rack-cors 0.2.9 → 1.0.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (17) hide show
  1. checksums.yaml +5 -13
  2. data/.travis.yml +8 -0
  3. data/CHANGELOG.md +73 -0
  4. data/Gemfile +2 -0
  5. data/README.md +139 -0
  6. data/lib/rack/cors.rb +285 -74
  7. data/lib/rack/cors/version.rb +1 -1
  8. data/rack-cors.gemspec +8 -7
  9. data/test/cors/test.cors.coffee +26 -2
  10. data/test/cors/test.cors.js +45 -4
  11. data/test/unit/cors_test.rb +422 -95
  12. data/test/unit/dsl_test.rb +28 -17
  13. data/test/unit/insecure.ru +8 -0
  14. data/test/unit/non_http.ru +8 -0
  15. data/test/unit/test.ru +20 -5
  16. metadata +56 -32
  17. data/README.rdoc +0 -66
data/test/unit/dsl_test.rb CHANGED
@@ -1,11 +1,10 @@
1
1
  require 'rubygems'
2
- require 'test/unit'
2
+ require 'minitest/autorun'
3
3
  require 'rack/cors'
4
- require 'shoulda'
5
4
 
6
5
 
7
- class DSLTest < Test::Unit::TestCase
8
- should 'support explicit config object dsl mode' do
6
+ describe Rack::Cors, 'DSL' do
7
+ it 'should support explicit config object dsl mode' do
9
8
  cors = Rack::Cors.new(Proc.new {}) do |cfg|
10
9
  cfg.allow do |allow|
11
10
  allow.origins 'localhost:3000', '127.0.0.1:3000' do |source,env|
@@ -17,15 +16,15 @@ class DSLTest < Test::Unit::TestCase
17
16
  end
18
17
  end
19
18
  resources = cors.send :all_resources
20
- assert_equal 1, resources.length
21
- assert resources.first.allow_origin?('http://localhost:3000')
22
19
 
23
- assert resources.first.allow_origin?('http://10.10.10.10:3000',{"USER_AGENT" => "test-agent" })
24
- assert !resources.first.allow_origin?('http://10.10.10.10:3001',{"USER_AGENT" => "test-agent" })
25
- assert !resources.first.allow_origin?('http://10.10.10.10:3000',{"USER_AGENT" => "other-agent"})
20
+ resources.length.must_equal 1
21
+ resources.first.allow_origin?('http://localhost:3000').must_equal true
22
+ resources.first.allow_origin?('http://10.10.10.10:3000',{"USER_AGENT" => "test-agent" }).must_equal true
23
+ resources.first.allow_origin?('http://10.10.10.10:3001',{"USER_AGENT" => "test-agent" }).wont_equal true
24
+ resources.first.allow_origin?('http://10.10.10.10:3000',{"USER_AGENT" => "other-agent"}).wont_equal true
26
25
  end
27
26
 
28
- should 'support implicit config object dsl mode' do
27
+ it 'should support implicit config object dsl mode' do
29
28
  cors = Rack::Cors.new(Proc.new {}) do
30
29
  allow do
31
30
  origins 'localhost:3000', '127.0.0.1:3000' do |source,env|
@@ -37,15 +36,15 @@ class DSLTest < Test::Unit::TestCase
37
36
  end
38
37
  end
39
38
  resources = cors.send :all_resources
40
- assert_equal 1, resources.length
41
- assert resources.first.allow_origin?('http://localhost:3000')
42
39
 
43
- assert resources.first.allow_origin?('http://10.10.10.10:3000',{"USER_AGENT" => "test-agent" })
44
- assert !resources.first.allow_origin?('http://10.10.10.10:3001',{"USER_AGENT" => "test-agent" })
45
- assert !resources.first.allow_origin?('http://10.10.10.10:3000',{"USER_AGENT" => "other-agent"})
40
+ resources.length.must_equal 1
41
+ resources.first.allow_origin?('http://localhost:3000').must_equal true
42
+ resources.first.allow_origin?('http://10.10.10.10:3000',{"USER_AGENT" => "test-agent" }).must_equal true
43
+ resources.first.allow_origin?('http://10.10.10.10:3001',{"USER_AGENT" => "test-agent" }).wont_equal true
44
+ resources.first.allow_origin?('http://10.10.10.10:3000',{"USER_AGENT" => "other-agent"}).wont_equal true
46
45
  end
47
46
 
