public void GlobalCorsHasAccessControlHeaders(IRestClient client)
{
appHost.LoadPlugin(new CorsFeature());
var response = RequestContextTests.GetResponseHeaders(ListeningOn + "/globalcorsfeature");
Assert.That(response[HttpHeaders.AllowOrigin], Is.EqualTo("*"));
Assert.That(response[HttpHeaders.AllowMethods], Is.EqualTo("GET, POST, PUT, DELETE, OPTIONS"));
Assert.False(response.ContainsKey(HttpHeaders.AllowCredentials));
Assert.That(response[HttpHeaders.AllowHeaders], Is.EqualTo("Content-Type"));
}
public void CorsMethodHasAccessControlHeaders(IRestClient client)
{
appHost.Config.GlobalResponseHeaders.Clear();
var response = RequestContextTests.GetResponseHeaders(ListeningOn + "/corsmethod");
Assert.That(response[HttpHeaders.AllowOrigin], Is.EqualTo("http://localhost http://localhost2"));
Assert.That(response[HttpHeaders.AllowMethods], Is.EqualTo("POST, GET"));
Assert.That(response[HttpHeaders.AllowHeaders], Is.EqualTo("Type1, Type2"));
Assert.That(response[HttpHeaders.AllowCredentials], Is.EqualTo("true"));
}
