rack-cors 1.0.5 → 2.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of rack-cors might be problematic. Click here for more details.

Files changed (24) hide show
  1. checksums.yaml +4 -4
  2. data/.github/workflows/ci.yaml +39 -0
  3. data/.rubocop.yml +31 -0
  4. data/CHANGELOG.md +26 -0
  5. data/Gemfile +2 -0
  6. data/README.md +56 -35
  7. data/Rakefile +5 -4
  8. data/lib/rack/cors/resource.rb +142 -0
  9. data/lib/rack/cors/resources/cors_misconfiguration_error.rb +14 -0
  10. data/lib/rack/cors/resources.rb +62 -0
  11. data/lib/rack/cors/result.rb +63 -0
  12. data/lib/rack/cors/version.rb +3 -1
  13. data/lib/rack/cors.rb +105 -346
  14. data/rack-cors.gemspec +20 -17
  15. data/test/.rubocop.yml +8 -0
  16. data/test/cors/test.cors.coffee +4 -2
  17. data/test/cors/test.cors.js +6 -2
  18. data/test/unit/cors_test.rb +174 -156
  19. data/test/unit/dsl_test.rb +30 -29
  20. data/test/unit/insecure.ru +2 -0
  21. data/test/unit/non_http.ru +2 -0
  22. data/test/unit/test.ru +24 -20
  23. metadata +52 -17
  24. data/.travis.yml +0 -8
data/test/unit/dsl_test.rb CHANGED
@@ -1,69 +1,70 @@
1
+ # frozen_string_literal: true
2
+
1
3
  require 'rubygems'
2
4
  require 'minitest/autorun'
3
5
  require 'rack/cors'
4
6
 
5
-
6
7
  describe Rack::Cors, 'DSL' do
7
8
  it 'should support explicit config object dsl mode' do
8
- cors = Rack::Cors.new(Proc.new {}) do |cfg|
9
+ cors = Rack::Cors.new(proc {}) do |cfg|
9
10
  cfg.allow do |allow|
10
- allow.origins 'localhost:3000', '127.0.0.1:3000' do |source,env|
11
- source == "http://10.10.10.10:3000" &&
12
- env["USER_AGENT"] == "test-agent"
11
+ allow.origins 'localhost:3000', '127.0.0.1:3000' do |source, env|
12
+ source == 'http://10.10.10.10:3000' &&
13
+ env['USER_AGENT'] == 'test-agent'
13
14
  end
14
- allow.resource '/get-only', :methods => :get
15
- allow.resource '/', :headers => :any
15
+ allow.resource '/get-only', methods: :get
16
+ allow.resource '/', headers: :any
16
17
  end
17
18
  end
18
19
  resources = cors.send :all_resources
19
20
 
20
- resources.length.must_equal 1
21
- resources.first.allow_origin?('http://localhost:3000').must_equal true
22
- resources.first.allow_origin?('http://10.10.10.10:3000',{"USER_AGENT" => "test-agent" }).must_equal true
23
- resources.first.allow_origin?('http://10.10.10.10:3001',{"USER_AGENT" => "test-agent" }).wont_equal true
24
- resources.first.allow_origin?('http://10.10.10.10:3000',{"USER_AGENT" => "other-agent"}).wont_equal true
21
+ _(resources.length).must_equal 1
22
+ _(resources.first.allow_origin?('http://localhost:3000')).must_equal true
23
+ _(resources.first.allow_origin?('http://10.10.10.10:3000', { 'USER_AGENT' => 'test-agent' })).must_equal true
24
+ _(resources.first.allow_origin?('http://10.10.10.10:3001', { 'USER_AGENT' => 'test-agent' })).wont_equal true
25
+ _(resources.first.allow_origin?('http://10.10.10.10:3000', { 'USER_AGENT' => 'other-agent' })).wont_equal true
25
26
  end
26
27
 
27
28
  it 'should support implicit config object dsl mode' do
28
- cors = Rack::Cors.new(Proc.new {}) do
29
+ cors = Rack::Cors.new(proc {}) do
29
30
  allow do
30
- origins 'localhost:3000', '127.0.0.1:3000' do |source,env|
31
- source == "http://10.10.10.10:3000" &&
32
- env["USER_AGENT"] == "test-agent"
31
+ origins 'localhost:3000', '127.0.0.1:3000' do |source, env|
32
+ source == 'http://10.10.10.10:3000' &&
33
+ env['USER_AGENT'] == 'test-agent'
33
34
  end
34
- resource '/get-only', :methods => :get
35
- resource '/', :headers => :any
35
+ resource '/get-only', methods: :get
36
+ resource '/', headers: :any
36
37
  end
37
38
  end
38
39
  resources = cors.send :all_resources
39
40
 