48
- should 'support "file://" origin' do
47
+ it 'should support "file://" origin' do
49
48
  cors = Rack::Cors.new(Proc.new {}) do
50
49
  allow do
51
50
  origins 'file://'
@@ -53,6 +52,18 @@ class DSLTest < Test::Unit::TestCase
53
52
  end
54
53
  end
55
54
  resources = cors.send :all_resources
56
- assert resources.first.allow_origin?('file://')
55
+
56
+ resources.first.allow_origin?('file://').must_equal true
57
+ end
58
+
59
+ it 'should default credentials option to false' do
60
+ cors = Rack::Cors.new(Proc.new {}) do
61
+ allow do
62
+ origins 'example.net'
63
+ resource '/', :headers => :any
64
+ end
65
+ end
66
+ resources = cors.send :all_resources
67
+ resources.first.resources.first.credentials.must_equal false
57
68
  end
58
69
  end
data/test/unit/insecure.ru ADDED
@@ -0,0 +1,8 @@
1
+ require 'rack/cors'
2
+
3
+ use Rack::Cors do
4
+ allow do
5
+ origins '*'
6
+ resource '/public', credentials: true
7
+ end
8
+ end
data/test/unit/non_http.ru ADDED
@@ -0,0 +1,8 @@
1
+ require 'rack/cors'
2
+
3
+ use Rack::Cors do
4
+ allow do
5
+ origins 'com.company.app'
6
+ resource '/public'
7
+ end
8
+ end
data/test/unit/test.ru CHANGED
@@ -1,17 +1,25 @@
1
1
  require 'rack/cors'
2
2
 
3
3
  #use Rack::Cors, :debug => true, :logger => ::Logger.new(STDOUT) do
4
+ use Rack::Lint
4
5
  use Rack::Cors do
5
6
  allow do
6
- origins 'localhost:3000', '127.0.0.1:3000', /http:\/\/192\.168\.0\.\d{1,3}(:\d+)?/, 'file://'
7
+ origins 'localhost:3000',
8
+ '127.0.0.1:3000',
9
+ /http:\/\/192\.168\.0\.\d{1,3}(:\d+)?/,
10
+ 'file://',
11
+ /http:\/\/(.*?)\.example\.com/
7
12
 
8
13
  resource '/get-only', :methods => :get
9
- resource '/', :headers => :any
14
+ resource '/', :headers => :any, :methods => :any
10
15
  resource '/options', :methods => :options
11
16
  resource '/single_header', :headers => 'x-domain-token'
12
17
  resource '/two_headers', :headers => %w{x-domain-token x-requested-with}
13
18
  resource '/expose_single_header', :expose => 'expose-test'
14
19
  resource '/expose_multiple_headers', :expose => %w{expose-test-1 expose-test-2}
20
+ resource '/conditional', :methods => :get, :if => proc { |env| !!env['HTTP_X_OK'] }
21
+ resource '/vary_test', :methods => :get, :vary => %w{ Origin Host }
22
+ resource '/patch_test', :methods => :patch
15
23
  # resource '/file/at/*',
16
24
  # :methods => [:get, :post, :put, :delete],
17
25
  # :headers => :any,
@@ -25,9 +33,15 @@ use Rack::Cors do
25
33
  resource '/proc-origin'
26
34
  end
27
35
 
36
+ allow do
37
+ origins -> (source, env) { source.end_with?("10.10.10.10:3000") }
38
+ resource '/lambda-origin'
39
+ end
40
+
28
41
  allow do
29
42
  origins '*'
30
43
  resource '/public'
44
+ resource '/public/*'
31
45
  resource '/public_without_credentials', :credentials => false
32
46
  end
33
47
 
@@ -40,8 +54,9 @@ use Rack::Cors do
40
54
  origins '*'
41
55
  resource '/multi-allow-config', :max_age => 300, :credentials => false
42
56
  end
43
- end
44
57
 
