rack-cors 2.0.1 → 2.0.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +4 -0
- data/README.md +5 -7
- data/lib/rack/cors/resource.rb +1 -1
- data/lib/rack/cors/version.rb +1 -1
- metadata +7 -36
- data/.github/workflows/ci.yaml +0 -39
- data/.rubocop.yml +0 -31
- data/Gemfile +0 -8
- data/Rakefile +0 -22
- data/rack-cors.gemspec +0 -30
- data/test/.rubocop.yml +0 -8
- data/test/cors/expect.js +0 -1286
- data/test/cors/mocha.css +0 -250
- data/test/cors/mocha.js +0 -5373
- data/test/cors/runner.html +0 -20
- data/test/cors/test.cors.coffee +0 -49
- data/test/cors/test.cors.js +0 -79
- data/test/unit/cors_test.rb +0 -540
- data/test/unit/dsl_test.rb +0 -70
- data/test/unit/insecure.ru +0 -10
- data/test/unit/non_http.ru +0 -10
- data/test/unit/test.ru +0 -66
data/test/unit/dsl_test.rb
DELETED
@@ -1,70 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require 'rubygems'
|
4
|
-
require 'minitest/autorun'
|
5
|
-
require 'rack/cors'
|
6
|
-
|
7
|
-
describe Rack::Cors, 'DSL' do
|
8
|
-
it 'should support explicit config object dsl mode' do
|
9
|
-
cors = Rack::Cors.new(proc {}) do |cfg|
|
10
|
-
cfg.allow do |allow|
|
11
|
-
allow.origins 'localhost:3000', '127.0.0.1:3000' do |source, env|
|
12
|
-
source == 'http://10.10.10.10:3000' &&
|
13
|
-
env['USER_AGENT'] == 'test-agent'
|
14
|
-
end
|
15
|
-
allow.resource '/get-only', methods: :get
|
16
|
-
allow.resource '/', headers: :any
|
17
|
-
end
|
18
|
-
end
|
19
|
-
resources = cors.send :all_resources
|
20
|
-
|
21
|
-
_(resources.length).must_equal 1
|
22
|
-
_(resources.first.allow_origin?('http://localhost:3000')).must_equal true
|
23
|
-
_(resources.first.allow_origin?('http://10.10.10.10:3000', { 'USER_AGENT' => 'test-agent' })).must_equal true
|
24
|
-
_(resources.first.allow_origin?('http://10.10.10.10:3001', { 'USER_AGENT' => 'test-agent' })).wont_equal true
|
25
|
-
_(resources.first.allow_origin?('http://10.10.10.10:3000', { 'USER_AGENT' => 'other-agent' })).wont_equal true
|
26
|
-
end
|
27
|
-
|
28
|
-
it 'should support implicit config object dsl mode' do
|
29
|
-
cors = Rack::Cors.new(proc {}) do
|
30
|
-
allow do
|
31
|
-
origins 'localhost:3000', '127.0.0.1:3000' do |source, env|
|
32
|
-
source == 'http://10.10.10.10:3000' &&
|
33
|
-
env['USER_AGENT'] == 'test-agent'
|
34
|
-
end
|
35
|
-
resource '/get-only', methods: :get
|
36
|
-
resource '/', headers: :any
|
37
|
-
end
|
38
|
-
end
|
39
|
-
resources = cors.send :all_resources
|
40
|
-
|
41
|
-
_(resources.length).must_equal 1
|
42
|
-
_(resources.first.allow_origin?('http://localhost:3000')).must_equal true
|
43
|
-
_(resources.first.allow_origin?('http://10.10.10.10:3000', { 'USER_AGENT' => 'test-agent' })).must_equal true
|
44
|
-
_(resources.first.allow_origin?('http://10.10.10.10:3001', { 'USER_AGENT' => 'test-agent' })).wont_equal true
|
45
|
-
_(resources.first.allow_origin?('http://10.10.10.10:3000', { 'USER_AGENT' => 'other-agent' })).wont_equal true
|
46
|
-
end
|
47
|
-
|
48
|
-
