public void Constructor_WithPolicy_AddsTheGivenPolicy() { // Arrange var originalPolicy = new CorsPolicy(); originalPolicy.Origins.Add("http://existing.com"); originalPolicy.Headers.Add("Existing"); originalPolicy.Methods.Add("GET"); originalPolicy.ExposedHeaders.Add("ExistingExposed"); originalPolicy.SupportsCredentials = true; originalPolicy.PreflightMaxAge = TimeSpan.FromSeconds(12); // Act var builder = new CorsPolicyBuilder(originalPolicy); // Assert var corsPolicy = builder.Build(); Assert.False(corsPolicy.AllowAnyHeader); Assert.False(corsPolicy.AllowAnyMethod); Assert.False(corsPolicy.AllowAnyOrigin); Assert.True(corsPolicy.SupportsCredentials); Assert.NotSame(originalPolicy.Headers, corsPolicy.Headers); Assert.Equal(originalPolicy.Headers, corsPolicy.Headers); Assert.NotSame(originalPolicy.Methods, corsPolicy.Methods); Assert.Equal(originalPolicy.Methods, corsPolicy.Methods); Assert.NotSame(originalPolicy.Origins, corsPolicy.Origins); Assert.Equal(originalPolicy.Origins, corsPolicy.Origins); Assert.NotSame(originalPolicy.ExposedHeaders, corsPolicy.ExposedHeaders); Assert.Equal(originalPolicy.ExposedHeaders, corsPolicy.ExposedHeaders); Assert.Equal(TimeSpan.FromSeconds(12), corsPolicy.PreflightMaxAge); }
private CorsPolicy Allow(string origin) { var policyBuilder = new CorsPolicyBuilder(); var policy = policyBuilder .WithOrigins(origin) .AllowAnyHeader() .AllowAnyMethod() .Build(); return policy; }
/// <summary> /// Adds a new policy. /// </summary> /// <param name="name">The name of the policy.</param> /// <param name="configurePolicy">A delegate which can use a policy builder to build a policy.</param> public void AddPolicy(string name, Action<CorsPolicyBuilder> configurePolicy) { if (name == null) { throw new ArgumentNullException(nameof(name)); } if (configurePolicy == null) { throw new ArgumentNullException(nameof(configurePolicy)); } var policyBuilder = new CorsPolicyBuilder(); configurePolicy(policyBuilder); PolicyMap[name] = policyBuilder.Build(); }
public void Constructor_WithNoOrigin() { // Arrange & Act var builder = new CorsPolicyBuilder(); // Assert var corsPolicy = builder.Build(); Assert.False(corsPolicy.AllowAnyHeader); Assert.False(corsPolicy.AllowAnyMethod); Assert.False(corsPolicy.AllowAnyOrigin); Assert.False(corsPolicy.SupportsCredentials); Assert.Empty(corsPolicy.ExposedHeaders); Assert.Empty(corsPolicy.Headers); Assert.Empty(corsPolicy.Methods); Assert.Empty(corsPolicy.Origins); Assert.Null(corsPolicy.PreflightMaxAge); }
/// <summary> /// Adds a CORS middleware to your web application pipeline to allow cross domain requests. /// </summary> /// <param name="app">The IApplicationBuilder passed to your Configure method.</param> /// <param name="configurePolicy">A delegate which can use a policy builder to build a policy.</param> /// <returns>The original app parameter</returns> public static IApplicationBuilder UseCors( this IApplicationBuilder app, Action<CorsPolicyBuilder> configurePolicy) { if (app == null) { throw new ArgumentNullException(nameof(app)); } if (configurePolicy == null) { throw new ArgumentNullException(nameof(configurePolicy)); } var policyBuilder = new CorsPolicyBuilder(); configurePolicy(policyBuilder); return app.UseMiddleware<CorsMiddleware>(policyBuilder.Build()); }
