Example 6 with ACCESS_CONTROL_ALLOW_ORIGIN
use of org.springframework.http.HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN in project spring-framework by spring-projects.
the class CorsWebFilterTests method invalidActualRequest.
@Test
public void invalidActualRequest() throws ServletException, IOException {
MockServerWebExchange exchange = MockServerWebExchange.from(MockServerHttpRequest.delete("https://domain1.com/test.html").header(HOST, "domain1.com").header(ORIGIN, "https://domain2.com").header("header2", "foo"));
WebFilterChain filterChain = filterExchange -> Mono.error(new AssertionError("Invalid requests must not be forwarded to the filter chain"));
filter.filter(exchange, filterChain).block();
assertThat(exchange.getResponse().getHeaders().getFirst(ACCESS_CONTROL_ALLOW_ORIGIN)).isNull();
}
Also used :
ACCESS_CONTROL_EXPOSE_HEADERS(org.springframework.http.HttpHeaders.ACCESS_CONTROL_EXPOSE_HEADERS)
BeforeEach(org.junit.jupiter.api.BeforeEach)
Arrays(java.util.Arrays)
ACCESS_CONTROL_REQUEST_HEADERS(org.springframework.http.HttpHeaders.ACCESS_CONTROL_REQUEST_HEADERS)
HttpHeaders(org.springframework.http.HttpHeaders)
Assertions.assertThat(org.assertj.core.api.Assertions.assertThat)
ACCESS_CONTROL_ALLOW_HEADERS(org.springframework.http.HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS)
HttpMethod(org.springframework.http.HttpMethod)
CorsConfiguration(org.springframework.web.cors.CorsConfiguration)
MockServerWebExchange(org.springframework.web.testfixture.server.MockServerWebExchange)
ACCESS_CONTROL_MAX_AGE(org.springframework.http.HttpHeaders.ACCESS_CONTROL_MAX_AGE)
IOException(java.io.IOException)
Mono(reactor.core.publisher.Mono)
ServletException(jakarta.servlet.ServletException)
ACCESS_CONTROL_REQUEST_METHOD(org.springframework.http.HttpHeaders.ACCESS_CONTROL_REQUEST_METHOD)
HOST(org.springframework.http.HttpHeaders.HOST)
Test(org.junit.jupiter.api.Test)
MockServerHttpRequest(org.springframework.web.testfixture.http.server.reactive.MockServerHttpRequest)
ORIGIN(org.springframework.http.HttpHeaders.ORIGIN)
WebFilterChain(org.springframework.web.server.WebFilterChain)
ACCESS_CONTROL_ALLOW_ORIGIN(org.springframework.http.HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN)
WebFilterChain(org.springframework.web.server.WebFilterChain)
MockServerWebExchange(org.springframework.web.testfixture.server.MockServerWebExchange)
Test(org.junit.jupiter.api.Test)
Aggregations
ServletException (jakarta.servlet.ServletException)6
IOException (java.io.IOException)6
Arrays (java.util.Arrays)6
Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)6
BeforeEach (org.junit.jupiter.api.BeforeEach)6
Test (org.junit.jupiter.api.Test)6
HttpHeaders (org.springframework.http.HttpHeaders)6
ACCESS_CONTROL_ALLOW_HEADERS (org.springframework.http.HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS)6
ACCESS_CONTROL_ALLOW_ORIGIN (org.springframework.http.HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN)6
ACCESS_CONTROL_EXPOSE_HEADERS (org.springframework.http.HttpHeaders.ACCESS_CONTROL_EXPOSE_HEADERS)6
ACCESS_CONTROL_MAX_AGE (org.springframework.http.HttpHeaders.ACCESS_CONTROL_MAX_AGE)6
ACCESS_CONTROL_REQUEST_HEADERS (org.springframework.http.HttpHeaders.ACCESS_CONTROL_REQUEST_HEADERS)6
ACCESS_CONTROL_REQUEST_METHOD (org.springframework.http.HttpHeaders.ACCESS_CONTROL_REQUEST_METHOD)6
HOST (org.springframework.http.HttpHeaders.HOST)6
ORIGIN (org.springframework.http.HttpHeaders.ORIGIN)6
HttpMethod (org.springframework.http.HttpMethod)6
CorsConfiguration (org.springframework.web.cors.CorsConfiguration)6
WebFilterChain (org.springframework.web.server.WebFilterChain)6
MockServerHttpRequest (org.springframework.web.testfixture.http.server.reactive.MockServerHttpRequest)6
MockServerWebExchange (org.springframework.web.testfixture.server.MockServerWebExchange)6
