrign, PACAHeaders, PACAMethods, PACACredentials, PACEHeaders, 6 // - Use PACAOrign, PACAHeaders, PACAMethods, PACACredentials, PACEHeaders,
7 // PAuth, PAuthFail and PSetCookie* parameters in preflight. 7 // PAuth, PAuthFail and PSetCookie* parameters in preflight.
8 // - Use $_GET['PreflightTest'] as HTTP status code. 8 // - Use $_GET['PreflightTest'] as HTTP status code.
9 // - Check Access-Control-Request-Method/Headers headers with 9 // - Check Access-Control-Request-Method/Headers headers with
10 // PACRMethod/Headers parameter, if set, in preflight. 10 // PACRMethod/Headers parameter, if set, in preflight.
(...skipping 86 matching lines...) Expand 10 before | Expand all | Expand 10 after
97 fclose($fp); 97 fclose($fp);
98 } 98 }
99 $files[] = array('key' => $key, 99 $files[] = array('key' => $key,
100 'name' => $file['name'], 100 'name' => $file['name'],
101 'type' => $file['type'], 101 'type' => $file['type'],
102 'error' => $file['error'], 102 'error' => $file['error'],
103 'size' => $file['size'], 103 'size' => $file['size'],
104 'content' => $content); 104 'content' => $content);
105 } 105 }
106 106
107 if (isset($_GET['WINDOW'])) {
108 header('Content-Type: text/html');
109 echo "<!DOCTYPE html><script>window.opener.postMessage('Loaded', '*');</script >";
110 exit;
111 }
112
107 header('Content-Type: application/json'); 113 header('Content-Type: application/json');
108 $arr = array('jsonpResult' => 'success', 114 $arr = array('jsonpResult' => 'success',
109 'method' => $_SERVER['REQUEST_METHOD'], 115 'method' => $_SERVER['REQUEST_METHOD'],
110 'headers' => getallheaders(), 116 'headers' => getallheaders(),
111 'body' => file_get_contents('php://input'), 117 'body' => file_get_contents('php://input'),
112 'files' => $files, 118 'files' => $files,
113 'get' => $_GET, 119 'get' => $_GET,
114 'post' => $_POST, 120 'post' => $_POST,
115 'username' => $username, 121 'username' => $username,
116 'password' => $password, 122 'password' => $password,
117 'cookie' => $cookie); 123 'cookie' => $cookie);
118 $json = json_encode($arr); 124 $json = json_encode($arr);
119 echo "report( $json );"; 125 echo "report( $json );";
120 ?> 126 ?>
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698