Example 1 with ACCESS_CONTROL_REQUEST_METHOD
use of org.springframework.http.HttpHeaders.ACCESS_CONTROL_REQUEST_METHOD in project spring-framework by spring-projects.
the class CorsWebFilterTests method validPreFlightRequest.
@Test
public void validPreFlightRequest() throws ServletException, IOException {
MockServerWebExchange exchange = MockServerWebExchange.from(MockServerHttpRequest.options("https://domain1.com/test.html").header(HOST, "domain1.com").header(ORIGIN, "https://domain2.com").header(ACCESS_CONTROL_REQUEST_METHOD, HttpMethod.GET.name()).header(ACCESS_CONTROL_REQUEST_HEADERS, "header1, header2"));
WebFilterChain filterChain = filterExchange -> Mono.error(new AssertionError("Preflight requests must not be forwarded to the filter chain"));
filter.filter(exchange, filterChain).block();
HttpHeaders headers = exchange.getResponse().getHeaders();
assertThat(headers.getFirst(ACCESS_CONTROL_ALLOW_ORIGIN)).isEqualTo("https://domain2.com");
assertThat(headers.getFirst(ACCESS_CONTROL_ALLOW_HEADERS)).isEqualTo("header1, header2");
assertThat(headers.getFirst(ACCESS_CONTROL_EXPOSE_HEADERS)).isEqualTo("header3, header4");
assertThat(Long.parseLong(headers.getFirst(ACCESS_CONTROL_MAX_AGE))).isEqualTo(123L);
}
Also used :
ACCESS_CONTROL_EXPOSE_HEADERS(org.springframework.http.HttpHeaders.ACCESS_CONTROL_EXPOSE_HEADERS)
BeforeEach(org.junit.jupiter.api.BeforeEach)
Arrays(java.util.Arrays)
ACCESS_CONTROL_REQUEST_HEADERS(org.springframework.http.HttpHeaders.ACCESS_CONTROL_REQUEST_HEADERS)
HttpHeaders(org.springframework.http.HttpHeaders)
Assertions.assertThat(org.assertj.core.api.Assertions.assertThat)
ACCESS_CONTROL_ALLOW_HEADERS(org.springframework.http.HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS)
HttpMethod(org.springframework.http.HttpMethod)
CorsConfiguration(org.springframework.web.cors.CorsConfiguration)
MockServerWebExchange(org.springframework.web.testfixture.server.MockServerWebExchange)
ACCESS_CONTROL_MAX_AGE(org.springframework.http.HttpHeaders.ACCESS_CONTROL_MAX_AGE)
IOException(java.io.IOException)
Mono(reactor.core.publisher.Mono)
ServletException(jakarta.servlet.ServletException)
ACCESS_CONTROL_REQUEST_METHOD(org.springframework.http.HttpHeaders.ACCESS_CONTROL_REQUEST_METHOD)
HOST(org.springframework.http.HttpHeaders.HOST)
Test(org.junit.jupiter.api.Test)
MockServerHttpRequest(org.springframework.web.testfixture.http.server.reactive.MockServerHttpRequest)
ORIGIN(org.springframework.http.HttpHeaders.ORIGIN)
WebFilterChain(org.springframework.web.server.WebFilterChain)
ACCESS_CONTROL_ALLOW_ORIGIN(org.springframework.http.HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN)
HttpHeaders(org.springframework.http.HttpHeaders)
WebFilterChain(org.springframework.web.server.WebFilterChain)
MockServerWebExchange(org.springframework.web.testfixture.server.MockServerWebExchange)
Test(org.junit.jupiter.api.Test)
Example 2 with ACCESS_CONTROL_REQUEST_METHOD
use of org.springframework.http.HttpHeaders.ACCESS_CONTROL_REQUEST_METHOD in project spring-framework by spring-projects.
the class CorsWebFilterTests method invalidPreFlightRequest.