it 'should support "file://" origin' do
|
49
|
-
cors = Rack::Cors.new(proc {}) do
|
50
|
-
allow do
|
51
|
-
origins 'file://'
|
52
|
-
resource '/', headers: :any
|
53
|
-
end
|
54
|
-
end
|
55
|
-
resources = cors.send :all_resources
|
56
|
-
|
57
|
-
_(resources.first.allow_origin?('file://')).must_equal true
|
58
|
-
end
|
59
|
-
|
60
|
-
it 'should default credentials option to false' do
|
61
|
-
cors = Rack::Cors.new(proc {}) do
|
62
|
-
allow do
|
63
|
-
origins 'example.net'
|
64
|
-
resource '/', headers: :any
|
65
|
-
end
|
66
|
-
end
|
67
|
-
resources = cors.send :all_resources
|
68
|
-
_(resources.first.resources.first.credentials).must_equal false
|
69
|
-
end
|
70
|
-
end
|
data/test/unit/insecure.ru
DELETED
data/test/unit/non_http.ru
DELETED
data/test/unit/test.ru
DELETED
@@ -1,66 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require 'rack/cors'
|
4
|
-
|
5
|
-
# use Rack::Cors, :debug => true, :logger => ::Logger.new(STDOUT) do
|
6
|
-
use Rack::Lint
|
7
|
-
use Rack::Cors do
|
8
|
-
allow do
|
9
|
-
origins 'localhost:3000',
|
10
|
-
'127.0.0.1:3000',
|
11
|
-
%r{http://192\.168\.0\.\d{1,3}(:\d+)?},
|
12
|
-
'file://',
|
13
|
-
%r{http://(.*?)\.example\.com},
|
14
|
-
'custom-protocol://abcdefg'
|
15
|
-
|
16
|
-
resource '/get-only', methods: :get
|
17
|
-
resource '/', headers: :any, methods: :any
|
18
|
-
resource '/options', methods: :options
|
19
|
-
resource '/single_header', headers: 'x-domain-token'
|
20
|
-
resource '/two_headers', headers: %w[x-domain-token x-requested-with]
|
21
|
-
resource '/expose_single_header', expose: 'expose-test'
|
22
|
-
resource '/expose_multiple_headers', expose: %w[expose-test-1 expose-test-2]
|
23
|
-
resource '/conditional', methods: :get, if: proc { |env| !!env['HTTP_X_OK'] }
|
24
|
-
resource '/vary_test', methods: :get, vary: %w[Origin Host]
|
25
|
-
resource '/patch_test', methods: :patch
|
26
|
-
resource '/wildcard/*', methods: :any
|
27
|
-
# resource '/file/at/*',
|
28
|
-
# :methods => [:get, :post, :put, :delete],
|
29
|
-
# :headers => :any,
|
30
|
-
# :max_age => 0
|
31
|
-
end
|
32
|
-
|
33
|
-
allow do
|
34
|
-
origins do |source, _env|
|
35
|
-
source.end_with?('10.10.10.10:3000')
|
36
|
-
end
|
37
|
-
resource '/proc-origin'
|
38
|
-
end
|
39
|
-
|
40
|
-
allow do
|
41
|
-
origins ->(source, _env) { source.end_with?('10.10.10.10:3000') }
|
42
|
-
resource '/lambda-origin'
|
43
|
-
end
|
44
|
-
|
45
|
-
allow do
|
46
|
-
origins '*'
|
47
|
-
resource '/public'
|
48
|
-
resource '/public/*'
|
49
|
-
resource '/public_without_credentials', credentials: false
|
50
|
-
end
|
51
|
-
|
52
|
-
allow do
|
53
|
-
origins 'mucho-grande.com'
|
54
|
-
resource '/multi-allow-config', max_age: 600
|
55
|
-
end
|
56
|
-
|
57
|
-
allow do
|
58
|
-
origins '*'
|
59
|
-
resource '/multi-allow-config', max_age: 300, credentials: false
|
60
|
-
end
|
61
|
-
|
62
|
-
allow do
|
63
|
-
origins ''
|
64
|
-
resource '/blank-origin'
|
65
|
-
end
|
66
|
-
end
|