45
- map '/' do
46
- run Proc.new { |env| [200, {'Content-Type' => 'text/html'}, ['success']] }
58
+ allow do
59
+ origins ''
60
+ resource '/blank-origin'
61
+ end
47
62
  end
metadata CHANGED
@@ -1,97 +1,118 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rack-cors
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.9
4
+ version: 1.0.5
5
5
  platform: ruby
6
6
  authors:
7
7
  - Calvin Yu
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2013-11-12 00:00:00.000000000 Z
11
+ date: 2019-11-14 00:00:00.000000000 Z
12
12
  dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: rack
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - ">="
18
+ - !ruby/object:Gem::Version
19
+ version: 1.6.0
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - ">="
25
+ - !ruby/object:Gem::Version
26
+ version: 1.6.0
13
27
  - !ruby/object:Gem::Dependency
14
28
  name: bundler
15
29
  requirement: !ruby/object:Gem::Requirement
16
30
  requirements:
17
- - - ~>
31
+ - - ">="
18
32
  - !ruby/object:Gem::Version
19
- version: '1.3'
33
+ version: 1.16.0
34
+ - - "<"
35
+ - !ruby/object:Gem::Version
36
+ version: '3'
20
37
  type: :development
21
38
  prerelease: false
22
39
  version_requirements: !ruby/object:Gem::Requirement
23
40
  requirements:
24
- - - ~>
41
+ - - ">="
42
+ - !ruby/object:Gem::Version
43
+ version: 1.16.0
44
+ - - "<"
25
45
  - !ruby/object:Gem::Version
26
- version: '1.3'
46
+ version: '3'
27
47
  - !ruby/object:Gem::Dependency
28
48
  name: rake
29
49
  requirement: !ruby/object:Gem::Requirement
30
50
  requirements:
31
- - - ! '>='
51
+ - - "~>"
32
52
  - !ruby/object:Gem::Version
33
- version: '0'
53
+ version: 12.3.0
34
54
  type: :development
35
55
  prerelease: false
36
56
  version_requirements: !ruby/object:Gem::Requirement
37
57
  requirements:
38
- - - ! '>='
58
+ - - "~>"
39
59
  - !ruby/object:Gem::Version
40
- version: '0'
60
+ version: 12.3.0
41
61
  - !ruby/object:Gem::Dependency
42
- name: shoulda
62
+ name: minitest
43
63
  requirement: !ruby/object:Gem::Requirement
44
64
  requirements:
45
- - - ! '>='
65
+ - - "~>"
46
66
  - !ruby/object:Gem::Version
47
- version: '0'
67
+ version: 5.11.0
48
68
  type: :development
49
69
  prerelease: false
50
70
  version_requirements: !ruby/object:Gem::Requirement
51
71
  requirements:
52
- - - ! '>='
72
+ - - "~>"
53
73
  - !ruby/object:Gem::Version
54
- version: '0'
74
+ version: 5.11.0
55
75
  - !ruby/object:Gem::Dependency
56
76
  name: mocha
57
77
  requirement: !ruby/object:Gem::Requirement
58
78
  requirements:
59
- - - ! '>='
79
+ - - "~>"
60
80
  - !ruby/object:Gem::Version
61
- version: 0.14.0
81
+ version: 1.6.0
62
82
  type: :development
63
83
  prerelease: false
64
84
  version_requirements: !ruby/object:Gem::Requirement
65
85
  requirements:
66
- - - ! '>='
86
+ - - "~>"
67
87
  - !ruby/object:Gem::Version
68
- version: 0.14.0
88
+ version: 1.6.0
69
89
  - !ruby/object:Gem::Dependency
70
90
  name: rack-test
71
91
  requirement: !ruby/object:Gem::Requirement
72
92
  requirements:
73
- - - ! '>='
93
+ - - "~>"
74
94
  - !ruby/object:Gem::Version
75
- version: '0'
95
+ version: 1.1.0
76
96
  type: :development
77
97
  prerelease: false
78
98
  version_requirements: !ruby/object:Gem::Requirement
79
99
  requirements:
80
- - - ! '>='
100
+ - - "~>"
81
101
  - !ruby/object:Gem::Version
82
- version: '0'
83
- description: ! 'Middleware that will make Rack-based apps CORS compatible. Read more
84
- here: http://blog.sourcebender.com/2010/06/09/introducin-rack-cors.html. Fork the
85
- project here: http://github.com/cyu/rack-cors'
102
+ version: 1.1.0
103
+ description: 'Middleware that will make Rack-based apps CORS compatible. Fork the
104
+ project here: https://github.com/cyu/rack-cors'
