--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/tests/cors/submitted/webkit/resources/access-control-basic-allow-print-headers.php	Mon May 21 18:41:14 2012 -0700
@@ -0,0 +1,10 @@
+<?php
+    header("Content-Type: text/plain");
+    header("Cache-Control: no-store");
+    header("Access-Control-Allow-Origin: *");
+
+    foreach($_SERVER as $h=>$v)
+     if(ereg('HTTP_(.+)',$h,$hp))
+       echo "$h = $v\n";
+
+?>

--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/tests/cors/submitted/webkit/resources/access-control-basic-denied.php	Mon May 21 18:41:14 2012 -0700
@@ -0,0 +1,5 @@
+<?php
+    header("Content-Type: text/plain");
+
+    echo "FAIL: Cross-domain access allowed.";
+?>

--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/tests/cors/submitted/webkit/resources/access-control-basic-whitelist-request-headers.php	Mon May 21 18:41:14 2012 -0700
@@ -0,0 +1,17 @@
+<?php
+    header("Cache-Control: no-store");
+
+    if ($_SERVER['REQUEST_METHOD'] == "POST") {
+    	header("Access-Control-Allow-Credentials: true");
+    	header("Access-Control-Allow-Origin: http://127.0.0.1:80");
+
+    	header("Accept: " . $_SERVER['HTTP_ACCEPT']);
+    	header("Accept-Language: " . $_SERVER['HTTP_ACCEPT_LANGUAGE']);
+    	header("Content-Language: " . $_SERVER['HTTP_CONTENT_LANGUAGE']);
+    	header("Content-Type: " . $_SERVER['CONTENT_TYPE']);
+
+    } else {
+    	echo "\n";
+    }
+?>
+

--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/tests/cors/submitted/webkit/resources/access-control-sandboxed-iframe-denied-without-wildcard.php	Mon May 21 18:41:14 2012 -0700
@@ -0,0 +1,8 @@
+<?php
+    header("Content-Type: text/plain");
+    header("Access-Control-Allow-Credentials: true");
+    header("Access-Control-Allow-Origin: http://127.0.0.1:80");
+
+    echo "FAIL: Sandboxed iframe XHR access allowed.";
+
+?>