40
- resources.length.must_equal 1
41
- resources.first.allow_origin?('http://localhost:3000').must_equal true
42
- resources.first.allow_origin?('http://10.10.10.10:3000',{"USER_AGENT" => "test-agent" }).must_equal true
43
- resources.first.allow_origin?('http://10.10.10.10:3001',{"USER_AGENT" => "test-agent" }).wont_equal true
44
- resources.first.allow_origin?('http://10.10.10.10:3000',{"USER_AGENT" => "other-agent"}).wont_equal true
41
+ _(resources.length).must_equal 1
42
+ _(resources.first.allow_origin?('http://localhost:3000')).must_equal true
43
+ _(resources.first.allow_origin?('http://10.10.10.10:3000', { 'USER_AGENT' => 'test-agent' })).must_equal true
44
+ _(resources.first.allow_origin?('http://10.10.10.10:3001', { 'USER_AGENT' => 'test-agent' })).wont_equal true
45
+ _(resources.first.allow_origin?('http://10.10.10.10:3000', { 'USER_AGENT' => 'other-agent' })).wont_equal true
45
46
  end
46
47
 
47
48
  it 'should support "file://" origin' do
48
- cors = Rack::Cors.new(Proc.new {}) do
49
+ cors = Rack::Cors.new(proc {}) do
49
50
  allow do
50
51
  origins 'file://'
51
- resource '/', :headers => :any
52
+ resource '/', headers: :any
52
53
  end
53
54
  end
54
55
  resources = cors.send :all_resources
55
56
 
56
- resources.first.allow_origin?('file://').must_equal true
57
+ _(resources.first.allow_origin?('file://')).must_equal true
57
58
  end
58
59
 
59
60
  it 'should default credentials option to false' do
60
- cors = Rack::Cors.new(Proc.new {}) do
61
+ cors = Rack::Cors.new(proc {}) do
61
62
  allow do
62
63
  origins 'example.net'
63
- resource '/', :headers => :any
64
+ resource '/', headers: :any
64
65
  end
65
66
  end
66
67
  resources = cors.send :all_resources
67
- resources.first.resources.first.credentials.must_equal false
68
+ _(resources.first.resources.first.credentials).must_equal false
68
69
  end
69
70
  end
data/test/unit/insecure.ru CHANGED
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  require 'rack/cors'
2
4
 
3
5
  use Rack::Cors do
data/test/unit/non_http.ru CHANGED
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  require 'rack/cors'
2
4
 
3
5
  use Rack::Cors do
data/test/unit/test.ru CHANGED
@@ -1,25 +1,29 @@
1
+ # frozen_string_literal: true
2
+
1
3
  require 'rack/cors'
2
4
 
3
- #use Rack::Cors, :debug => true, :logger => ::Logger.new(STDOUT) do
5
+ # use Rack::Cors, :debug => true, :logger => ::Logger.new(STDOUT) do
4
6
  use Rack::Lint
5
7
  use Rack::Cors do
6
8
  allow do
7
9
  origins 'localhost:3000',
8
10
  '127.0.0.1:3000',
9
- /http:\/\/192\.168\.0\.\d{1,3}(:\d+)?/,
11
+ %r{http://192\.168\.0\.\d{1,3}(:\d+)?},
10
12
  'file://',
11
- /http:\/\/(.*?)\.example\.com/
12
-
13
- resource '/get-only', :methods => :get
14
- resource '/', :headers => :any, :methods => :any
15
- resource '/options', :methods => :options
16
- resource '/single_header', :headers => 'x-domain-token'
17
- resource '/two_headers', :headers => %w{x-domain-token x-requested-with}
18
- resource '/expose_single_header', :expose => 'expose-test'
19
- resource '/expose_multiple_headers', :expose => %w{expose-test-1 expose-test-2}
20
- resource '/conditional', :methods => :get, :if => proc { |env| !!env['HTTP_X_OK'] }
21
- resource '/vary_test', :methods => :get, :vary => %w{ Origin Host }
22
- resource '/patch_test', :methods => :patch
13
+ %r{http://(.*?)\.example\.com},
14
+ 'custom-protocol://abcdefg'
15
+
16
+ resource '/get-only', methods: :get
17
+ resource '/', headers: :any, methods: :any
18
+ resource '/options', methods: :options
19
+ resource '/single_header', headers: 'x-domain-token'
20
+ resource '/two_headers', headers: %w[x-domain-token x-requested-with]
21
+ resource '/expose_single_header', expose: 'expose-test'
22
+ resource '/expose_multiple_headers', expose: %w[expose-test-1 expose-test-2]
23
+ resource '/conditional', methods: :get, if: proc { |env| !!env['HTTP_X_OK'] }
24
+ resource '/vary_test', methods: :get, vary: %w[Origin Host]
25
+ resource '/patch_test', methods: :patch
26
+ resource '/wildcard/*', methods: :any
23
27
  # resource '/file/at/*',
24
28
  # :methods => [:get, :post, :put, :delete],
25
29
  # :headers => :any,
@@ -27,14 +31,14 @@ use Rack::Cors do
27
31
  end
28
32
 
