use of io.helidon.common.http.Headers in project helidon by oracle.
the class MainTest method testGreetingChangeWithCorsAndOtherOrigin.
// After all other tests so we can rely on deterministic greetings.
@Order(100)
@Test
void testGreetingChangeWithCorsAndOtherOrigin() {
WebClientRequestBuilder builder = webClient.put();
Headers headers = builder.headers();
headers.add("Origin", "http://other.com");
headers.add("Host", "here.com");
WebClientResponse r = putResponse("/greet/greeting", new GreetingMessage("Ahoy"), builder);
// Result depends on whether we are using overrides or not.
boolean isOverriding = Config.create().get("cors").exists();
assertEquals(isOverriding ? 204 : 403, r.status().code(), "HTTP response3");
}
use of io.helidon.common.http.Headers in project helidon by oracle.
the class TestDefaultCorsSupport method testOptionsWithCors.
@Test
void testOptionsWithCors() throws ExecutionException, InterruptedException {
WebServer server = null;
WebClient client;
try {
server = WebServer.create(prepRouting(true)).start().toCompletableFuture().get();
client = WebClient.builder().baseUri("http://localhost:" + server.port()).get();
WebClientRequestBuilder reqBuilder = client.options().path("/greet");
Headers h = reqBuilder.headers();
h.add("Origin", "http://foo.com");
h.add("Host", "bar.com");
WebClientResponse response = reqBuilder.submit().toCompletableFuture().get();
WebClientResponseHeaders headers = response.headers();
List<String> allowOrigins = headers.values(CrossOriginConfig.ACCESS_CONTROL_ALLOW_ORIGIN);
assertThat(allowOrigins, contains("*"));
} finally {
if (server != null) {
server.shutdown();
}
}
}
use of io.helidon.common.http.Headers in project helidon by oracle.
the class TestDefaultCorsSupport method testOptionsWithoutCors.
@Test
void testOptionsWithoutCors() throws ExecutionException, InterruptedException {
WebServer server = null;
WebClient client;
try {
server = WebServer.create(prepRouting(false)).start().toCompletableFuture().get();
client = WebClient.builder().baseUri("http://localhost:" + server.port()).get();
WebClientRequestBuilder reqBuilder = client.options().path("/greet");
Headers h = reqBuilder.headers();
h.add("Origin", "http://foo.com");
h.add("Host", "bar.com");
WebClientResponse response = reqBuilder.submit().toCompletableFuture().get();
WebClientResponseHeaders headers = response.headers();
List<String> allowOrigins = headers.values(CrossOriginConfig.ACCESS_CONTROL_ALLOW_ORIGIN);
assertThat(allowOrigins.size(), is(0));
} finally {
if (server != null) {
server.shutdown();
}
}
}
use of io.helidon.common.http.Headers in project helidon by oracle.
the class AbstractCorsTest method test2ErrorResponse.
@Test
void test2ErrorResponse() throws ExecutionException, InterruptedException {
WebClientRequestBuilder reqBuilder = client().get().path(path(SERVICE_2) + "/notfound").contentType(MediaType.TEXT_PLAIN);
Headers headers = reqBuilder.headers();
headers.add(ORIGIN, "http://foo.bar");
WebClientResponse res = reqBuilder.submit().toCompletableFuture().get();
assertThat(res.status(), is(not(Http.Status.OK_200)));
assertThat(res.headers().first(ACCESS_CONTROL_ALLOW_ORIGIN), is(Optional.empty()));
}
use of io.helidon.common.http.Headers in project helidon by oracle.
the class AbstractCorsTest method test1PreFlightAllowedHeaders2.
@Test
void test1PreFlightAllowedHeaders2() throws ExecutionException, InterruptedException {
WebClientRequestBuilder reqBuilder = client().options().path(path(SERVICE_1));
Headers headers = reqBuilder.headers();
headers.add(ORIGIN, "http://foo.bar");
headers.add(ACCESS_CONTROL_REQUEST_METHOD, "PUT");
headers.add(ACCESS_CONTROL_REQUEST_HEADERS, "X-foo, X-bar");
WebClientResponse res = reqBuilder.request().toCompletableFuture().get();
assertThat(res.status(), is(Http.Status.OK_200));
assertThat(res.headers().first(ACCESS_CONTROL_ALLOW_ORIGIN), present(is("http://foo.bar")));
assertThat(res.headers().first(ACCESS_CONTROL_ALLOW_METHODS), present(is("PUT")));
assertThat(res.headers().first(ACCESS_CONTROL_ALLOW_HEADERS), present(containsString("X-foo")));
assertThat(res.headers().first(ACCESS_CONTROL_ALLOW_HEADERS), present(containsString("X-bar")));
assertThat(res.headers().first(ACCESS_CONTROL_MAX_AGE), present(is("3600")));
}
Aggregations