if os.path.isfile(stateFile): os.remove(stateFile) sys.stdout.write('Access-Control-Allow-Origin: http://127.0.0.1:8000\r\n' 'Access-Control-Max-Age: 1\r\n' '\r\n' 'Server state reset.\n') elif state == 'Uninitialized': if os.environ.get('REQUEST_METHOD') == 'OPTIONS': if stateArg in ['method', 'header']: sys.stdout.write( 'Access-Control-Allow-Methods: GET\r\n' 'Access-Control-Allow-Origin: http://127.0.0.1:8000\r\n' 'Access-Control-Max-Age: 1\r\n') sys.stdout.write('\r\n' 'FAIL: This request should not be displayed\n') set_state(stateFile, 'Denied') else: fail(state) elif state == 'Denied': if os.environ.get('REQUEST_METHOD') == 'GET' and stateArg == 'complete': os.remove(stateFile) sys.stdout.write( 'Access-Control-Allow-Origin: http://127.0.0.1:8000\r\n' 'Access-Control-Max-Age: 1\r\n' '\r\n' 'PASS: Request successfully blocked.\n') else: set_state(stateFile, 'Deny Ignored') fail(state)
stateFile = os.path.join( tempfile.gettempdir(), 'xmlhttprequest-redirect-cross-origin-tripmine_status') command = query.get('command', [None])[0] if command: if command == 'status': sys.stdout.write(get_state(stateFile, default='')) sys.exit(0) method = os.environ.get('REQUEST_METHOD') contentType = os.environ.get('CONTENT_TYPE') if method == 'OPTIONS': # Don't allow cross-site requests with preflight. sys.exit(0) # Only allow simple cross-site requests - since we did not allow preflight, this is all we should ever get. if method not in ['GET', 'HEAD', 'POST']: set_state(stateFile, 'FAIL. Non-simple method {}.'.format(method)) sys.exit(0) if content and not re.match(r'^application\/x\-www\-form\-urlencoded(;.+)?$', contentType) \ and not re.match(r'^multipart\/form\-data(;.+)?$', contentType) \ and not re.match(r'^text\/plain(;.+)?$', contentType): set_state(stateFile, 'FAIL. Non-simple content type: {}.'.format(contentType)) if os.environ.get('HTTP_X_WEBKIT_TEST'): set_state(stateFile, 'FAIL. Custom header sent with a simple request.')
if os.path.isfile(stateFile): os.remove(stateFile) sys.stdout.write('Access-Control-Allow-Origin: http://127.0.0.1:8000\r\n' 'Access-Control-Max-Age: 1\r\n' '\r\n' 'Server state reset.\n') elif state == 'Uninitialized': if os.environ.get('REQUEST_METHOD') == 'OPTIONS': if stateArg in ['method', 'header']: sys.stdout.write( 'Access-Control-Allow-Methods: GET\r\n' 'Access-Control-Allow-Origin: http://127.0.0.1:8000\r\n' 'Access-Control-Max-Age: 1\r\n') sys.stdout.write('\r\n' 'FAIL: This request should not be displayed\n') set_state('Denied', stateFile) else: fail(state) elif state == 'Denied': if os.environ.get('REQUEST_METHOD') == 'GET' and stateArg == 'complete': os.remove(stateFile) sys.stdout.write( 'Access-Control-Allow-Origin: http://127.0.0.1:8000\r\n' 'Access-Control-Max-Age: 1\r\n' '\r\n' 'PASS: Request successfully blocked.\n') else: set_state('Deny Ignored', stateFile) fail(state)