86
105
  email:
87
106
  - me@sourcebender.com
88
107
  executables: []
89
108
  extensions: []
90
109
  extra_rdoc_files: []
91
110
  files:
111
+ - ".travis.yml"
112
+ - CHANGELOG.md
92
113
  - Gemfile
93
114
  - LICENSE.txt
94
- - README.rdoc
115
+ - README.md
95
116
  - Rakefile
96
117
  - lib/rack/cors.rb
97
118
  - lib/rack/cors/version.rb
@@ -104,8 +125,10 @@ files:
104
125
  - test/cors/test.cors.js
105
126
  - test/unit/cors_test.rb
106
127
  - test/unit/dsl_test.rb
128
+ - test/unit/insecure.ru
129
+ - test/unit/non_http.ru
107
130
  - test/unit/test.ru
108
- homepage: http://github.com/cyu/rack-cors
131
+ homepage: https://github.com/cyu/rack-cors
109
132
  licenses:
110
133
  - MIT
111
134
  metadata: {}
@@ -115,17 +138,16 @@ require_paths:
115
138
  - lib
116
139
  required_ruby_version: !ruby/object:Gem::Requirement
117
140
  requirements:
118
- - - ! '>='
141
+ - - ">="
119
142
  - !ruby/object:Gem::Version
120
143
  version: '0'
121
144
  required_rubygems_version: !ruby/object:Gem::Requirement
122
145
  requirements:
123
- - - ! '>='
146
+ - - ">="
124
147
  - !ruby/object:Gem::Version
125
148
  version: '0'
126
149
  requirements: []
127
- rubyforge_project:
128
- rubygems_version: 2.1.9
150
+ rubygems_version: 3.0.6
129
151
  signing_key:
130
152
  specification_version: 4
131
153
  summary: Middleware for enabling Cross-Origin Resource Sharing in Rack apps
@@ -138,4 +160,6 @@ test_files:
138
160
  - test/cors/test.cors.js
139
161
  - test/unit/cors_test.rb
140
162
  - test/unit/dsl_test.rb
163
+ - test/unit/insecure.ru
164
+ - test/unit/non_http.ru
141
165
  - test/unit/test.ru
data/README.rdoc DELETED
@@ -1,66 +0,0 @@
1
- = Rack CORS Middleware
2
-
3
- Rack::Cors provides support for Cross-Origin Resource Sharing (CORS) for Rack compatible web applications. The CORS spec allows web applications to make cross domain AJAX calls without
4
- using workarounds such as JSONP. For a thorough write up on CORS, see this blog post:
5
-
6
- http://www.nczonline.net/blog/2010/05/25/cross-domain-ajax-with-cross-origin-resource-sharing/
7
-
8
- Or for all the gory details, you can read the spec here:
9
-
10
- http://www.w3.org/TR/access-control/#simple-cross-origin-request-and-actual-r
11
-
12
-
13
- Install the gem:
14
-
15
- gem install rack-cors
16
-
17
- In your Gemfile:
18
-
19
- gem 'rack-cors', :require => 'rack/cors'
20
-
21
-
22
- == Configuration
23
-
24
- You configure Rack::Cors by passing a block to the <tt>use</tt> command:
25
-
26
- use Rack::Cors do
27
- allow do
28
- origins 'localhost:3000', '127.0.0.1:3000',
29
- /http:\/\/192\.168\.0\.\d{1,3}(:\d+)?/
30
- # regular expressions can be used here
31
-
32
- resource '/file/list_all/', :headers => 'x-domain-token'
33
- resource '/file/at/*',
34
- :methods => [:get, :post, :put, :delete, :options],
35
- :headers => 'x-domain-token',
36
- :expose => ['Some-Custom-Response-Header'],
37
- :max_age => 600
38
- # headers to expose
39
- end
40
-
41
- allow do
42
- origins '*'
43
- resource '/public/*', :headers => :any, :methods => :get
44
- end
45
- end
46
-
47
- Put your code in "config/application.rb" on your rails application. For example, this will allow
48
- from any origins on any resource of your application, methods :get, :post and :options.
49
-
50
- module YourApp
51
- class Application < Rails::Application
52
-
53
- # ...
54
-
55
- config.middleware.use Rack::Cors do
56
- allow do
57
- origins '*'
58
- resource '*', :headers => :any, :methods => [:get, :post, :options]
59
- end
60
- end
61
-
62
- end
63
- end
64
-
65
- See http://guides.rubyonrails.org/rails_on_rack.html for more details on rack middlewares or
66
- http://railscasts.com/episodes/151-rack-middleware.