rack-cors 1.0.2 → 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (23) hide show
  1. checksums.yaml +5 -5
  2. data/.rubocop.yml +31 -0
  3. data/.travis.yml +10 -3
  4. data/{CHANGELOG → CHANGELOG.md} +39 -0
  5. data/Gemfile +3 -1
  6. data/README.md +67 -42
  7. data/Rakefile +5 -4
  8. data/lib/rack/cors/resource.rb +132 -0
  9. data/lib/rack/cors/resources/cors_misconfiguration_error.rb +14 -0
  10. data/lib/rack/cors/resources.rb +62 -0
  11. data/lib/rack/cors/result.rb +63 -0
  12. data/lib/rack/cors/version.rb +3 -1
  13. data/lib/rack/cors.rb +110 -345
  14. data/rack-cors.gemspec +20 -16
  15. data/test/.rubocop.yml +8 -0
  16. data/test/cors/test.cors.coffee +9 -2
  17. data/test/cors/test.cors.js +22 -10
  18. data/test/unit/cors_test.rb +209 -151
  19. data/test/unit/dsl_test.rb +30 -29
  20. data/test/unit/insecure.ru +2 -0
  21. data/test/unit/non_http.ru +2 -0
  22. data/test/unit/test.ru +25 -19
  23. metadata +81 -28
data/test/unit/dsl_test.rb CHANGED
@@ -1,69 +1,70 @@
1
+ # frozen_string_literal: true
2
+
1
3
  require 'rubygems'
2
4
  require 'minitest/autorun'
3
5
  require 'rack/cors'
4
6
 
5
-
6
7
  describe Rack::Cors, 'DSL' do
7
8
  it 'should support explicit config object dsl mode' do
8
- cors = Rack::Cors.new(Proc.new {}) do |cfg|
9
+ cors = Rack::Cors.new(proc {}) do |cfg|
9
10
  cfg.allow do |allow|
10
- allow.origins 'localhost:3000', '127.0.0.1:3000' do |source,env|
11
- source == "http://10.10.10.10:3000" &&
12
- env["USER_AGENT"] == "test-agent"
11
+ allow.origins 'localhost:3000', '127.0.0.1:3000' do |source, env|
12
+ source == 'http://10.10.10.10:3000' &&
13
+ env['USER_AGENT'] == 'test-agent'
13
14
  end
14
- allow.resource '/get-only', :methods => :get
15
- allow.resource '/', :headers => :any
15
+ allow.resource '/get-only', methods: :get
16
+ allow.resource '/', headers: :any
16
17
  end
17
18
  end
18
19
  resources = cors.send :all_resources
19
20
 
20
- resources.length.must_equal 1
21
- resources.first.allow_origin?('http://localhost:3000').must_equal true
22
- resources.first.allow_origin?('http://10.10.10.10:3000',{"USER_AGENT" => "test-agent" }).must_equal true
23
- resources.first.allow_origin?('http://10.10.10.10:3001',{"USER_AGENT" => "test-agent" }).wont_equal true
24
- resources.first.allow_origin?('http://10.10.10.10:3000',{"USER_AGENT" => "other-agent"}).wont_equal true
21
+ _(resources.length).must_equal 1
22
+ _(resources.first.allow_origin?('http://localhost:3000')).must_equal true
23
+ _(resources.first.allow_origin?('http://10.10.10.10:3000', { 'USER_AGENT' => 'test-agent' })).must_equal true
24
+ _(resources.first.allow_origin?('http://10.10.10.10:3001', { 'USER_AGENT' => 'test-agent' })).wont_equal true
25
+ _(resources.first.allow_origin?('http://10.10.10.10:3000', { 'USER_AGENT' => 'other-agent' })).wont_equal true
25
26
  end
26
27
 
27
28
  it 'should support implicit config object dsl mode' do
28
- cors = Rack::Cors.new(Proc.new {}) do
29
+ cors = Rack::Cors.new(proc {}) do
29
30
  allow do
30
- origins 'localhost:3000', '127.0.0.1:3000' do |source,env|
31
- source == "http://10.10.10.10:3000" &&
32
- env["USER_AGENT"] == "test-agent"
31
+ origins 'localhost:3000', '127.0.0.1:3000' do |source, env|
32
+ source == 'http://10.10.10.10:3000' &&
33
+ env['USER_AGENT'] == 'test-agent'
33
34
  end
34
- resource '/get-only', :methods => :get
35
- resource '/', :headers => :any
35
+ resource '/get-only', methods: :get
36
+ resource '/', headers: :any
36
37
  end
37
38
  end
38
39
  resources = cors.send :all_resources
39
40
 