query = parse_qs(os.environ.get('QUERY_STRING', ''), keep_blank_values=True) stateFile = os.path.join(tempfile.gettempdir(), query.get('filename', ['state.txt'])[0]) state = get_state(stateFile) sys.stdout.write('Content-Type: text/html\r\n') if state == 'Uninitialized': if os.environ.get('REQUEST_METHOD') == 'OPTIONS': sys.stdout.write( 'Access-Control-Allow-Origin: http://127.0.0.1:8000\r\n' 'Access-Control-Allow-Credentials: true\r\n' 'Access-Control-Allow-Methods: PUT\r\n' 'Access-Control-Allow-Headers: x-webkit-test\r\n' 'Access-Control-Max-Age: 10\r\n' '\r\n' ) set_state('OptionsSent', stateFile) else: fail() elif state == 'OptionsSent': if os.environ.get('REQUEST_METHOD') == 'PUT': sys.stdout.write( 'Access-Control-Allow-Origin: http://127.0.0.1:8000\r\n' 'Access-Control-Allow-Credentials: true\r\n' '\r\n' 'PASS: First PUT request.' ) set_state('FirstPUTSent', stateFile) else: fail()
http_root = os.path.dirname( os.path.dirname(os.path.abspath(os.path.dirname(file)))) sys.path.insert(0, http_root) from resources.portabilityLayer import get_state, set_state command = parse_qs(os.environ.get('QUERY_STRING', ''), keep_blank_values=True).get('command', [''])[0] tmp_file = os.path.join(tempfile.gettempdir(), 'appcache_fail-on-update_state') state = get_state(tmp_file) sys.stdout.write('Expires: Thu, 01 Dec 2003 16:00:00 GMT\r\n' 'Cache-Control: no-cache, must-revalidate\r\n' 'Pragma: no-cache\r\n') if command == 'reset': if os.path.isfile(tmp_file): os.remove(tmp_file) sys.stdout.write('Content-Type: text/html\r\n\r\n') elif command == 'delete': set_state(tmp_file, 'Deleted') sys.stdout.write('Content-Type: text/html\r\n\r\n') elif state == 'Uninitialized': sys.stdout.write('Content-Type: text/cache-manifest\r\n\r\n' 'CACHE MANIFEST\n' 'NETWORK:\n' 'fail-on-update.py?command=\n') elif state == 'Deleted': sys.stdout.write('status: 404\r\n' 'Content-Type: text/html\r\n\r\n') else: sys.stdout.write('Content-Type: text/html\r\n\r\n')
query = parse_qs(os.environ.get('QUERY_STRING', ''), keep_blank_values=True) stateFile = os.path.join(tempfile.gettempdir(), query.get('filename', ['state.txt'])[0]) state = get_state(stateFile) sys.stdout.write('Content-Type: text/html\r\n') if state == 'Uninitialized': if os.environ.get('REQUEST_METHOD') == 'OPTIONS': sys.stdout.write( 'Access-Control-Allow-Origin: http://127.0.0.1:8000\r\n' 'Access-Control-Allow-Credentials: true\r\n' 'Access-Control-Allow-Methods: PUT\r\n' 'Access-Control-Max-Age: 10\r\n' '\r\n') set_state(stateFile, 'OptionsSent') else: fail() elif state == 'OptionsSent': if os.environ.get('REQUEST_METHOD') == 'PUT': sys.stdout.write( 'Access-Control-Allow-Origin: http://127.0.0.1:8000\r\n' 'Access-Control-Allow-Credentials: true\r\n' '\r\n' 'PASS: First PUT request.') set_state(stateFile, 'FirstPUTSent') else: fail() elif state == 'FirstPUTSent':
http_root = os.path.dirname( os.path.dirname(os.path.abspath(os.path.dirname(file)))) sys.path.insert(0, http_root) from resources.portabilityLayer import get_state, set_state command = parse_qs(os.environ.get('QUERY_STRING', ''), keep_blank_values=True).get('command', [''])[0] tmp_file = os.path.join(tempfile.gettempdir(), 'appcache_remove-cache_state') state = get_state(tmp_file) sys.stdout.write('Expires: Thu, 01 Dec 2003 16:00:00 GMT\r\n' 'Cache-Control: no-cache, must-revalidate\r\n' 'Pragma: no-cache\r\n') if command == 'reset': if os.path.isfile(tmp_file): os.remove(tmp_file) sys.stdout.write('Content-Type: text/html\r\n\r\n') elif command == 'delete': set_state('Deleted', tmp_file) sys.stdout.write('Content-Type: text/html\r\n\r\n') elif state == 'Uninitialized': sys.stdout.write('Content-Type: text/cache-manifest\r\n\r\n' 'CACHE MANIFEST\n' 'NETWORK:\n' 'remove-cache.py?command=\n"') elif state == 'Deleted': sys.stdout.write('status: 404\r\n' 'Content-Type: text/html\r\n\r\n') else: sys.stodut.write('Content-Type: text/html\r\n\r\n')
