use of org.springframework.web.server.ServerWebExchange in project spring-framework by spring-projects.
the class DefaultCorsProcessorTests method preflightRequestWithNullConfig.
@Test
public void preflightRequestWithNullConfig() throws Exception {
ServerWebExchange exchange = preFlightRequest().header(ACCESS_CONTROL_REQUEST_METHOD, "GET").toExchange();
this.conf.addAllowedOrigin("*");
this.processor.processRequest(null, exchange);
ServerHttpResponse response = exchange.getResponse();
assertFalse(response.getHeaders().containsKey(ACCESS_CONTROL_ALLOW_ORIGIN));
assertEquals(HttpStatus.FORBIDDEN, response.getStatusCode());
}
use of org.springframework.web.server.ServerWebExchange in project spring-framework by spring-projects.
the class DefaultCorsProcessorTests method actualRequestWithOriginHeaderAndNullConfig.
@Test
public void actualRequestWithOriginHeaderAndNullConfig() throws Exception {
ServerWebExchange exchange = actualRequest();
this.processor.processRequest(null, exchange);
ServerHttpResponse response = exchange.getResponse();
assertFalse(response.getHeaders().containsKey(ACCESS_CONTROL_ALLOW_ORIGIN));
assertNull(response.getStatusCode());
}
use of org.springframework.web.server.ServerWebExchange in project spring-framework by spring-projects.
the class DefaultCorsProcessorTests method actualRequestExposedHeaders.
@Test
public void actualRequestExposedHeaders() throws Exception {
ServerWebExchange exchange = actualRequest();
this.conf.addExposedHeader("header1");
this.conf.addExposedHeader("header2");
this.conf.addAllowedOrigin("http://domain2.com");
this.processor.processRequest(this.conf, exchange);
ServerHttpResponse response = exchange.getResponse();
assertTrue(response.getHeaders().containsKey(ACCESS_CONTROL_ALLOW_ORIGIN));
assertEquals("http://domain2.com", response.getHeaders().getFirst(ACCESS_CONTROL_ALLOW_ORIGIN));
assertTrue(response.getHeaders().containsKey(HttpHeaders.ACCESS_CONTROL_EXPOSE_HEADERS));
assertTrue(response.getHeaders().getFirst(HttpHeaders.ACCESS_CONTROL_EXPOSE_HEADERS).contains("header1"));
assertTrue(response.getHeaders().getFirst(HttpHeaders.ACCESS_CONTROL_EXPOSE_HEADERS).contains("header2"));
assertNull(response.getStatusCode());
}
use of org.springframework.web.server.ServerWebExchange in project spring-framework by spring-projects.
the class DefaultCorsProcessorTests method preflightRequestWithEmptyHeaders.
@Test
public void preflightRequestWithEmptyHeaders() throws Exception {
ServerWebExchange exchange = preFlightRequest().header(ACCESS_CONTROL_REQUEST_METHOD, "GET").header(ACCESS_CONTROL_REQUEST_HEADERS, "").toExchange();
this.conf.addAllowedHeader("*");
this.conf.addAllowedOrigin("http://domain2.com");
this.processor.processRequest(this.conf, exchange);
ServerHttpResponse response = exchange.getResponse();
assertTrue(response.getHeaders().containsKey(ACCESS_CONTROL_ALLOW_ORIGIN));
assertFalse(response.getHeaders().containsKey(ACCESS_CONTROL_ALLOW_HEADERS));
assertNull(response.getStatusCode());
}
use of org.springframework.web.server.ServerWebExchange in project spring-framework by spring-projects.
the class DefaultCorsProcessorTests method preflightRequestAllowsAllHeaders.
@Test
public void preflightRequestAllowsAllHeaders() throws Exception {
ServerWebExchange exchange = preFlightRequest().header(ACCESS_CONTROL_REQUEST_METHOD, "GET").header(ACCESS_CONTROL_REQUEST_HEADERS, "Header1, Header2").toExchange();
this.conf.addAllowedHeader("*");
this.conf.addAllowedOrigin("http://domain2.com");
this.processor.processRequest(this.conf, exchange);
ServerHttpResponse response = exchange.getResponse();
assertTrue(response.getHeaders().containsKey(ACCESS_CONTROL_ALLOW_ORIGIN));
assertTrue(response.getHeaders().containsKey(ACCESS_CONTROL_ALLOW_HEADERS));
assertTrue(response.getHeaders().getFirst(ACCESS_CONTROL_ALLOW_HEADERS).contains("Header1"));
assertTrue(response.getHeaders().getFirst(ACCESS_CONTROL_ALLOW_HEADERS).contains("Header2"));
assertFalse(response.getHeaders().getFirst(ACCESS_CONTROL_ALLOW_HEADERS).contains("*"));
assertNull(response.getStatusCode());
}
Aggregations