Bug 1554539 - Fix access-control-basic-options-not-supported.py to consistently fail if the Origin header is unexpectedly missing; r=jgraham

Differential Revision: https://phabricator.services.mozilla.com/D32653 --HG-- extra : moz-landing-system : lando
2019-05-28 14:50:11 +00:00 · 2019-05-28 14:50:11 +00:00 · eb5865bd87
--- a/testing/web-platform/meta/xhr/access-control-basic-post-with-non-cors-safelisted-content-type.htm.ini
+++ b/testing/web-platform/meta/xhr/access-control-basic-post-with-non-cors-safelisted-content-type.htm.ini
@ -0,0 +1,4 @@
+[access-control-basic-post-with-non-cors-safelisted-content-type.htm]
+  [Same-origin request with non-safelisted content type succeeds]
+    expected: FAIL
+
--- a/testing/web-platform/tests/xhr/resources/access-control-basic-options-not-supported.py
+++ b/testing/web-platform/tests/xhr/resources/access-control-basic-options-not-supported.py
@ -3,7 +3,10 @@ def main(request, response):

    # Allow simple requests, but deny preflight
    if request.method != "OPTIONS":
-        response.headers.set("Access-Control-Allow-Credentials", "true")
-        response.headers.set("Access-Control-Allow-Origin", request.headers.get("origin"))
+        if "origin" in request.headers:
+            response.headers.set("Access-Control-Allow-Credentials", "true")
+            response.headers.set("Access-Control-Allow-Origin", request.headers["origin"])
+        else:
+            response.status = 500
    else:
        response.status = 400