rack-cors 1.1.1 → 2.0.0.rc1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (23) hide show
  1. checksums.yaml +4 -4
  2. data/.rubocop.yml +31 -0
  3. data/.travis.yml +6 -1
  4. data/CHANGELOG.md +6 -0
  5. data/Gemfile +2 -0
  6. data/README.md +43 -33
  7. data/Rakefile +5 -4
  8. data/lib/rack/cors/resource.rb +132 -0
  9. data/lib/rack/cors/resources/cors_misconfiguration_error.rb +14 -0
  10. data/lib/rack/cors/resources.rb +62 -0
  11. data/lib/rack/cors/result.rb +63 -0
  12. data/lib/rack/cors/version.rb +3 -1
  13. data/lib/rack/cors.rb +101 -354
  14. data/rack-cors.gemspec +20 -17
  15. data/test/.rubocop.yml +8 -0
  16. data/test/cors/test.cors.coffee +4 -2
  17. data/test/cors/test.cors.js +6 -2
  18. data/test/unit/cors_test.rb +164 -158
  19. data/test/unit/dsl_test.rb +30 -29
  20. data/test/unit/insecure.ru +2 -0
  21. data/test/unit/non_http.ru +2 -0
  22. data/test/unit/test.ru +24 -21
  23. metadata +49 -14
data/test/unit/dsl_test.rb CHANGED
@@ -1,69 +1,70 @@
1
+ # frozen_string_literal: true
2
+
1
3
  require 'rubygems'
2
4
  require 'minitest/autorun'
3
5
  require 'rack/cors'
4
6
 
5
-
6
7
  describe Rack::Cors, 'DSL' do
7
8
  it 'should support explicit config object dsl mode' do
8
- cors = Rack::Cors.new(Proc.new {}) do |cfg|
9
+ cors = Rack::Cors.new(proc {}) do |cfg|
9
10
  cfg.allow do |allow|
10
- allow.origins 'localhost:3000', '127.0.0.1:3000' do |source,env|
11
- source == "http://10.10.10.10:3000" &&
12
- env["USER_AGENT"] == "test-agent"
11
+ allow.origins 'localhost:3000', '127.0.0.1:3000' do |source, env|
12
+ source == 'http://10.10.10.10:3000' &&
13
+ env['USER_AGENT'] == 'test-agent'
13
14
  end
14
- allow.resource '/get-only', :methods => :get
15
- allow.resource '/', :headers => :any
15
+ allow.resource '/get-only', methods: :get
16
+ allow.resource '/', headers: :any
16
17
  end
17
18
  end
18
19
  resources = cors.send :all_resources
19
20
 
20
- resources.length.must_equal 1
21
- resources.first.allow_origin?('http://localhost:3000').must_equal true
22
- resources.first.allow_origin?('http://10.10.10.10:3000',{"USER_AGENT" => "test-agent" }).must_equal true
23
- resources.first.allow_origin?('http://10.10.10.10:3001',{"USER_AGENT" => "test-agent" }).wont_equal true
24
- resources.first.allow_origin?('http://10.10.10.10:3000',{"USER_AGENT" => "other-agent"}).wont_equal true
21
+ _(resources.length).must_equal 1
22
+ _(resources.first.allow_origin?('http://localhost:3000')).must_equal true
23
+ _(resources.first.allow_origin?('http://10.10.10.10:3000', { 'USER_AGENT' => 'test-agent' })).must_equal true
24
+ _(resources.first.allow_origin?('http://10.10.10.10:3001', { 'USER_AGENT' => 'test-agent' })).wont_equal true
25
+ _(resources.first.allow_origin?('http://10.10.10.10:3000', { 'USER_AGENT' => 'other-agent' })).wont_equal true
25
26
  end
26
27
 
