|
|
|
@ -25,13 +25,12 @@ class CORSTest(unittest.TestCase):
|
|
|
|
|
origin=origin([
|
|
|
|
|
"https://example.tld/",
|
|
|
|
|
"http://example.tld/",
|
|
|
|
|
"http://example.tld",
|
|
|
|
|
]),
|
|
|
|
|
allowed=("Foo", "Bar"), exposed=("Spam", ))
|
|
|
|
|
|
|
|
|
|
client = Client(app, Response)
|
|
|
|
|
|
|
|
|
|
rv = client.get("/", headers={"ORIGIN": "https://example.tld"})
|
|
|
|
|
rv = client.get("/", headers={"Origin": "https://example.tld"})
|
|
|
|
|
|
|
|
|
|
self.assertEqual(rv.headers["Access-Control-Allow-Origin"], "https://example.tld")
|
|
|
|
|
self.assertEqual(rv.headers["Access-Control-Allow-Credentials"], "true")
|
|
|
|
@ -39,13 +38,13 @@ class CORSTest(unittest.TestCase):
|
|
|
|
|
self.assertEqual(rv.headers["Access-Control-Allow-Headers"], "Foo, Bar")
|
|
|
|
|
self.assertEqual(rv.headers["Access-Control-Expose-Headers"], "Spam")
|
|
|
|
|
|
|
|
|
|
a = client.get("/", headers={"ORIGIN": "http://example.tld"})
|
|
|
|
|
a = client.get("/", headers={"Origin": "http://example.tld"})
|
|
|
|
|
self.assertEqual(a.headers["Access-Control-Allow-Origin"], "http://example.tld")
|
|
|
|
|
|
|
|
|
|
b = client.get("/", headers={"ORIGIN": "http://example.tld"})
|
|
|
|
|
b = client.get("/", headers={"Origin": "http://example.tld"})
|
|
|
|
|
self.assertEqual(b.headers["Access-Control-Allow-Origin"], "http://example.tld")
|
|
|
|
|
|
|
|
|
|
c = client.get("/", headers={"ORIGIN": "http://foo.other"})
|
|
|
|
|
c = client.get("/", headers={"Origin": "http://foo.other"})
|
|
|
|
|
self.assertEqual(c.headers["Access-Control-Allow-Origin"], "https://example.tld")
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@ -55,7 +54,7 @@ class CORSTest(unittest.TestCase):
|
|
|
|
|
allowed=("Foo", ), exposed=("Bar", ))
|
|
|
|
|
client = Client(app, Response)
|
|
|
|
|
|
|
|
|
|
rv = client.open(method="OPTIONS", path="/", headers={"ORIGIN": "http://example.tld"})
|
|
|
|
|
rv = client.open(method="OPTIONS", path="/", headers={"Origin": "http://example.tld"})
|
|
|
|
|
self.assertEqual(rv.status_code, 200)
|
|
|
|
|
|
|
|
|
|
for hdr in ("Origin", "Headers", "Credentials", "Methods"):
|
|
|
|
|