29
33
  allow do
30
- origins do |source,env|
31
- source.end_with?("10.10.10.10:3000")
34
+ origins do |source, _env|
35
+ source.end_with?('10.10.10.10:3000')
32
36
  end
33
37
  resource '/proc-origin'
34
38
  end
35
39
 
36
40
  allow do
37
- origins -> (source, env) { source.end_with?("10.10.10.10:3000") }
41
+ origins ->(source, _env) { source.end_with?('10.10.10.10:3000') }
38
42
  resource '/lambda-origin'
39
43
  end
40
44
 
@@ -42,17 +46,17 @@ use Rack::Cors do
42
46
  origins '*'
43
47
  resource '/public'
44
48
  resource '/public/*'
45
- resource '/public_without_credentials', :credentials => false
49
+ resource '/public_without_credentials', credentials: false
46
50
  end
47
51
 
48
52
  allow do
49
53
  origins 'mucho-grande.com'
50
- resource '/multi-allow-config', :max_age => 600
54
+ resource '/multi-allow-config', max_age: 600
51
55
  end
52
56
 
53
57
  allow do
54
58
  origins '*'
55
- resource '/multi-allow-config', :max_age => 300, :credentials => false
59
+ resource '/multi-allow-config', max_age: 300, credentials: false
56
60
  end
57
61
 
