use of org.graylog.shaded.elasticsearch7.org.elasticsearch.client.Response in project elasticsearch by elastic.
the class CorsNotSetIT method testCorsSettingDefaultBehaviourDoesNotReturnAnything.
public void testCorsSettingDefaultBehaviourDoesNotReturnAnything() throws IOException {
String corsValue = "http://localhost:9200";
Response response = getRestClient().performRequest("GET", "/", new BasicHeader("User-Agent", "Mozilla Bar"), new BasicHeader("Origin", corsValue));
assertThat(response.getStatusLine().getStatusCode(), is(200));
assertThat(response.getHeader("Access-Control-Allow-Origin"), nullValue());
assertThat(response.getHeader("Access-Control-Allow-Credentials"), nullValue());
}
use of org.graylog.shaded.elasticsearch7.org.elasticsearch.client.Response in project elasticsearch by elastic.
the class CorsRegexIT method testThatPreFlightRequestReturnsNullOnNonMatch.
public void testThatPreFlightRequestReturnsNullOnNonMatch() throws IOException {
try {
getRestClient().performRequest("OPTIONS", "/", new BasicHeader("User-Agent", "Mozilla Bar"), new BasicHeader("Origin", "http://evil-host:9200"), new BasicHeader("Access-Control-Request-Method", "GET"));
fail("request should have failed");
} catch (ResponseException e) {
Response response = e.getResponse();
// a rejected origin gets a FORBIDDEN - 403
assertThat(response.getStatusLine().getStatusCode(), is(403));
assertThat(response.getHeader("Access-Control-Allow-Origin"), nullValue());
assertThat(response.getHeader("Access-Control-Allow-Methods"), nullValue());
}
}
use of org.graylog.shaded.elasticsearch7.org.elasticsearch.client.Response in project elasticsearch by elastic.
the class CorsRegexIT method testThatRegularExpressionIsNotAppliedWithoutCorrectBrowserOnMatch.
public void testThatRegularExpressionIsNotAppliedWithoutCorrectBrowserOnMatch() throws IOException {
Response response = getRestClient().performRequest("GET", "/");
assertThat(response.getStatusLine().getStatusCode(), is(200));
assertThat(response.getHeader("Access-Control-Allow-Origin"), nullValue());
}
use of org.graylog.shaded.elasticsearch7.org.elasticsearch.client.Response in project elasticsearch by elastic.
the class CorsRegexIT method testThatRegularExpressionWorksOnMatch.
public void testThatRegularExpressionWorksOnMatch() throws IOException {
String corsValue = "http://localhost:9200";
Response response = getRestClient().performRequest("GET", "/", new BasicHeader("User-Agent", "Mozilla Bar"), new BasicHeader("Origin", corsValue));
assertResponseWithOriginheader(response, corsValue);
corsValue = "https://localhost:9200";
response = getRestClient().performRequest("GET", "/", new BasicHeader("User-Agent", "Mozilla Bar"), new BasicHeader("Origin", corsValue));
assertResponseWithOriginheader(response, corsValue);
assertThat(response.getHeader("Access-Control-Allow-Credentials"), is("true"));
}
use of org.graylog.shaded.elasticsearch7.org.elasticsearch.client.Response in project elasticsearch by elastic.
the class CorsRegexIT method testThatPreFlightRequestWorksOnMatch.
public void testThatPreFlightRequestWorksOnMatch() throws IOException {
String corsValue = "http://localhost:9200";
Response response = getRestClient().performRequest("OPTIONS", "/", new BasicHeader("User-Agent", "Mozilla Bar"), new BasicHeader("Origin", corsValue), new BasicHeader("Access-Control-Request-Method", "GET"));
assertResponseWithOriginheader(response, corsValue);
assertNotNull(response.getHeader("Access-Control-Allow-Methods"));
}
Aggregations