27
28
  it 'should support implicit config object dsl mode' do
28
- cors = Rack::Cors.new(Proc.new {}) do
29
+ cors = Rack::Cors.new(proc {}) do
29
30
  allow do
30
- origins 'localhost:3000', '127.0.0.1:3000' do |source,env|
31
- source == "http://10.10.10.10:3000" &&
32
- env["USER_AGENT"] == "test-agent"
31
+ origins 'localhost:3000', '127.0.0.1:3000' do |source, env|
32
+ source == 'http://10.10.10.10:3000' &&
33
+ env['USER_AGENT'] == 'test-agent'
33
34
  end
34
- resource '/get-only', :methods => :get
35
- resource '/', :headers => :any
35
+ resource '/get-only', methods: :get
36
+ resource '/', headers: :any
36
37
  end
37
38
  end
38
39
  resources = cors.send :all_resources
39
40
 
40
- resources.length.must_equal 1
41
- resources.first.allow_origin?('http://localhost:3000').must_equal true
42
- resources.first.allow_origin?('http://10.10.10.10:3000',{"USER_AGENT" => "test-agent" }).must_equal true
43
- resources.first.allow_origin?('http://10.10.10.10:3001',{"USER_AGENT" => "test-agent" }).wont_equal true
44
- resources.first.allow_origin?('http://10.10.10.10:3000',{"USER_AGENT" => "other-agent"}).wont_equal true
41
+ _(resources.length).must_equal 1
42
+ _(resources.first.allow_origin?('http://localhost:3000')).must_equal true
43
+ _(resources.first.allow_origin?('http://10.10.10.10:3000', { 'USER_AGENT' => 'test-agent' })).must_equal true
44
+ _(resources.first.allow_origin?('http://10.10.10.10:3001', { 'USER_AGENT' => 'test-agent' })).wont_equal true
45
+ _(resources.first.allow_origin?('http://10.10.10.10:3000', { 'USER_AGENT' => 'other-agent' })).wont_equal true
45
46
  end
46
47
 
47
48
  it 'should support "file://" origin' do
48
- cors = Rack::Cors.new(Proc.new {}) do
49
+ cors = Rack::Cors.new(proc {}) do
49
50
  allow do
50
51
  origins 'file://'
51
- resource '/', :headers => :any
52
+ resource '/', headers: :any
52
53
  end
53
54
  end
54
55
  resources = cors.send :all_resources
55
56
 
56
- resources.first.allow_origin?('file://').must_equal true
57
+ _(resources.first.allow_origin?('file://')).must_equal true
57
58
  end
58
59
 
59
60
  it 'should default credentials option to false' do
60
- cors = Rack::Cors.new(Proc.new {}) do
61
+ cors = Rack::Cors.new(proc {}) do
61
62
  allow do
62
63
  origins 'example.net'
63
- resource '/', :headers => :any
64
+ resource '/', headers: :any
64
65
  end
65
66
  end
66
67
  resources = cors.send :all_resources
67
- resources.first.resources.first.credentials.must_equal false
68
+ _(resources.first.resources.first.credentials).must_equal false
68
69
  end
69
70
  end
data/test/unit/insecure.ru CHANGED
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  require 'rack/cors'
2
4
 
3
5
  use Rack::Cors do
data/test/unit/non_http.ru CHANGED
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  require 'rack/cors'
2
4
 
3
5
  use Rack::Cors do
data/test/unit/test.ru CHANGED
@@ -1,26 +1,29 @@
1
+ # frozen_string_literal: true
2
+
1
3
  require 'rack/cors'
2
4
 
