diff options
| author | Bernhard Posselt <nukeawhale@gmail.com> | 2013-08-28 23:09:07 +0200 |
|---|---|---|
| committer | Bernhard Posselt <nukeawhale@gmail.com> | 2013-08-28 23:09:07 +0200 |
| commit | 9e2975c629265befdd425346ed4080d200343ce4 (patch) | |
| tree | 6f7ce5e65c4fd761ca365dc765a2b8ab930c900a /tests | |
| parent | 2f67340e551b12dce8824381c3291bb2137857cb (diff) | |
add cors for API
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/unit/external/NewsAPITest.php | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/tests/unit/external/NewsAPITest.php b/tests/unit/external/NewsAPITest.php index e350f455f..dae2eb43f 100644 --- a/tests/unit/external/NewsAPITest.php +++ b/tests/unit/external/NewsAPITest.php @@ -91,4 +91,22 @@ class NewsAPITest extends ControllerTestUtility { } + public function testCorsAnnotations(){ + $annotations = array('IsAdminExemption', 'IsSubAdminExemption', + 'Ajax', 'CSRFExemption', 'IsLoggedInExemption'); + $this->assertAnnotations($this->newsAPI, 'cors', $annotations); + } + + + public function testCors() { + $response = $this->newsAPI->cors(); + + $headers = $response->getHeaders(); + + $this->assertEquals('*', $headers['Access-Control-Allow-Origin']); + $this->assertEquals('PUT, POST, GET, DELETE', $headers['Access-Control-Allow-Methods']); + $this->assertEquals('true', $headers['Access-Control-Allow-Credentials']); + } + + } |