58
62
  allow do
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rack-cors
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.5
4
+ version: 2.0.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Calvin Yu
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-11-14 00:00:00.000000000 Z
11
+ date: 2023-03-17 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rack
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - ">="
18
18
  - !ruby/object:Gem::Version
19
- version: 1.6.0
19
+ version: 2.0.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - ">="
25
25
  - !ruby/object:Gem::Version
26
- version: 1.6.0
26
+ version: 2.0.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: bundler
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -45,61 +45,89 @@ dependencies:
45
45
  - !ruby/object:Gem::Version
46
46
  version: '3'
47
47
  - !ruby/object:Gem::Dependency
48
- name: rake
48
+ name: minitest
49
49
  requirement: !ruby/object:Gem::Requirement
50
50
  requirements:
51
51
  - - "~>"
52
52
  - !ruby/object:Gem::Version
53
- version: 12.3.0
53
+ version: 5.11.0
54
54
  type: :development
55
55
  prerelease: false
56
56
  version_requirements: !ruby/object:Gem::Requirement
57
57
  requirements:
58
58
  - - "~>"
59
59
  - !ruby/object:Gem::Version
60
- version: 12.3.0
60
+ version: 5.11.0
61
61
  - !ruby/object:Gem::Dependency
62
- name: minitest
62
+ name: mocha
63
63
  requirement: !ruby/object:Gem::Requirement
64
64
  requirements:
65
65
  - - "~>"
66
66
  - !ruby/object:Gem::Version
67
- version: 5.11.0
67
+ version: 1.6.0
68
68
  type: :development
69
69
  prerelease: false
70
70
  version_requirements: !ruby/object:Gem::Requirement
71
71
  requirements:
72
72
  - - "~>"
73
73
  - !ruby/object:Gem::Version
74
- version: 5.11.0
74
+ version: 1.6.0
75
75
  - !ruby/object:Gem::Dependency
76
- name: mocha
76
+ name: pry
77
77
  requirement: !ruby/object:Gem::Requirement
78
78
  requirements:
79
79
  - - "~>"
80
80
  - !ruby/object:Gem::Version
81
- version: 1.6.0
81
+ version: '0.12'
82
82
  type: :development
83
83
  prerelease: false
84
84
  version_requirements: !ruby/object:Gem::Requirement
85
85
  requirements:
86
86
  - - "~>"
87
87
  - !ruby/object:Gem::Version
88
- version: 1.6.0
88
+ version: '0.12'
89
89
  - !ruby/object:Gem::Dependency
90
90
  name: rack-test
91
91
  requirement: !ruby/object:Gem::Requirement
92
92
  requirements:
93
- - - "~>"
93
+ - - ">="
94
94
  - !ruby/object:Gem::Version
95
95
  version: 1.1.0
96
96
  type: :development
97
97
  prerelease: false
98
98
  version_requirements: !ruby/object:Gem::Requirement
99
99
  requirements:
100
- - - "~>"
100
+ - - ">="
101
101
  - !ruby/object:Gem::Version
102
102
  version: 1.1.0
103
+ - !ruby/object:Gem::Dependency
104
+ name: rake
105
+ requirement: !ruby/object:Gem::Requirement
106
+ requirements:
107
+ - - "~>"
108
+ - !ruby/object:Gem::Version
109
+ version: 12.3.0
110
+ type: :development
111
+ prerelease: false
112
+ version_requirements: !ruby/object:Gem::Requirement
113
+ requirements:
114
+ - - "~>"
115
+ - !ruby/object:Gem::Version
116
+ version: 12.3.0
117
+ - !ruby/object:Gem::Dependency
118
+ name: rubocop
119
+ requirement: !ruby/object:Gem::Requirement
120
+ requirements:
121
+ - - "~>"
122
+ - !ruby/object:Gem::Version
123
+ version: 0.80.1
124
+ type: :development
125
+ prerelease: false
126
+ version_requirements: !ruby/object:Gem::Requirement
127
+ requirements:
128
+ - - "~>"
129
+ - !ruby/object:Gem::Version
130
+ version: 0.80.1
103
131
  description: 'Middleware that will make Rack-based apps CORS compatible. Fork the
104
132
  project here: https://github.com/cyu/rack-cors'
105
133
  email:
@@ -108,15 +136,21 @@ executables: []
108
136
  extensions: []
109
137
  extra_rdoc_files: []
110
138
  files:
111
- - ".travis.yml"
139
+ - ".github/workflows/ci.yaml"
140
+ - ".rubocop.yml"
112
141
  - CHANGELOG.md
113
142
  - Gemfile
114
143
  - LICENSE.txt
115
144
  - README.md
116
145
  - Rakefile
117
146
  - lib/rack/cors.rb
147
+ - lib/rack/cors/resource.rb
148
+ - lib/rack/cors/resources.rb
149
+ - lib/rack/cors/resources/cors_misconfiguration_error.rb
150
+ - lib/rack/cors/result.rb
118
151
  - lib/rack/cors/version.rb
119
152
  - rack-cors.gemspec
153
+ - test/.rubocop.yml
120
154
  - test/cors/expect.js
121
155
  - test/cors/mocha.css
122
156
  - test/cors/mocha.js
@@ -147,11 +181,12 @@ required_rubygems_version: !ruby/object:Gem::Requirement
147
181
  - !ruby/object:Gem::Version
148
182
  version: '0'
149
183
  requirements: []
150
- rubygems_version: 3.0.6
184
+ rubygems_version: 3.3.26
151
185
  signing_key:
152
186
  specification_version: 4
153
187
  summary: Middleware for enabling Cross-Origin Resource Sharing in Rack apps
154
188
  test_files:
189
+ - test/.rubocop.yml
155
190
  - test/cors/expect.js
156
191
  - test/cors/mocha.css
157
192
  - test/cors/mocha.js
data/.travis.yml DELETED
@@ -1,8 +0,0 @@
1
- language: ruby
2
- sudo: false
3
- rvm:
4
- - 2.2
5
- - 2.3
6
- - 2.4
7
- - 2.5
8
- - 2.6