3
- #use Rack::Cors, :debug => true, :logger => ::Logger.new(STDOUT) do
5
+ # use Rack::Cors, :debug => true, :logger => ::Logger.new(STDOUT) do
4
6
  use Rack::Lint
5
7
  use Rack::Cors do
6
8
  allow do
7
9
  origins 'localhost:3000',
8
10
  '127.0.0.1:3000',
9
- /http:\/\/192\.168\.0\.\d{1,3}(:\d+)?/,
11
+ %r{http://192\.168\.0\.\d{1,3}(:\d+)?},
10
12
  'file://',
11
- /http:\/\/(.*?)\.example\.com/
12
-
13
- resource '/get-only', :methods => :get
14
- resource '/', :headers => :any, :methods => :any
15
- resource '/options', :methods => :options
16
- resource '/single_header', :headers => 'x-domain-token'
17
- resource '/two_headers', :headers => %w{x-domain-token x-requested-with}
18
- resource '/expose_single_header', :expose => 'expose-test'
19
- resource '/expose_multiple_headers', :expose => %w{expose-test-1 expose-test-2}
20
- resource '/conditional', :methods => :get, :if => proc { |env| !!env['HTTP_X_OK'] }
21
- resource '/vary_test', :methods => :get, :vary => %w{ Origin Host }
22
- resource '/patch_test', :methods => :patch
23
- resource '/wildcard/*', :methods => :any
13
+ %r{http://(.*?)\.example\.com},
14
+ 'custom-protocol://abcdefg'
15
+
16
+ resource '/get-only', methods: :get
17
+ resource '/', headers: :any, methods: :any
18
+ resource '/options', methods: :options
19
+ resource '/single_header', headers: 'x-domain-token'
20
+ resource '/two_headers', headers: %w[x-domain-token x-requested-with]
21
+ resource '/expose_single_header', expose: 'expose-test'
22
+ resource '/expose_multiple_headers', expose: %w[expose-test-1 expose-test-2]
23
+ resource '/conditional', methods: :get, if: proc { |env| !!env['HTTP_X_OK'] }
24
+ resource '/vary_test', methods: :get, vary: %w[Origin Host]
25
+ resource '/patch_test', methods: :patch
26
+ resource '/wildcard/*', methods: :any
24
27
  # resource '/file/at/*',
25
28
  # :methods => [:get, :post, :put, :delete],
26
29
  # :headers => :any,
@@ -28,14 +31,14 @@ use Rack::Cors do
28
31
  end
29
32
 
30
33
  allow do
31
- origins do |source,env|
32
- source.end_with?("10.10.10.10:3000")
34
+ origins do |source, _env|
35
+ source.end_with?('10.10.10.10:3000')
33
36
  end
34
37
  resource '/proc-origin'
35
38
  end
36
39
 
37
40
  allow do
38
- origins -> (source, env) { source.end_with?("10.10.10.10:3000") }
41
+ origins ->(source, _env) { source.end_with?('10.10.10.10:3000') }
39
42
  resource '/lambda-origin'
40
43
  end
41
44
 
@@ -43,17 +46,17 @@ use Rack::Cors do
43
46
  origins '*'
44
47
  resource '/public'
45
48
  resource '/public/*'
46
- resource '/public_without_credentials', :credentials => false
49
+ resource '/public_without_credentials', credentials: false
47
50
  end
48
51
 
49
52
  allow do
50
53
  origins 'mucho-grande.com'
51
- resource '/multi-allow-config', :max_age => 600
54
+ resource '/multi-allow-config', max_age: 600
52
55
  end
53
56
 
54
57
  allow do
55
58
  origins '*'
56
- resource '/multi-allow-config', :max_age => 300, :credentials => false
59
+ resource '/multi-allow-config', max_age: 300, credentials: false
57
60
  end
58
61
 
