File: access-control-preflight-request-must-not-contain-cookie.py

package info (click to toggle)

firefox 144.0-1

links: PTS, VCS
area: main
in suites: sid
size: 4,637,504 kB
sloc: cpp: 7,576,692; javascript: 6,430,831; ansic: 3,748,119; python: 1,398,978; xml: 628,810; asm: 438,679; java: 186,194; sh: 63,212; makefile: 19,159; objc: 13,086; perl: 12,986; yacc: 4,583; cs: 3,846; pascal: 3,448; lex: 1,720; ruby: 1,003; exp: 762; php: 436; lisp: 258; awk: 247; sql: 66; sed: 53; csh: 10

file content (12 lines) | stat: -rw-r--r-- 609 bytes

parent folder | download | duplicates (26)

def main(request, response):
    if request.method == u"OPTIONS" and request.cookies.get(b"foo"):
        response.status = 400
    else:
        response.headers.set(b"Cache-Control", b"no-store")
        response.headers.set(b"Access-Control-Allow-Origin", request.headers.get(b"origin"))
        response.headers.set(b"Access-Control-Allow-Credentials", b"true")
        response.headers.set(b"Access-Control-Allow-Headers", b"X-Proprietary-Header")
        response.headers.set(b"Connection", b"close")

        if request.cookies.get(b"foo"):
            response.content = request.cookies[b"foo"].value