40
- resources.length.must_equal 1
41
- resources.first.allow_origin?('http://localhost:3000').must_equal true
42
- resources.first.allow_origin?('http://10.10.10.10:3000',{"USER_AGENT" => "test-agent" }).must_equal true
43
- resources.first.allow_origin?('http://10.10.10.10:3001',{"USER_AGENT" => "test-agent" }).wont_equal true
44
- resources.first.allow_origin?('http://10.10.10.10:3000',{"USER_AGENT" => "other-agent"}).wont_equal true
41
+ _(resources.length).must_equal 1
42
+ _(resources.first.allow_origin?('http://localhost:3000')).must_equal true
43
+ _(resources.first.allow_origin?('http://10.10.10.10:3000', { 'USER_AGENT' => 'test-agent' })).must_equal true
44
+ _(resources.first.allow_origin?('http://10.10.10.10:3001', { 'USER_AGENT' => 'test-agent' })).wont_equal true
45
+ _(resources.first.allow_origin?('http://10.10.10.10:3000', { 'USER_AGENT' => 'other-agent' })).wont_equal true
45
46
  end
46
47
 
47
48
  it 'should support "file://" origin' do
48
- cors = Rack::Cors.new(Proc.new {}) do
49
+ cors = Rack::Cors.new(proc {}) do
49
50
  allow do
50
51
  origins 'file://'
51
- resource '/', :headers => :any
52
+ resource '/', headers: :any
52
53
  end
53
54
  end
54
55
  resources = cors.send :all_resources
55
56
 
56
- resources.first.allow_origin?('file://').must_equal true
57
+ _(resources.first.allow_origin?('file://')).must_equal true
57
58
  end
58
59
 
59
60
  it 'should default credentials option to false' do
60
- cors = Rack::Cors.new(Proc.new {}) do
61
+ cors = Rack::Cors.new(proc {}) do
61
62
  allow do
62
63
  origins 'example.net'
63
- resource '/', :headers => :any
64
+ resource '/', headers: :any
64
65
  end
65
66
  end
66
67
  resources = cors.send :all_resources
67
- resources.first.resources.first.credentials.must_equal false
68
+ _(resources.first.resources.first.credentials).must_equal false
68
69
  end
69
70
  end
data/test/unit/insecure.ru CHANGED
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  require 'rack/cors'
2
4
 
3
5
  use Rack::Cors do
data/test/unit/non_http.ru CHANGED
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  require 'rack/cors'
2
4
 
3
5
  use Rack::Cors do
data/test/unit/test.ru CHANGED
@@ -1,24 +1,29 @@
1
+ # frozen_string_literal: true
2
+
1
3
  require 'rack/cors'
2
4
 
3
- #use Rack::Cors, :debug => true, :logger => ::Logger.new(STDOUT) do
5
+ # use Rack::Cors, :debug => true, :logger => ::Logger.new(STDOUT) do
4
6
  use Rack::Lint
5
7
  use Rack::Cors do
6
8
  allow do
7
9
  origins 'localhost:3000',
8
10
  '127.0.0.1:3000',
9
- /http:\/\/192\.168\.0\.\d{1,3}(:\d+)?/,
11
+ %r{http://192\.168\.0\.\d{1,3}(:\d+)?},
10
12
  'file://',
11
- /http:\/\/(.*?)\.example\.com/
12
-
13
- resource '/get-only', :methods => :get
14
- resource '/', :headers => :any, :methods => :any
15
- resource '/options', :methods => :options
16
- resource '/single_header', :headers => 'x-domain-token'
17
- resource '/two_headers', :headers => %w{x-domain-token x-requested-with}
18
- resource '/expose_single_header', :expose => 'expose-test'
19
- resource '/expose_multiple_headers', :expose => %w{expose-test-1 expose-test-2}
20
- resource '/conditional', :methods => :get, :if => proc { |env| !!env['HTTP_X_OK'] }
21
- resource '/vary_test', :methods => :get, :vary => %w{ Origin Host }
13
+ %r{http://(.*?)\.example\.com},
14
+ 'custom-protocol://abcdefg'
15
+
16
+ resource '/get-only', methods: :get
17
+ resource '/', headers: :any, methods: :any
18
+ resource '/options', methods: :options
19
+ resource '/single_header', headers: 'x-domain-token'
20
+ resource '/two_headers', headers: %w[x-domain-token x-requested-with]
21
+ resource '/expose_single_header', expose: 'expose-test'
22
+ resource '/expose_multiple_headers', expose: %w[expose-test-1 expose-test-2]
23
+ resource '/conditional', methods: :get, if: proc { |env| !!env['HTTP_X_OK'] }
24
+ resource '/vary_test', methods: :get, vary: %w[Origin Host]
25
+ resource '/patch_test', methods: :patch
26
+ resource '/wildcard/*', methods: :any
22
27
  # resource '/file/at/*',
23
28
  # :methods => [:get, :post, :put, :delete],
24
29
  # :headers => :any,
@@ -26,31 +31,32 @@ use Rack::Cors do
26
31
  end
27
32
 
