-
-
Notifications
You must be signed in to change notification settings - Fork 67
/
21http_options_test.go
73 lines (67 loc) · 3.04 KB
/
21http_options_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
package test
import (
"fmt"
"net/http"
"testing"
"github.com/resgateio/resgate/server"
)
func TestHTTPOptions_AllowOrigin_ExpectedResponseHeaders(t *testing.T) {
tbl := []struct {
Origin string // Request's Origin header. Empty means no Origin header.
AllowOrigin string // AllowOrigin config
ExpectedHeaders map[string]string // Expected response Headers
ExpectedMissingHeaders []string // Expected response headers not to be included
}{
{"http://localhost", "*", map[string]string{"Access-Control-Allow-Origin": "*"}, []string{"Vary"}},
{"http://localhost", "http://localhost", map[string]string{"Access-Control-Allow-Origin": "http://localhost", "Vary": "Origin"}, nil},
{"https://resgate.io", "http://localhost;https://resgate.io", map[string]string{"Access-Control-Allow-Origin": "https://resgate.io", "Vary": "Origin"}, nil},
{"http://example.com", "http://localhost;https://resgate.io", map[string]string{"Access-Control-Allow-Origin": "http://localhost", "Vary": "Origin"}, nil},
// No Origin header in request
{"", "*", map[string]string{"Access-Control-Allow-Origin": "*"}, []string{"Vary"}},
{"", "http://localhost", nil, []string{"Access-Control-Allow-Origin", "Vary"}},
}
for i, l := range tbl {
l := l
runNamedTest(t, fmt.Sprintf("#%d", i+1), func(s *Session) {
hreq := s.HTTPRequest("OPTIONS", "/api/test/model", nil, func(req *http.Request) {
if l.Origin != "" {
req.Header.Set("Origin", l.Origin)
}
})
// Validate http response
hreq.GetResponse(t).
Equals(t, http.StatusOK, nil).
AssertHeaders(t, l.ExpectedHeaders).
AssertMissingHeaders(t, l.ExpectedMissingHeaders)
}, func(cfg *server.Config) {
cfg.AllowOrigin = &l.AllowOrigin
})
}
}
func TestHTTPOptions_RequestHeaders_ExpectedResponseHeaders(t *testing.T) {
tbl := []struct {
RequestHeaders []string // Request's Origin header. Empty means no Origin header.
ExpectedHeaders map[string]string // Expected response Headers
ExpectedMissingHeaders []string // Expected response headers not to be included
}{
{[]string{"Content-Type"}, map[string]string{"Access-Control-Allow-Headers": "Content-Type"}, nil},
{[]string{"X-PINGOTHER", "Content-Type"}, map[string]string{"Access-Control-Allow-Headers": "X-PINGOTHER, Content-Type"}, nil},
{[]string{"X-PINGOTHER", "Content-Type", "Authorization"}, map[string]string{"Access-Control-Allow-Headers": "X-PINGOTHER, Content-Type, Authorization"}, nil},
{nil, nil, []string{"Access-Control-Allow-Headers"}},
}
for i, l := range tbl {
l := l
runNamedTest(t, fmt.Sprintf("#%d", i+1), func(s *Session) {
hreq := s.HTTPRequest("OPTIONS", "/api/test/model", nil, func(req *http.Request) {
if len(l.RequestHeaders) > 0 {
req.Header["Access-Control-Request-Headers"] = l.RequestHeaders
}
})
// Validate http response
hreq.GetResponse(t).
Equals(t, http.StatusOK, nil).
AssertHeaders(t, l.ExpectedHeaders).
AssertMissingHeaders(t, l.ExpectedMissingHeaders)
})
}
}