import tempfile file = __file__.split(':/cygwin')[-1] http_root = os.path.dirname( os.path.dirname(os.path.abspath(os.path.dirname(file)))) sys.path.insert(0, http_root) from resources.portabilityLayer import set_state, get_state from urllib.parse import parse_qs sys.stdout.write('Content-Type: text/html\r\n' 'Access-Control-Allow-Origin: *\r\n' 'Access-Control-Allow-Headers: X-Custom-Header\r\n' 'Access-Control-Max-Age: 0\r\n' '\r\n') query = parse_qs(os.environ.get('QUERY_STRING', ''), keep_blank_values=True) stateFile = os.path.join(tempfile.gettempdir(), query.get('filename', ['state.txt'])[0]) if os.environ.get('REQUEST_METHOD') == 'OPTIONS': if os.environ.get('HTTP_X_CUSTOM_HEADER'): set_state('FAIL', stateFile) else: set_state('PASS', stateFile) else: if os.environ.get('HTTP_X_CUSTOM_HEADER'): sys.stdout.write(get_state(stateFile, default='FAIL')) else: sys.stdout.write('FAIL - no header in actual request')
'Cache-Control: no-cache, no-store, must-revalidate\r\n' 'Pragma: no-cache\r\n') if not tempfile.gettempdir(): sys.stdout.write('\r\n' 'FAIL: No temp dir was returned.\n') sys.exit('0') stateFile = os.path.join(tempfile.gettempdir(), 'remember-bad-password-status') command = query.get('command', [''])[0] if command: sys.stdout.write('\n') if command == 'status': sys.stdout.write(get_state(stateFile, default='0')) elif command == 'reset': sys.stdout.write(set_state('0', stateFile)) sys.exit(0) credentials = base64.b64decode( os.environ.get('HTTP_AUTHORIZATION', ' Og==').split(' ')[1]).decode().split(':') username = credentials[0] password = '******'.join(credentials[1:]) if username and username == query.get('uid', [''])[0]: sys.stdout.write('\r\n' 'User: {}, password: {}.'.format(username, password)) else: sys.stdout.write('WWW-Authenticate: Basic realm="WebKit Test Realm"\r\n' 'status: 401\r\n'
import tempfile file = __file__.split(':/cygwin')[-1] http_root = os.path.dirname(os.path.dirname(os.path.abspath(os.path.dirname(file)))) sys.path.insert(0, http_root) from resources.portabilityLayer import set_state, get_state from urllib.parse import parse_qs sys.stdout.write( 'Content-Type: text/html\r\n' 'Access-Control-Allow-Origin: *\r\n' 'Access-Control-Allow-Headers: X-Custom-Header\r\n' 'Access-Control-Max-Age: 0\r\n' '\r\n' ) query = parse_qs(os.environ.get('QUERY_STRING', ''), keep_blank_values=True) stateFile = os.path.join(tempfile.gettempdir(), query.get('filename', ['state.txt'])[0]) if os.environ.get('REQUEST_METHOD') == 'OPTIONS': if os.environ.get('HTTP_X_CUSTOM_HEADER'): set_state(stateFile, 'FAIL') else: set_state(stateFile, 'PASS') else: if os.environ.get('HTTP_X_CUSTOM_HEADER'): sys.stdout.write(get_state(stateFile, default='FAIL')) else: sys.stdout.write('FAIL - no header in actual request')