/security/manager/ssl/tests/mochitest/stricttransportsecurity/verify.sjs
Unknown | 80 lines | 76 code | 4 blank | 0 comment | 0 complexity | a62152b432f57690bc235540e5576df3 MD5 | raw file
1/* ***** BEGIN LICENSE BLOCK ***** 2 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 3 * 4 * The contents of this file are subject to the Mozilla Public License Version 5 * 1.1 (the "License"); you may not use this file except in compliance with 6 * the License. You may obtain a copy of the License at 7 * http://www.mozilla.org/MPL/ 8 * 9 * Software distributed under the License is distributed on an "AS IS" basis, 10 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License 11 * for the specific language governing rights and limitations under the 12 * License. 13 * 14 * The Original Code is Strict-Transport-Security. 15 * 16 * The Initial Developer of the Original Code is 17 * Mozilla Foundation. 18 * Portions created by the Initial Developer are Copyright (C) 2010 19 * the Initial Developer. All Rights Reserved. 20 * 21 * Contributor(s): 22 * Sid Stamm <sid@mozilla.com> 23 * 24 * Alternatively, the contents of this file may be used under the terms of 25 * either the GNU General Public License Version 2 or later (the "GPL"), or 26 * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), 27 * in which case the provisions of the GPL or the LGPL are applicable instead 28 * of those above. If you wish to allow use of your version of this file only 29 * under the terms of either the GPL or the LGPL, and not to allow others to 30 * use your version of this file under the terms of the MPL, indicate your 31 * decision by deleting the provisions above and replace them with the notice 32 * and other provisions required by the GPL or the LGPL. If you do not delete 33 * the provisions above, a recipient may use your version of this file under 34 * the terms of any one of the MPL, the GPL or the LGPL. 35 * 36 * ***** END LICENSE BLOCK ***** */ 37 38// SJS file that serves un-cacheable responses for STS tests that postMessage 39// to the parent saying whether or not they were loaded securely. 40 41function handleRequest(request, response) 42{ 43 var query = {}; 44 request.queryString.split('&').forEach(function (val) { 45 var [name, value] = val.split('='); 46 query[name] = unescape(value); 47 }); 48 49 response.setHeader("Cache-Control", "no-cache", false); 50 response.setHeader("Content-Type", "text/html", false); 51 52 if ('id' in query) { 53 var outstr = [ 54 " <!DOCTYPE html>", 55 " <html> <head> <title>subframe for STS</title>", 56 " <script type='text/javascript'>", 57 " var self = window;", 58 " window.addEventListener('load', function() {", 59 " if (document.location.protocol === 'https:') {", 60 " self.parent.postMessage('SECURE " + query['id'] + "',", 61 " 'http://mochi.test:8888');", 62 " } else {", 63 " self.parent.postMessage('INSECURE " + query['id'] + "',", 64 " 'http://mochi.test:8888');", 65 " }", 66 " }, false);", 67 " </script>", 68 " </head>", 69 " <body>", 70 " STS state verification frame loaded via", 71 " <script>", 72 " document.write(document.location.protocol);", 73 " </script>", 74 " </body>", 75 " </html>"].join("\n"); 76 response.write(outstr); 77 } else { 78 response.write("ERROR: no id provided"); 79 } 80}