@Test
public void invalidPreFlightRequest() throws ServletException, IOException {
MockServerWebExchange exchange = MockServerWebExchange.from(MockServerHttpRequest.options("https://domain1.com/test.html").header(HOST, "domain1.com").header(ORIGIN, "https://domain2.com").header(ACCESS_CONTROL_REQUEST_METHOD, HttpMethod.DELETE.name()).header(ACCESS_CONTROL_REQUEST_HEADERS, "header1, header2"));
WebFilterChain filterChain = filterExchange -> Mono.error(new AssertionError("Preflight requests must not be forwarded to the filter chain"));
filter.filter(exchange, filterChain).block();
assertThat(exchange.getResponse().getHeaders().getFirst(ACCESS_CONTROL_ALLOW_ORIGIN)).isNull();
}
Also used :
ACCESS_CONTROL_EXPOSE_HEADERS(org.springframework.http.HttpHeaders.ACCESS_CONTROL_EXPOSE_HEADERS)
BeforeEach(org.junit.jupiter.api.BeforeEach)
Arrays(java.util.Arrays)
ACCESS_CONTROL_REQUEST_HEADERS(org.springframework.http.HttpHeaders.ACCESS_CONTROL_REQUEST_HEADERS)
HttpHeaders(org.springframework.http.HttpHeaders)
Assertions.assertThat(org.assertj.core.api.Assertions.assertThat)
ACCESS_CONTROL_ALLOW_HEADERS(org.springframework.http.HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS)
HttpMethod(org.springframework.http.HttpMethod)
CorsConfiguration(org.springframework.web.cors.CorsConfiguration)
MockServerWebExchange(org.springframework.web.testfixture.server.MockServerWebExchange)
ACCESS_CONTROL_MAX_AGE(org.springframework.http.HttpHeaders.ACCESS_CONTROL_MAX_AGE)
IOException(java.io.IOException)
Mono(reactor.core.publisher.Mono)
ServletException(jakarta.servlet.ServletException)
ACCESS_CONTROL_REQUEST_METHOD(org.springframework.http.HttpHeaders.ACCESS_CONTROL_REQUEST_METHOD)
HOST(org.springframework.http.HttpHeaders.HOST)
Test(org.junit.jupiter.api.Test)
MockServerHttpRequest(org.springframework.web.testfixture.http.server.reactive.MockServerHttpRequest)
ORIGIN(org.springframework.http.HttpHeaders.ORIGIN)
WebFilterChain(org.springframework.web.server.WebFilterChain)
ACCESS_CONTROL_ALLOW_ORIGIN(org.springframework.http.HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN)
WebFilterChain(org.springframework.web.server.WebFilterChain)
MockServerWebExchange(org.springframework.web.testfixture.server.MockServerWebExchange)
Test(org.junit.jupiter.api.Test)
Aggregations
ServletException (jakarta.servlet.ServletException)2
IOException (java.io.IOException)2
Arrays (java.util.Arrays)2
Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)2
BeforeEach (org.junit.jupiter.api.BeforeEach)2
Test (org.junit.jupiter.api.Test)2
HttpHeaders (org.springframework.http.HttpHeaders)2
ACCESS_CONTROL_ALLOW_HEADERS (org.springframework.http.HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS)2
ACCESS_CONTROL_ALLOW_ORIGIN (org.springframework.http.HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN)2
ACCESS_CONTROL_EXPOSE_HEADERS (org.springframework.http.HttpHeaders.ACCESS_CONTROL_EXPOSE_HEADERS)2
ACCESS_CONTROL_MAX_AGE (org.springframework.http.HttpHeaders.ACCESS_CONTROL_MAX_AGE)2
ACCESS_CONTROL_REQUEST_HEADERS (org.springframework.http.HttpHeaders.ACCESS_CONTROL_REQUEST_HEADERS)2
ACCESS_CONTROL_REQUEST_METHOD (org.springframework.http.HttpHeaders.ACCESS_CONTROL_REQUEST_METHOD)2
HOST (org.springframework.http.HttpHeaders.HOST)2
ORIGIN (org.springframework.http.HttpHeaders.ORIGIN)2
HttpMethod (org.springframework.http.HttpMethod)2
CorsConfiguration (org.springframework.web.cors.CorsConfiguration)2
WebFilterChain (org.springframework.web.server.WebFilterChain)2
MockServerHttpRequest (org.springframework.web.testfixture.http.server.reactive.MockServerHttpRequest)2
MockServerWebExchange (org.springframework.web.testfixture.server.MockServerWebExchange)2