public void Constructor_WithParamsOrigin_InitializesOrigin(string origin) { // Arrange var origins = origin.Split(','); // Act var builder = new CorsPolicyBuilder(origins); // Assert var corsPolicy = builder.Build(); Assert.False(corsPolicy.AllowAnyHeader); Assert.False(corsPolicy.AllowAnyMethod); Assert.False(corsPolicy.AllowAnyOrigin); Assert.False(corsPolicy.SupportsCredentials); Assert.Empty(corsPolicy.ExposedHeaders); Assert.Empty(corsPolicy.Headers); Assert.Empty(corsPolicy.Methods); Assert.Equal(origins.ToList(), corsPolicy.Origins); Assert.Null(corsPolicy.PreflightMaxAge); }
public void ConstructorWithPolicy_HavingNullPreflightMaxAge_AddsTheGivenPolicy() { // Arrange var originalPolicy = new CorsPolicy(); originalPolicy.Origins.Add("http://existing.com"); // Act var builder = new CorsPolicyBuilder(originalPolicy); // Assert var corsPolicy = builder.Build(); Assert.Null(corsPolicy.PreflightMaxAge); Assert.False(corsPolicy.AllowAnyHeader); Assert.False(corsPolicy.AllowAnyMethod); Assert.False(corsPolicy.AllowAnyOrigin); Assert.NotSame(originalPolicy.Origins, corsPolicy.Origins); Assert.Equal(originalPolicy.Origins, corsPolicy.Origins); Assert.Empty(corsPolicy.Headers); Assert.Empty(corsPolicy.Methods); Assert.Empty(corsPolicy.ExposedHeaders); }
public void DisallowCredential_SetsSupportsCredentials_ToFalse() { // Arrange var builder = new CorsPolicyBuilder(); // Act builder.DisallowCredentials(); // Assert var corsPolicy = builder.Build(); Assert.False(corsPolicy.SupportsCredentials); }
public void SetPreFlightMaxAge_SetsThePreFlightAge() { // Arrange var builder = new CorsPolicyBuilder(); // Act builder.SetPreflightMaxAge(TimeSpan.FromSeconds(12)); // Assert var corsPolicy = builder.Build(); Assert.Equal(TimeSpan.FromSeconds(12), corsPolicy.PreflightMaxAge); }
public void WithExposedHeaders_AddsExposedHeaders() { // Arrange var builder = new CorsPolicyBuilder(); // Act builder.WithExposedHeaders("exposed1", "exposed2"); // Assert var corsPolicy = builder.Build(); Assert.Equal(new List<string>() { "exposed1", "exposed2" }, corsPolicy.ExposedHeaders); }
public void AllowAnyHeaders_AllowsAny() { // Arrange var builder = new CorsPolicyBuilder(); // Act builder.AllowAnyHeader(); // Assert var corsPolicy = builder.Build(); Assert.True(corsPolicy.AllowAnyHeader); Assert.Equal(new List<string>() { "*" }, corsPolicy.Headers); }
public void WithHeaders_AddsHeaders() { // Arrange var builder = new CorsPolicyBuilder(); // Act builder.WithHeaders("example1", "example2"); // Assert var corsPolicy = builder.Build(); Assert.False(corsPolicy.AllowAnyHeader); Assert.Equal(new List<string>() { "example1", "example2" }, corsPolicy.Headers); }
public void WithMethods_AddsMethods() { // Arrange var builder = new CorsPolicyBuilder(); // Act builder.WithMethods("PUT", "GET"); // Assert var corsPolicy = builder.Build(); Assert.False(corsPolicy.AllowAnyOrigin); Assert.Equal(new List<string>() { "PUT", "GET" }, corsPolicy.Methods); }
public void WithOrigins_AddsOrigins() { // Arrange var builder = new CorsPolicyBuilder(); // Act builder.WithOrigins("http://example.com", "http://example2.com"); // Assert var corsPolicy = builder.Build(); Assert.False(corsPolicy.AllowAnyOrigin); Assert.Equal(new List<string>() { "http://example.com", "http://example2.com" }, corsPolicy.Origins); }
private void ConfigureCors(IServiceCollection services) { // For this demo allow everything so we don't have to hastle around var corsBuilder = new CorsPolicyBuilder(); corsBuilder.AllowAnyHeader(); corsBuilder.AllowAnyMethod(); corsBuilder.AllowAnyOrigin(); corsBuilder.AllowCredentials(); services.AddCors(options => { options.AddPolicy(CORS_POLICY_NAME, corsBuilder.Build()); }); }