59
62
  allow do
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rack-cors
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.1.1
4
+ version: 2.0.0.rc1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Calvin Yu
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-12-30 00:00:00.000000000 Z
11
+ date: 2022-09-11 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rack
@@ -45,47 +45,47 @@ dependencies:
45
45
  - !ruby/object:Gem::Version
46
46
  version: '3'
47
47
  - !ruby/object:Gem::Dependency
48
- name: rake
48
+ name: minitest
49
49
  requirement: !ruby/object:Gem::Requirement
50
50
  requirements:
51
51
  - - "~>"
52
52
  - !ruby/object:Gem::Version
53
- version: 12.3.0
53
+ version: 5.11.0
54
54
  type: :development
55
55
  prerelease: false
56
56
  version_requirements: !ruby/object:Gem::Requirement
57
57
  requirements:
58
58
  - - "~>"
59
59
  - !ruby/object:Gem::Version
60
- version: 12.3.0
60
+ version: 5.11.0
61
61
  - !ruby/object:Gem::Dependency
62
- name: minitest
62
+ name: mocha
63
63
  requirement: !ruby/object:Gem::Requirement
64
64
  requirements:
65
65
  - - "~>"
66
66
  - !ruby/object:Gem::Version
67
- version: 5.11.0
67
+ version: 1.6.0
68
68
  type: :development
69
69
  prerelease: false
70
70
  version_requirements: !ruby/object:Gem::Requirement
71
71
  requirements:
72
72
  - - "~>"
73
73
  - !ruby/object:Gem::Version
74
- version: 5.11.0
74
+ version: 1.6.0
75
75
  - !ruby/object:Gem::Dependency
76
- name: mocha
76
+ name: pry
77
77
  requirement: !ruby/object:Gem::Requirement
78
78
  requirements:
79
79
  - - "~>"
80
80
  - !ruby/object:Gem::Version
81
- version: 1.6.0
81
+ version: '0.12'
82
82
  type: :development
83
83
  prerelease: false
84
84
  version_requirements: !ruby/object:Gem::Requirement
85
85
  requirements:
86
86
  - - "~>"
87
87
  - !ruby/object:Gem::Version
88
- version: 1.6.0
88
+ version: '0.12'
89
89
  - !ruby/object:Gem::Dependency
90
90
  name: rack-test
91
91
  requirement: !ruby/object:Gem::Requirement
@@ -100,6 +100,34 @@ dependencies:
100
100
  - - "~>"
101
101
  - !ruby/object:Gem::Version
102
102
  version: 1.1.0
103
+ - !ruby/object:Gem::Dependency
104
+ name: rake
105
+ requirement: !ruby/object:Gem::Requirement
106
+ requirements:
107
+ - - "~>"
108
+ - !ruby/object:Gem::Version
109
+ version: 12.3.0
110
+ type: :development
111
+ prerelease: false
112
+ version_requirements: !ruby/object:Gem::Requirement
113
+ requirements:
114
+ - - "~>"
115
+ - !ruby/object:Gem::Version
116
+ version: 12.3.0
117
+ - !ruby/object:Gem::Dependency
118
+ name: rubocop
119
+ requirement: !ruby/object:Gem::Requirement
120
+ requirements:
121
+ - - "~>"
122
+ - !ruby/object:Gem::Version
123
+ version: 0.80.1
124
+ type: :development
125
+ prerelease: false
126
+ version_requirements: !ruby/object:Gem::Requirement
127
+ requirements:
128
+ - - "~>"
129
+ - !ruby/object:Gem::Version
130
+ version: 0.80.1
103
131
  description: 'Middleware that will make Rack-based apps CORS compatible. Fork the
104
132
  project here: https://github.com/cyu/rack-cors'
105
133
  email:
@@ -108,6 +136,7 @@ executables: []
108
136
  extensions: []
109
137
  extra_rdoc_files: []
110
138
  files:
139
+ - ".rubocop.yml"
111
140
  - ".travis.yml"
112
141
  - CHANGELOG.md
113
142
  - Gemfile
@@ -115,8 +144,13 @@ files:
115
144
  - README.md
116
145
  - Rakefile
117
146
  - lib/rack/cors.rb
147
+ - lib/rack/cors/resource.rb
148
+ - lib/rack/cors/resources.rb
149
+ - lib/rack/cors/resources/cors_misconfiguration_error.rb
150
+ - lib/rack/cors/result.rb
118
151
  - lib/rack/cors/version.rb
119
152
  - rack-cors.gemspec
153
+ - test/.rubocop.yml
120
154
  - test/cors/expect.js
121
155
  - test/cors/mocha.css
122
156
  - test/cors/mocha.js
@@ -143,15 +177,16 @@ required_ruby_version: !ruby/object:Gem::Requirement
143
177
  version: '0'
144
178
  required_rubygems_version: !ruby/object:Gem::Requirement
145
179
  requirements:
146
- - - ">="
180
+ - - ">"
147
181
  - !ruby/object:Gem::Version
148
- version: '0'
182
+ version: 1.3.1
149
183
  requirements: []
150
- rubygems_version: 3.0.3
184
+ rubygems_version: 3.3.10
151
185
  signing_key:
152
186
  specification_version: 4
153
187
  summary: Middleware for enabling Cross-Origin Resource Sharing in Rack apps
154
188
  test_files:
189
+ - test/.rubocop.yml
155
190
  - test/cors/expect.js
156
191
  - test/cors/mocha.css
157
192
  - test/cors/mocha.js