public async void pipeline_cors___returns_endpoint_configured_orgin_when_all_orgins_default_configured() { var origin = "http://ron.vecchi.net"; var context = new ApiRequestContext { Request = new ApiRequestInfo { CrossOriginRequest = new CrossOriginRequestValues { Origin = origin } }, Configuration = new DeepSleepRequestConfiguration { CrossOriginConfig = new ApiCrossOriginConfiguration { AllowedOrigins = new string[] { origin } } } }; var processed = await context.ProcessHttpResponseCrossOriginResourceSharing().ConfigureAwait(false); processed.Should().BeTrue(); context.Response.Headers.Should().NotBeEmpty(); context.Response.Headers.Should().HaveCount(3); context.Response.Headers[0].Name.Should().Be("Access-Control-Allow-Origin"); context.Response.Headers[0].Value.Should().Be(origin); context.Response.Headers[1].Name.Should().Be("Access-Control-Allow-Credentials"); context.Response.Headers[1].Value.Should().Be("false"); context.Response.Headers[2].Name.Should().Be("Vary"); context.Response.Headers[2].Value.Should().Be("Origin"); }
public async void pipeline_cors___returns_true_allow_credentials_when_configured(bool?allowCredentials, bool expected) { var origin = "http://ron.vecchi.net"; var context = new ApiRequestContext { Request = new ApiRequestInfo { CrossOriginRequest = new CrossOriginRequestValues { Origin = origin, } }, Configuration = new DeepSleepRequestConfiguration { CrossOriginConfig = new ApiCrossOriginConfiguration { AllowedOrigins = new string[] { "*" }, AllowCredentials = allowCredentials } } }; var processed = await context.ProcessHttpResponseCrossOriginResourceSharing().ConfigureAwait(false); processed.Should().BeTrue(); context.Response.Headers.Should().NotBeEmpty(); context.Response.Headers.Should().HaveCount(3); context.Response.Headers[0].Name.Should().Be("Access-Control-Allow-Origin"); context.Response.Headers[0].Value.Should().Be(origin); context.Response.Headers[1].Name.Should().Be("Access-Control-Allow-Credentials"); context.Response.Headers[1].Value.Should().Be(expected.ToString().ToLowerInvariant()); context.Response.Headers[2].Name.Should().Be("Vary"); context.Response.Headers[2].Value.Should().Be("Origin"); }
public async void pipeline_cors___returns_true_and_skips_processing_when_no_orgin_present(string origin) { var context = new ApiRequestContext { Request = new ApiRequestInfo { CrossOriginRequest = new CrossOriginRequestValues { Origin = origin } } }; var processed = await context.ProcessHttpResponseCrossOriginResourceSharing().ConfigureAwait(false); processed.Should().BeTrue(); context.Response.Should().NotBeNull(); context.Response.ResponseObject.Should().BeNull(); }
public async void pipeline_cors___returns_false_for_cancelled_request() { var context = new ApiRequestContext { RequestAborted = new System.Threading.CancellationToken(true), Request = new ApiRequestInfo { CrossOriginRequest = new CrossOriginRequestValues { Origin = "https://test.org" } } }; var processed = await context.ProcessHttpResponseCrossOriginResourceSharing().ConfigureAwait(false); processed.Should().BeFalse(); context.Response.Should().NotBeNull(); context.Response.ResponseObject.Should().BeNull(); }
public async void pipeline_cors___returns_configured_access_expose_headers() { var origin = "http://ron.vecchi.net"; var context = new ApiRequestContext { Request = new ApiRequestInfo { CrossOriginRequest = new CrossOriginRequestValues { Origin = origin } }, Configuration = new DeepSleepRequestConfiguration { CrossOriginConfig = new ApiCrossOriginConfiguration { AllowedOrigins = new string[] { "*" }, ExposeHeaders = new string[] { "X-API1", "X-API2", "Content-Type" } } } }; var processed = await context.ProcessHttpResponseCrossOriginResourceSharing().ConfigureAwait(false); processed.Should().BeTrue(); context.Response.Headers.Should().NotBeEmpty(); context.Response.Headers.Should().HaveCount(4); context.Response.Headers[0].Name.Should().Be("Access-Control-Allow-Origin"); context.Response.Headers[0].Value.Should().Be(origin); context.Response.Headers[1].Name.Should().Be("Access-Control-Allow-Credentials"); context.Response.Headers[1].Value.Should().Be("false"); context.Response.Headers[2].Name.Should().Be("Access-Control-Expose-Headers"); context.Response.Headers[2].Value.Should().Be("X-API1, X-API2, Content-Type"); context.Response.Headers[3].Name.Should().Be("Vary"); context.Response.Headers[3].Value.Should().Be("Origin"); }