Mercurial > hg > webappsec / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset
Initial check-in testJam
authorpuhley
Thu, 03 May 2012 15:20:10 -0700
branchtestJam
changeset 46 4588ee8d30cf
parent 43 9a01b8703f04
child 47 125500fa827e
Initial check-in
tests/cors/submitted/webkit/resources/access-control-basic-non-get-allow.php 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/tests/cors/submitted/webkit/resources/access-control-basic-non-get-allow.php	Thu May 03 15:20:10 2012 -0700
@@ -0,0 +1,21 @@
+<?PHP
+
+if ($_SERVER['REQUEST_METHOD'] == "OPTIONS") {
+    header("Content-Type: text/plain");
+    header("Access-Control-Allow-Credentials: true");
+    header("Access-Control-Allow-Methods: PUT");
+    header("Access-Control-Allow-Origin: " . $_SERVER['HTTP_ORIGIN']);
+} elseif ($_SERVER['REQUEST_METHOD'] == "PUT") {
+    header("Content-Type: text/plain");
+    header("Access-Control-Allow-Credentials: true");
+    header("Access-Control-Allow-Origin: " . $_SERVER['HTTP_ORIGIN']);
+
+    echo "PASS: Cross-domain access allowed.\n";
+    $request_body = @file_get_contents('php://input');
+    echo $request_body ;
+} else {
+    header("Content-Type: text/plain");
+    echo "Wrong method: " . $_SERVER['REQUEST_METHOD'] . "\n";
+}
+
+?>
webappsec

Hosted by W3C Systems Team, please report bugs to sysreq@w3.org