--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/tests/cors/submitted/webkit/resources/access-control-basic-allow-print-headers.php Mon May 21 18:41:14 2012 -0700
@@ -0,0 +1,10 @@
+<?php
+ header("Content-Type: text/plain");
+ header("Cache-Control: no-store");
+ header("Access-Control-Allow-Origin: *");
+
+ foreach($_SERVER as $h=>$v)
+ if(ereg('HTTP_(.+)',$h,$hp))
+ echo "$h = $v\n";
+
+?>
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/tests/cors/submitted/webkit/resources/access-control-basic-denied.php Mon May 21 18:41:14 2012 -0700
@@ -0,0 +1,5 @@
+<?php
+ header("Content-Type: text/plain");
+
+ echo "FAIL: Cross-domain access allowed.";
+?>
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/tests/cors/submitted/webkit/resources/access-control-basic-whitelist-request-headers.php Mon May 21 18:41:14 2012 -0700
@@ -0,0 +1,17 @@
+<?php
+ header("Cache-Control: no-store");
+
+ if ($_SERVER['REQUEST_METHOD'] == "POST") {
+ header("Access-Control-Allow-Credentials: true");
+ header("Access-Control-Allow-Origin: http://127.0.0.1:80");
+
+ header("Accept: " . $_SERVER['HTTP_ACCEPT']);
+ header("Accept-Language: " . $_SERVER['HTTP_ACCEPT_LANGUAGE']);
+ header("Content-Language: " . $_SERVER['HTTP_CONTENT_LANGUAGE']);
+ header("Content-Type: " . $_SERVER['CONTENT_TYPE']);
+
+ } else {
+ echo "\n";
+ }
+?>
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/tests/cors/submitted/webkit/resources/access-control-sandboxed-iframe-denied-without-wildcard.php Mon May 21 18:41:14 2012 -0700
@@ -0,0 +1,8 @@
+<?php
+ header("Content-Type: text/plain");
+ header("Access-Control-Allow-Credentials: true");
+ header("Access-Control-Allow-Origin: http://127.0.0.1:80");
+
+ echo "FAIL: Sandboxed iframe XHR access allowed.";
+
+?>