public async Task CorsRequest_MatchPolicy_SetsResponseHeaders() { // Arrange var appBuilder = new WebApplicationBuilder() .Configure(app => { app.UseCors(builder => builder.WithOrigins("http://localhost:5001") .WithMethods("PUT") .WithHeaders("Header1") .WithExposedHeaders("AllowedHeader")); app.Run(async context => { await context.Response.WriteAsync("Cross origin response"); }); }) .ConfigureServices(services => services.AddCors()); using (var server = new TestServer(appBuilder)) { // Act // Actual request. var response = await server.CreateRequest("/") .AddHeader(CorsConstants.Origin, "http://localhost:5001") .SendAsync("PUT"); // Assert response.EnsureSuccessStatusCode(); Assert.Equal(2, response.Headers.Count()); Assert.Equal("Cross origin response", await response.Content.ReadAsStringAsync()); Assert.Equal("http://localhost:5001", response.Headers.GetValues(CorsConstants.AccessControlAllowOrigin).FirstOrDefault()); Assert.Equal("AllowedHeader", response.Headers.GetValues(CorsConstants.AccessControlExposeHeaders).FirstOrDefault()); } }
public void AddRequestHeader() { var builder = new WebApplicationBuilder().Configure(app => { }); var server = new TestServer(builder); server.CreateRequest("/") .AddHeader("Host", "MyHost:90") .And(request => { Assert.Equal("MyHost:90", request.Headers.Host.ToString()); }); }
public void AddContentHeaders() { var builder = new WebApplicationBuilder().Configure(app => { }); var server = new TestServer(builder); server.CreateRequest("/") .AddHeader("Content-Type", "Test/Value") .And(request => { Assert.NotNull(request.Content); Assert.Equal("Test/Value", request.Content.Headers.ContentType.ToString()); }); }
public async Task PreFlight_MatchesPolicy_SetsResponseHeaders() { // Arrange var policy = new CorsPolicy(); policy.Origins.Add("http://localhost:5001"); policy.Methods.Add("PUT"); policy.Headers.Add("Header1"); policy.ExposedHeaders.Add("AllowedHeader"); var appBuilder = new WebApplicationBuilder() .Configure(app => { app.UseCors("customPolicy"); app.Run(async context => { await context.Response.WriteAsync("Cross origin response"); }); }) .ConfigureServices(services => { services.AddCors(options => { options.AddPolicy("customPolicy", policy); }); }); using (var server = new TestServer(appBuilder)) { // Act // Preflight request. var response = await server.CreateRequest("/") .AddHeader(CorsConstants.Origin, "http://localhost:5001") .AddHeader(CorsConstants.AccessControlRequestMethod, "PUT") .SendAsync(CorsConstants.PreflightHttpMethod); // Assert response.EnsureSuccessStatusCode(); Assert.Equal(2, response.Headers.Count()); Assert.Equal("http://localhost:5001", response.Headers.GetValues(CorsConstants.AccessControlAllowOrigin).FirstOrDefault()); Assert.Equal("PUT", response.Headers.GetValues(CorsConstants.AccessControlAllowMethods).FirstOrDefault()); } }
public async Task CorsRequest_DoesNotMatchPolicy_DoesNotSetHeaders() { // Arrange var appBuilder = new WebApplicationBuilder() .Configure(app => { app.UseCors(builder => builder.WithOrigins("http://localhost:5001") .WithMethods("PUT") .WithHeaders("Header1") .WithExposedHeaders("AllowedHeader")); app.Run(async context => { await context.Response.WriteAsync("Cross origin response"); }); }) .ConfigureServices(services => services.AddCors()); using (var server = new TestServer(appBuilder)) { // Act // Actual request. var response = await server.CreateRequest("/") .AddHeader(CorsConstants.Origin, "http://localhost:5002") .SendAsync("PUT"); // Assert Assert.Equal(HttpStatusCode.OK, response.StatusCode); Assert.Empty(response.Headers); } }