xhr/resources/access-control-preflight-request-headers-origin.py - external/github.com/web-platform-tests/wpt - Git at Google

 def main(request, response):
     response.headers.set(b"Cache-Control", b"no-store")
     response.headers.set(b"Access-Control-Allow-Origin", b"*")

     if request.method == u"OPTIONS":
         if b"origin" in request.headers.get(b"Access-Control-Request-Headers").lower():
             response.status = 400
             response.content = b"Error: 'origin' included in Access-Control-Request-Headers"
         else:
             response.headers.set(b"Access-Control-Allow-Headers", b"x-pass")
     else:
         response.content = request.headers.get(b"x-pass")
	def main(request, response):
	response.headers.set(b"Cache-Control", b"no-store")
	response.headers.set(b"Access-Control-Allow-Origin", b"*")

	if request.method == u"OPTIONS":
	if b"origin" in request.headers.get(b"Access-Control-Request-Headers").lower():
	response.status = 400
	response.content = b"Error: 'origin' included in Access-Control-Request-Headers"
	else:
	response.headers.set(b"Access-Control-Allow-Headers", b"x-pass")
	else:
	response.content = request.headers.get(b"x-pass")