From 479d5e2e377e9c5daaea3359f84b563ac3ca5825 Mon Sep 17 00:00:00 2001 From: Bernhard Posselt Date: Mon, 2 Sep 2013 14:45:37 +0200 Subject: fix cors and cors unittests, fix #324 --- tests/unit/external/NewsAPITest.php | 16 +++++++++++++++- tests/unit/middleware/CORSMiddlewareTest.php | 26 ++++++++++++++++++++++---- 2 files changed, 37 insertions(+), 5 deletions(-) (limited to 'tests/unit') diff --git a/tests/unit/external/NewsAPITest.php b/tests/unit/external/NewsAPITest.php index 2bc649c1c..9a319a378 100644 --- a/tests/unit/external/NewsAPITest.php +++ b/tests/unit/external/NewsAPITest.php @@ -25,6 +25,7 @@ namespace OCA\News\External; +use \OCA\AppFramework\Http\Request; use \OCA\AppFramework\Http\JSONResponse; use \OCA\AppFramework\Utility\ControllerTestUtility; @@ -99,6 +100,8 @@ class NewsAPITest extends ControllerTestUtility { public function testCors() { + $this->request = new Request(array('server' => array())); + $this->newsAPI = new NewsAPI($this->api, $this->request, $this->updater); $response = $this->newsAPI->cors(); $headers = $response->getHeaders(); @@ -106,9 +109,20 @@ class NewsAPITest extends ControllerTestUtility { $this->assertEquals('*', $headers['Access-Control-Allow-Origin']); $this->assertEquals('PUT, POST, GET, DELETE', $headers['Access-Control-Allow-Methods']); $this->assertEquals('true', $headers['Access-Control-Allow-Credentials']); - $this->assertEquals('Authorization', $headers['Access-Control-Allow-Headers']); + $this->assertEquals('Authorization, Content-Type', $headers['Access-Control-Allow-Headers']); $this->assertEquals('1728000', $headers['Access-Control-Max-Age']); } + public function testCorsUsesOriginIfGiven() { + $this->request = new Request(array('server' => array('Origin' => 'test'))); + $this->newsAPI = new NewsAPI($this->api, $this->request, $this->updater); + $response = $this->newsAPI->cors(); + + $headers = $response->getHeaders(); + + $this->assertEquals('test', $headers['Access-Control-Allow-Origin']); + } + + } diff --git a/tests/unit/middleware/CORSMiddlewareTest.php b/tests/unit/middleware/CORSMiddlewareTest.php index bccd79f1d..59d1cc415 100644 --- a/tests/unit/middleware/CORSMiddlewareTest.php +++ b/tests/unit/middleware/CORSMiddlewareTest.php @@ -24,9 +24,9 @@ namespace OCA\News\Middleware; +use OCA\AppFramework\Http\Request; use OCA\AppFramework\Http\Response; - require_once(__DIR__ . "/../../classloader.php"); @@ -37,18 +37,22 @@ class CORSMiddlewareTest extends \PHPUnit_Framework_TestCase { * @API */ public function testSetCORSAPIHeader() { - $middleware = new CORSMiddleware(); + $request = new Request( + array('server' => array('Origin' => 'test')) + ); + $middleware = new CORSMiddleware($request); $response = $middleware->afterController('\OCA\News\Middleware\CORSMiddlewareTest', 'testSetCORSAPIHeader', new Response()); $headers = $response->getHeaders(); - $this->assertEquals('*', $headers['Access-Control-Allow-Origin']); + $this->assertEquals('test', $headers['Access-Control-Allow-Origin']); } public function testNoAPINoCORSHEADER() { - $middleware = new CORSMiddleware(); + $request = new Request(); + $middleware = new CORSMiddleware($request); $response = $middleware->afterController('\OCA\News\Middleware\CORSMiddlewareTest', 'testNoAPINoCORSHEADER', new Response()); @@ -56,4 +60,18 @@ class CORSMiddlewareTest extends \PHPUnit_Framework_TestCase { $this->assertFalse(array_key_exists('Access-Control-Allow-Origin', $headers)); } + + /** + * @API + */ + public function testNoOriginHeaderNoCORSHEADER() { + $request = new Request(); + $middleware = new CORSMiddleware($request); + $response = $middleware->afterController('\OCA\News\Middleware\CORSMiddlewareTest', + 'testNoOriginHeaderNoCORSHEADER', + new Response()); + $headers = $response->getHeaders(); + $this->assertFalse(array_key_exists('Access-Control-Allow-Origin', $headers)); + } + } -- cgit v1.2.3