From 9e1854250ee2f1b93e4d0cb57cdd3e67b53d8859 Mon Sep 17 00:00:00 2001 From: fengmk2 Date: Thu, 25 Apr 2024 23:26:01 +0800 Subject: [PATCH] fix: let framework known app has custom origin handler or not (#28) auto set config.cors.hasCustomOriginHandler pick from https://github.com/eggjs/egg-cors/pull/28 --- .github/PULL_REQUEST_TEMPLATE.md | 24 ------------------- app.js | 1 + config/config.default.js | 2 -- test/cors.default-config.test.js | 7 ++++++ test/cors.origin-function.test.js | 7 ++++++ .../apps/cors-default-config/app/router.js | 6 +++++ .../apps/cors.origin-function/app/router.js | 6 +++++ 7 files changed, 27 insertions(+), 26 deletions(-) delete mode 100644 .github/PULL_REQUEST_TEMPLATE.md diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md deleted file mode 100644 index 48f9944..0000000 --- a/.github/PULL_REQUEST_TEMPLATE.md +++ /dev/null @@ -1,24 +0,0 @@ - - -##### Checklist - - -- [ ] `npm test` passes -- [ ] tests and/or benchmarks are included -- [ ] documentation is changed or added -- [ ] commit message follows commit guidelines - -##### Affected core subsystem(s) - - - -##### Description of change - diff --git a/app.js b/app.js index 6224f41..5a6b2a3 100644 --- a/app.js +++ b/app.js @@ -6,6 +6,7 @@ module.exports = app => { app.config.coreMiddlewares.unshift('cors'); // if security plugin enabled, and origin config is not provided, will only allow safe domains support CORS. + app.config.cors.hasCustomOriginHandler = !!app.config.cors.origin; app.config.cors.origin = app.config.cors.origin || function corsOrigin(ctx) { // origin is {protocol}{hostname}{port}... const origin = ctx.get('origin'); diff --git a/config/config.default.js b/config/config.default.js index edcd7ab..5bea16a 100644 --- a/config/config.default.js +++ b/config/config.default.js @@ -1,5 +1,3 @@ -'use strict'; - /** * cors default config * @member Config#cors diff --git a/test/cors.default-config.test.js b/test/cors.default-config.test.js index 1963c56..3ad031a 100644 --- a/test/cors.default-config.test.js +++ b/test/cors.default-config.test.js @@ -24,6 +24,13 @@ describe('test/cors.default-config.test.js', () => { .expect(200); }); + it('should hasCustomOriginHandler set to false', () => { + return app.httpRequest() + .get('/config') + .expect({ hasCustomOriginHandler: false }) + .expect(200); + }); + it('should not set `Access-Control-Allow-Origin` to request origin header', () => { app.httpRequest() .get('/') diff --git a/test/cors.origin-function.test.js b/test/cors.origin-function.test.js index 6b56fda..6224151 100644 --- a/test/cors.origin-function.test.js +++ b/test/cors.origin-function.test.js @@ -24,6 +24,13 @@ describe('test/cors.origin-function.test.js', () => { .expect(200); }); + it('should hasCustomOriginHandler set to true', () => { + return app.httpRequest() + .get('/config') + .expect({ hasCustomOriginHandler: true }) + .expect(200); + }); + it('should set `Access-Control-Allow-Origin` to request origin header', () => { return app.httpRequest() .get('/') diff --git a/test/fixtures/apps/cors-default-config/app/router.js b/test/fixtures/apps/cors-default-config/app/router.js index c1b4a01..3b00837 100644 --- a/test/fixtures/apps/cors-default-config/app/router.js +++ b/test/fixtures/apps/cors-default-config/app/router.js @@ -7,6 +7,12 @@ module.exports = app => { }; }); + app.get('/config', async ctx => { + ctx.body = { + hasCustomOriginHandler: ctx.app.config.cors.hasCustomOriginHandler, + }; + }); + app.post('/', async ctx => { ctx.body = { foo: 'bar', diff --git a/test/fixtures/apps/cors.origin-function/app/router.js b/test/fixtures/apps/cors.origin-function/app/router.js index c1b4a01..3b00837 100644 --- a/test/fixtures/apps/cors.origin-function/app/router.js +++ b/test/fixtures/apps/cors.origin-function/app/router.js @@ -7,6 +7,12 @@ module.exports = app => { }; }); + app.get('/config', async ctx => { + ctx.body = { + hasCustomOriginHandler: ctx.app.config.cors.hasCustomOriginHandler, + }; + }); + app.post('/', async ctx => { ctx.body = { foo: 'bar',