28
33
  allow do
29
- origins do |source,env|
30
- source.end_with?("10.10.10.10:3000")
34
+ origins do |source, _env|
35
+ source.end_with?('10.10.10.10:3000')
31
36
  end
32
37
  resource '/proc-origin'
33
38
  end
34
39
 
35
40
  allow do
36
- origins -> (source, env) { source.end_with?("10.10.10.10:3000") }
41
+ origins ->(source, _env) { source.end_with?('10.10.10.10:3000') }
37
42
  resource '/lambda-origin'
38
43
  end
39
44
 
40
45
  allow do
41
46
  origins '*'
42
47
  resource '/public'
43
- resource '/public_without_credentials', :credentials => false
48
+ resource '/public/*'
49
+ resource '/public_without_credentials', credentials: false
44
50
  end
45
51
 
46
52
  allow do
47
53
  origins 'mucho-grande.com'
48
- resource '/multi-allow-config', :max_age => 600
54
+ resource '/multi-allow-config', max_age: 600
49
55
  end
50
56
 
51
57
  allow do
52
58
  origins '*'
53
- resource '/multi-allow-config', :max_age => 300, :credentials => false
59
+ resource '/multi-allow-config', max_age: 300, credentials: false
54
60
  end
55
61
 
56
62
  allow do
metadata CHANGED
@@ -1,87 +1,134 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rack-cors
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.2
4
+ version: 2.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Calvin Yu
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2017-10-22 00:00:00.000000000 Z
11
+ date: 2023-02-14 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
- name: bundler
14
+ name: rack
15
15
  requirement: !ruby/object:Gem::Requirement
16
16
  requirements:
17
- - - "~>"
17
+ - - ">="
18
18
  - !ruby/object:Gem::Version
19
- version: '1.3'
20
- type: :development
19
+ version: 2.0.0
20
+ type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
- - - "~>"
24
+ - - ">="
25
25
  - !ruby/object:Gem::Version
26
- version: '1.3'
26
+ version: 2.0.0
27
27
  - !ruby/object:Gem::Dependency
28
- name: rake
28
+ name: bundler
29
29
  requirement: !ruby/object:Gem::Requirement
30
30
  requirements:
31
31
  - - ">="
32
32
  - !ruby/object:Gem::Version
33
- version: '0'
33
+ version: 1.16.0
34
+ - - "<"
35
+ - !ruby/object:Gem::Version
36
+ version: '3'
34
37
  type: :development
35
38
  prerelease: false
36
39
  version_requirements: !ruby/object:Gem::Requirement
37
40
  requirements:
38
41
  - - ">="
39
42
  - !ruby/object:Gem::Version
40
- version: '0'
43
+ version: 1.16.0
44
+ - - "<"
45
+ - !ruby/object:Gem::Version
46
+ version: '3'
41
47
  - !ruby/object:Gem::Dependency
42
48
  name: minitest
43
49
  requirement: !ruby/object:Gem::Requirement
44
50
  requirements:
45
- - - ">="
51
+ - - "~>"
46
52
  - !ruby/object:Gem::Version
47
- version: 5.3.0
53
+ version: 5.11.0
48
54
  type: :development
49
55
  prerelease: false
50
56
  version_requirements: !ruby/object:Gem::Requirement
51
57
  requirements:
52
- - - ">="
58
+ - - "~>"
53
59
  - !ruby/object:Gem::Version
54
- version: 5.3.0
60
+ version: 5.11.0
55
61
  - !ruby/object:Gem::Dependency
56
62
  name: mocha
57
63
  requirement: !ruby/object:Gem::Requirement
58
64
  requirements:
59
- - - ">="
65
+ - - "~>"
60
66
  - !ruby/object:Gem::Version
61
- version: 0.14.0
67
+ version: 1.6.0
62
68
  type: :development
63
69
  prerelease: false
64
70
  version_requirements: !ruby/object:Gem::Requirement
65
71
  requirements:
66
- - - ">="
72
+ - - "~>"
73
+ - !ruby/object:Gem::Version
74
+ version: 1.6.0
75
+ - !ruby/object:Gem::Dependency
76
+ name: pry
77
+ requirement: !ruby/object:Gem::Requirement
78
+ requirements:
79
+ - - "~>"
80
+ - !ruby/object:Gem::Version
81
+ version: '0.12'
82
+ type: :development
83
+ prerelease: false
84
+ version_requirements: !ruby/object:Gem::Requirement
85
+ requirements:
86
+ - - "~>"
67
87
  - !ruby/object:Gem::Version
68
- version: 0.14.0
88
+ version: '0.12'
69
89
  - !ruby/object:Gem::Dependency
70
90
  name: rack-test
71
91
  requirement: !ruby/object:Gem::Requirement
72
92
  requirements:
73
- - - ">="
93
+ - - "~>"
74
94
  - !ruby/object:Gem::Version
75
- version: '0'
95
+ version: 1.1.0
76
96
  type: :development
77
97
  prerelease: false
78
98
  version_requirements: !ruby/object:Gem::Requirement
79
99
  requirements:
80
- - - ">="
100
+ - - "~>"
101
+ - !ruby/object:Gem::Version
102
+ version: 1.1.0
103
+ - !ruby/object:Gem::Dependency
104
+ name: rake
105
+ requirement: !ruby/object:Gem::Requirement
106
+ requirements:
107
+ - - "~>"
108
+ - !ruby/object:Gem::Version
109
+ version: 12.3.0
110
+ type: :development
111
+ prerelease: false
112
+ version_requirements: !ruby/object:Gem::Requirement
113
+ requirements:
114
+ - - "~>"
115
+ - !ruby/object:Gem::Version
116
+ version: 12.3.0
117
+ - !ruby/object:Gem::Dependency
118
+ name: rubocop
119
+ requirement: !ruby/object:Gem::Requirement
120
+ requirements:
121
+ - - "~>"
122
+ - !ruby/object:Gem::Version
123
+ version: 0.80.1
124
+ type: :development
125
+ prerelease: false
126
+ version_requirements: !ruby/object:Gem::Requirement
127
+ requirements:
128
+ - - "~>"
81
129
  - !ruby/object:Gem::Version
82
- version: '0'
83
- description: 'Middleware that will make Rack-based apps CORS compatible. Read more
84
- here: http://blog.sourcebender.com/2010/06/09/introducin-rack-cors.html. Fork the
130
+ version: 0.80.1
131
+ description: 'Middleware that will make Rack-based apps CORS compatible. Fork the
85
132
  project here: https://github.com/cyu/rack-cors'
86
133
  email:
87
134
  - me@sourcebender.com
@@ -89,15 +136,21 @@ executables: []
89
136
  extensions: []
90
137
  extra_rdoc_files: []
91
138
  files:
139
+ - ".rubocop.yml"
92
140
  - ".travis.yml"
93
- - CHANGELOG
141
+ - CHANGELOG.md
94
142
  - Gemfile
95
143
  - LICENSE.txt
96
144
  - README.md
97
145
  - Rakefile
98
146
  - lib/rack/cors.rb
147
+ - lib/rack/cors/resource.rb
148
+ - lib/rack/cors/resources.rb
149
+ - lib/rack/cors/resources/cors_misconfiguration_error.rb
150
+ - lib/rack/cors/result.rb
99
151
  - lib/rack/cors/version.rb
100
152
  - rack-cors.gemspec
153
+ - test/.rubocop.yml
101
154
  - test/cors/expect.js
102
155
  - test/cors/mocha.css
103
156
  - test/cors/mocha.js
@@ -128,12 +181,12 @@ required_rubygems_version: !ruby/object:Gem::Requirement
128
181
  - !ruby/object:Gem::Version
129
182
  version: '0'
130
183
  requirements: []
131
- rubyforge_project:
132
- rubygems_version: 2.5.2
184
+ rubygems_version: 3.1.2
133
185
  signing_key:
134
186
  specification_version: 4
135
187
  summary: Middleware for enabling Cross-Origin Resource Sharing in Rack apps
136
188
  test_files:
189
+ - test/.rubocop.yml
137
190
  - test/cors/expect.js
138
191
  - test/cors/mocha.css
139
192
  - test/cors/mocha.js