def main(request, response): | |
response.headers.set('Cache-Control', 'no-store') | |
response.headers.set('Access-Control-Allow-Origin', | |
request.headers.get('origin')) | |
headers = 'x-custom-s,x-custom-test,x-custom-u,x-custom-ua,x-custom-v' | |
if request.method == 'OPTIONS': | |
response.headers.set('Access-Control-Max-Age', '0') | |
response.headers.set('Access-Control-Allow-Headers', headers) | |
# Access-Control-Request-Headers should be sorted. | |
if headers != request.headers.get('Access-Control-Request-Headers'): | |
response.status = 400 | |
else: | |
if request.headers.get('x-custom-s'): | |
response.content = 'PASS' | |
else: | |
response.status = 400 | |
response.content = 'FAIL' |