public void HttpMethodActionConstraint_Accept_CaseInsensitive(IEnumerable <string> httpMethods, string expectedMethod)
{
// Arrange
var constraint = new CorsHttpMethodActionConstraint(new HttpMethodActionConstraint(httpMethods)) as IActionConstraint;
var context = CreateActionConstraintContext(constraint);
context.RouteContext = CreateRouteContext(expectedMethod);
// Act
var result = constraint.Accept(context);
// Assert
Assert.True(result, "Request should have been accepted.");
}
public void HttpMethodActionConstraint_RejectsOptionsRequest_WithoutAccessControlMethod()
{
// Arrange
var constraint = new CorsHttpMethodActionConstraint(new HttpMethodActionConstraint(new[] { "GET", "Post" })) as IActionConstraint;
var context = CreateActionConstraintContext(constraint);
context.RouteContext = CreateRouteContext("oPtIoNs", accessControlMethod: "");
// Act
var result = constraint.Accept(context);
// Assert
Assert.False(result, "Request should have been rejected.");
}