--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/tests/cors/submitted/webkit/resources/access-control-basic-whitelist-response-headers.php	Thu May 03 13:38:05 2012 -0700
@@ -0,0 +1,18 @@
+<?php
+
+#in whitelist
+header("content-type: text/plain");
+header("cache-control: no cache\n");
+header("content-language: en\n");
+header("expires: Fri, 30 Oct 1998 14:19:41 GMT\n");
+header("last-modified: Tue, 15 Nov 1994 12:45:26 GMT\n");
+header("pragma: no-cache\n");
+
+#not in whitelist
+header("x-webkit: foobar\n");
+
+header("Access-Control-Allow-Origin: *\n\n");
+
+echo "PASS: Cross-domain access allowed.";
+?>
+

--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/tests/cors/submitted/webkit/resources/access-control-sandboxed-iframe-allow.php	Thu May 03 13:38:05 2012 -0700
@@ -0,0 +1,9 @@
+<?php
+
+header("Content-Type: text/plain");
+header("Access-Control-Allow-Credentials: true");
+header("Access-Control-Allow-Origin: *\n\n");
+
+echo "PASS: Sandboxed iframe XHR access allowed.";
+?>
+

--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/tests/cors/submitted/webkit/resources/access-control-sandboxed-iframe-denied.php	Thu May 03 13:38:05 2012 -0700
@@ -0,0 +1,7 @@
+<?php
+
+header("Content-Type: text/plain");
+
+echo "FAIL: Sandboxed iframe XHR access allowed.";
+
+?>