sys.stdout.write('Access-Control-Allow-Origin: http://127.0.0.1:8000\r\n' 'Access-Control-Allow-Credentials: true\r\n' 'Access-Control-Allow-Methods: GET\r\n' 'Access-Control-Max-Age: 1\r\n' '\r\n' "FAIL: Issued a {} request during state '{}'".format( os.environ.get('REQUEST_METHOD', '?'), state, )) sys.exit(0) query = parse_qs(os.environ.get('QUERY_STRING', ''), keep_blank_values=True) stateFile = os.path.join(tempfile.gettempdir(), query.get('test', ['state.txt'])[0]) state = get_state(stateFile) stateArg = query.get('state', [None])[0] sys.stdout.write('Content-Type: text/html\r\n') if os.environ.get('REQUEST_METHOD') == 'GET' and stateArg == 'reset': if os.path.isfile(stateFile): os.remove(stateFile) sys.stdout.write('Access-Control-Allow-Origin: http://127.0.0.1:8000\r\n' 'Access-Control-Max-Age: 1\r\n' '\r\n' 'Server state reset.\n') elif state == 'Uninitialized': if os.environ.get('REQUEST_METHOD') == 'OPTIONS': if stateArg in ['method', 'header']:
import tempfile from urllib.parse import parse_qs # This script may only be used by appcache/fail-on-update.html test, since it uses global data. file = __file__.split(':/cygwin')[-1] http_root = os.path.dirname( os.path.dirname(os.path.abspath(os.path.dirname(file)))) sys.path.insert(0, http_root) from resources.portabilityLayer import get_state, set_state command = parse_qs(os.environ.get('QUERY_STRING', ''), keep_blank_values=True).get('command', [''])[0] tmp_file = os.path.join(tempfile.gettempdir(), 'appcache_fail-on-update_state') state = get_state(tmp_file) sys.stdout.write('Expires: Thu, 01 Dec 2003 16:00:00 GMT\r\n' 'Cache-Control: no-cache, must-revalidate\r\n' 'Pragma: no-cache\r\n') if command == 'reset': if os.path.isfile(tmp_file): os.remove(tmp_file) sys.stdout.write('Content-Type: text/html\r\n\r\n') elif command == 'delete': set_state(tmp_file, 'Deleted') sys.stdout.write('Content-Type: text/html\r\n\r\n') elif state == 'Uninitialized': sys.stdout.write('Content-Type: text/cache-manifest\r\n\r\n' 'CACHE MANIFEST\n'
sys.stdout.write('Content-Type: text/html\r\n' 'Expires: Thu, 01 Dec 2003 16:00:00 GMT\r\n' 'Cache-Control: no-cache, no-store, must-revalidate\r\n' 'Pragma: no-cache\r\n' '\r\n') query = parse_qs(os.environ.get('QUERY_STRING', ''), keep_blank_values=True) stateFile = os.path.join( tempfile.gettempdir(), 'xmlhttprequest-redirect-cross-origin-tripmine_status') command = query.get('command', [None])[0] if command: if command == 'status': sys.stdout.write(get_state(stateFile, default='')) sys.exit(0) method = os.environ.get('REQUEST_METHOD') contentType = os.environ.get('CONTENT_TYPE') if method == 'OPTIONS': # Don't allow cross-site requests with preflight. sys.exit(0) # Only allow simple cross-site requests - since we did not allow preflight, this is all we should ever get. if method not in ['GET', 'HEAD', 'POST']: set_state(stateFile, 'FAIL. Non-simple method {}.'.format(method)) sys.exit(0) if content and not re.match(r'^application\/x\-www\-form\-urlencoded(;.+)?$', contentType) \
sys.stdout.write('Content-Type: text/html\r\n' 'Expires: Thu, 01 Dec 2003 16:00:00 GMT\r\n' 'Cache-Control: no-cache, no-store, must-revalidate\r\n' 'Pragma: no-cache\r\n') if not tempfile.gettempdir(): sys.stdout.write('\r\n' 'FAIL: No temp dir was returned.\n') sys.exit('0') stateFile = os.path.join(tempfile.gettempdir(), 'remember-bad-password-status') command = query.get('command', [''])[0] if command: sys.stdout.write('\n') if command == 'status': sys.stdout.write(get_state(stateFile, default='0')) elif command == 'reset': sys.stdout.write(set_state('0', stateFile)) sys.exit(0) credentials = base64.b64decode( os.environ.get('HTTP_AUTHORIZATION', ' Og==').split(' ')[1]).decode().split(':') username = credentials[0] password = '******'.join(credentials[1:]) if username and username == query.get('uid', [''])[0]: sys.stdout.write('\r\n' 'User: {}, password: {}.'.format(username, password)) else: