コード例 #1
0
        public async Task DefaultAccessControlAllowOriginHeaderToAsterisk()
        {
            var middleware = new HttpCorsMiddleware();

            var previousResponse = new APIGatewayProxyResponse();

            await middleware.Before(request, context);

            var response = await middleware.After(previousResponse, context);

            response.Headers.Should().Contain("Access-Control-Allow-Origin", "*");
        }
コード例 #2
0
        public async Task UseOriginSpecifiedInOptions()
        {
            var middleware = new HttpCorsMiddleware(new CorsOptions {
                Origin = "http://example.com"
            });

            var previousResponse = new APIGatewayProxyResponse();

            await middleware.Before(request, context);

            var response = await middleware.After(previousResponse, context);

            response.Headers.Should().Contain("Access-Control-Allow-Origin", "http://example.com");
        }
コード例 #3
0
        public async Task NotChangeAnythingIfHttpMethodIsNotPresentInTheRequest()
        {
            var middleware = new HttpCorsMiddleware(new CorsOptions());

            var previousResponse = new APIGatewayProxyResponse();

            request.HttpMethod = string.Empty;

            await middleware.Before(request, context);

            var response = await middleware.After(previousResponse, context);

            response.Should().Be(previousResponse);
        }
コード例 #4
0
        public async Task SetAccessControlMaxAgeHeaderIfPresentInConfig()
        {
            var middleware = new HttpCorsMiddleware(new CorsOptions
            {
                MaxAge = "3600"
            });

            var previousResponse = new APIGatewayProxyResponse();

            await middleware.Before(request, context);

            var response = await middleware.After(previousResponse, context);

            response.Headers.Should().Contain("Access-Control-Max-Age", "3600");
        }
コード例 #5
0
        public async Task ReturnFirstOriginAsDefaultIfNoMatch(string headerName)
        {
            var middleware = new HttpCorsMiddleware(new CorsOptions {
                Origins = new[] { "http://example.com", "http://another-example.com" }
            });

            var previousResponse = new APIGatewayProxyResponse();

            request.Headers.Add(headerName, "http://yet-another-example.com");

            await middleware.Before(request, context);

            var response = await middleware.After(previousResponse, context);

            response.Headers.Should().Contain("Access-Control-Allow-Origin", "http://example.com");
        }
コード例 #6
0
        public async Task UseChangeCredentialsAsSpecifiedInOptions(bool configValue, string expectedHeader)
        {
            var middleware = new HttpCorsMiddleware(new CorsOptions
            {
                Credentials = configValue
            });

            var previousResponse = new APIGatewayProxyResponse();

            await middleware.Before(request, context);

            var response = await middleware.After(previousResponse, context);

            response.Headers.Should().Contain("Access-Control-Allow-Origin", "*");
            response.Headers.Should().Contain("Access-Control-Allow-Credentials", expectedHeader);
        }
コード例 #7
0
        public async Task NotOverrideAlreadyDeclaredAccessControlAllowOriginHeader()
        {
            var middleware = new HttpCorsMiddleware();

            var previousResponse = new APIGatewayProxyResponse
            {
                Headers = new Dictionary <string, string>
                {
                    { "Access-Control-Allow-Origin", "http://example.com" }
                }
            };

            await middleware.Before(request, context);

            var response = await middleware.After(previousResponse, context);

            response.Headers.Should().Contain("Access-Control-Allow-Origin", "http://example.com");
        }
コード例 #8
0
        public async Task NotOverwriteAccessControlMaxAgeHeaderIfAlreadySet()
        {
            var middleware = new HttpCorsMiddleware(new CorsOptions
            {
                MaxAge = "3600"
            });

            var previousResponse = new APIGatewayProxyResponse
            {
                Headers = new Dictionary <string, string>
                {
                    { "Access-Control-Max-Age", "-1" }
                }
            };

            await middleware.Before(request, context);

            var response = await middleware.After(previousResponse, context);

            response.Headers.Should().Contain("Access-Control-Max-Age", "-1");
        }
コード例 #9
0
        public async Task SetCacheControlHeaderIfPresentInConfigAndHttpMethodIsOptions(string configValue, string httpMethod, string expectedHeader)
        {
            var middleware = new HttpCorsMiddleware(new CorsOptions
            {
                CacheControl = configValue
            });

            var previousResponse = new APIGatewayProxyResponse();

            request.HttpMethod = httpMethod;

            await middleware.Before(request, context);

            var response = await middleware.After(previousResponse, context);

            response.Headers.Should().Contain("Access-Control-Allow-Origin", "*");
            if (!string.IsNullOrWhiteSpace(expectedHeader))
            {
                response.Headers.Should().Contain("Cache-Control", expectedHeader);
            }
        }
コード例 #10
0
        public async Task NotOverrideAlreadyDeclaredAccessControlAllowCredentialsHeader(string incomingHeader,
                                                                                        bool configValue)
        {
            var middleware = new HttpCorsMiddleware(new CorsOptions
            {
                Credentials = configValue
            });

            var previousResponse = new APIGatewayProxyResponse
            {
                Headers = new Dictionary <string, string>
                {
                    { "Access-Control-Allow-Credentials", incomingHeader }
                }
            };

            await middleware.Before(request, context);

            var response = await middleware.After(previousResponse, context);

            response.Headers.Should().Contain("Access-Control-Allow-Origin", "*");
            response.Headers.Should().Contain("Access-Control-Allow-Credentials", incomingHeader);
        }
コード例 #11
0
        public async Task NotOverwriteCacheControlHeaderIfAlreadySet()
        {
            var middleware = new HttpCorsMiddleware(new CorsOptions
            {
                CacheControl = "max-age=3600, s-maxage=3600, proxy-revalidate"
            });

            var previousResponse = new APIGatewayProxyResponse
            {
                Headers = new Dictionary <string, string>
                {
                    { "Cache-Control", "max-age=1200" }
                }
            };

            request.HttpMethod = "OPTIONS";

            await middleware.Before(request, context);

            var response = await middleware.After(previousResponse, context);

            response.Headers.Should().Contain("Access-Control-Allow-Origin", "*");
            response.Headers.Should().Contain("Cache-Control", "max-age=1200");
        }