cargo fmt
This commit is contained in:
Yong Wen Chua
parent
0b73773692
commit
4dda14373a
|
|
@ -1,5 +1,6 @@
|
|||
#![feature(proc_macro_hygiene, decl_macro)]
|
||||
#[macro_use] extern crate rocket;
|
||||
#[macro_use]
|
||||
extern crate rocket;
|
||||
extern crate rocket_cors;
|
||||
|
||||
use rocket::http::Method;
|
||||
|
|
|
|||
|
|
@ -1,5 +1,6 @@
|
|||
#![feature(proc_macro_hygiene, decl_macro)]
|
||||
#[macro_use] extern crate rocket;
|
||||
#[macro_use]
|
||||
extern crate rocket;
|
||||
extern crate rocket_cors;
|
||||
|
||||
use std::io::Cursor;
|
||||
|
|
@ -48,10 +49,7 @@ fn main() {
|
|||
};
|
||||
|
||||
rocket::ignite()
|
||||
.mount(
|
||||
"/",
|
||||
routes![responder, response],
|
||||
)
|
||||
.mount("/", routes![responder, response])
|
||||
// Mount the routes to catch all the OPTIONS pre-flight requests
|
||||
.mount("/", rocket_cors::catch_all_options_routes())
|
||||
// You can also manually mount an OPTIONS route that will be used instead
|
||||
|
|
|
|||
|
|
@ -1,5 +1,6 @@
|
|||
#![feature(proc_macro_hygiene, decl_macro)]
|
||||
#[macro_use] extern crate rocket;
|
||||
#[macro_use]
|
||||
extern crate rocket;
|
||||
extern crate rocket_cors;
|
||||
|
||||
use std::io::Cursor;
|
||||
|
|
@ -66,15 +67,7 @@ fn cors_options() -> Cors {
|
|||
|
||||
fn main() {
|
||||
rocket::ignite()
|
||||
.mount(
|
||||
"/",
|
||||
routes![
|
||||
borrowed,
|
||||
response,
|
||||
owned,
|
||||
owned_options,
|
||||
],
|
||||
)
|
||||
.mount("/", routes![borrowed, response, owned, owned_options,])
|
||||
.mount("/", rocket_cors::catch_all_options_routes()) // mount the catch all routes
|
||||
.manage(cors_options())
|
||||
.launch();
|
||||
|
|
|
|||
|
|
@ -4,7 +4,8 @@
|
|||
//! `ping` route that you want to allow all Origins to access.
|
||||
|
||||
#![feature(proc_macro_hygiene, decl_macro)]
|
||||
#[macro_use] extern crate rocket;
|
||||
#[macro_use]
|
||||
extern crate rocket;
|
||||
extern crate rocket_cors;
|
||||
|
||||
use rocket::http::Method;
|
||||
|
|
@ -59,14 +60,7 @@ fn cors_options_all() -> Cors {
|
|||
|
||||
fn main() {
|
||||
rocket::ignite()
|
||||
.mount(
|
||||
"/",
|
||||
routes![
|
||||
app,
|
||||
ping,
|
||||
ping_options,
|
||||
],
|
||||
)
|
||||
.mount("/", routes![app, ping, ping_options,])
|
||||
.mount("/", rocket_cors::catch_all_options_routes()) // mount the catch all routes
|
||||
.manage(cors_options())
|
||||
.launch();
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
//! Fairing implementation
|
||||
use std::str::FromStr;
|
||||
|
||||
use rocket::http::{self, Header, Status, uri::Origin};
|
||||
use rocket::http::{self, uri::Origin, Header, Status};
|
||||
use rocket::{self, Outcome, Request};
|
||||
|
||||
use {actual_request_response, origin, preflight_response, request_headers, validate, Cors, Error};
|
||||
|
|
@ -44,10 +44,13 @@ pub(crate) fn fairing_error_route<'r>(
|
|||
request: &'r Request,
|
||||
_: rocket::Data,
|
||||
) -> rocket::handler::Outcome<'r> {
|
||||
let status = request.get_param::<u16>(0).unwrap_or(Ok(0)).unwrap_or_else(|e| {
|
||||
error_!("Fairing Error Handling Route error: {:?}", e);
|
||||
500
|
||||
});
|
||||
let status = request
|
||||
.get_param::<u16>(0)
|
||||
.unwrap_or(Ok(0))
|
||||
.unwrap_or_else(|e| {
|
||||
error_!("Fairing Error Handling Route error: {:?}", e);
|
||||
500
|
||||
});
|
||||
let status = Status::from_code(status).unwrap_or_else(|| Status::InternalServerError);
|
||||
Outcome::Failure(status)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -20,11 +20,7 @@ use url_serde;
|
|||
#[derive(Eq, PartialEq, Clone, Debug, Hash)]
|
||||
#[cfg_attr(feature = "serialization", derive(Serialize, Deserialize))]
|
||||
pub struct HeaderFieldName(
|
||||
#[cfg_attr(
|
||||
feature = "serialization",
|
||||
serde(with = "unicase_serde::unicase")
|
||||
)]
|
||||
UniCase<String>,
|
||||
#[cfg_attr(feature = "serialization", serde(with = "unicase_serde::unicase"))] UniCase<String>,
|
||||
);
|
||||
|
||||
impl Deref for HeaderFieldName {
|
||||
|
|
|
|||
105
src/lib.rs
105
src/lib.rs
|
|
@ -751,10 +751,7 @@ impl<T> AllOrSome<T> {
|
|||
}
|
||||
|
||||
impl AllOrSome<HashSet<Url>> {
|
||||
#[deprecated(
|
||||
since = "0.1.3",
|
||||
note = "please use `AllowedOrigins::Some` instead"
|
||||
)]
|
||||
#[deprecated(since = "0.1.3", note = "please use `AllowedOrigins::Some` instead")]
|
||||
/// New `AllOrSome` from a list of URL strings.
|
||||
/// Returns a tuple where the first element is the struct `AllOrSome`,
|
||||
/// and the second element
|
||||
|
|
@ -1136,9 +1133,10 @@ impl Cors {
|
|||
Method::Put,
|
||||
Method::Patch,
|
||||
Method::Delete,
|
||||
].into_iter()
|
||||
.map(From::from)
|
||||
.collect()
|
||||
]
|
||||
.into_iter()
|
||||
.map(From::from)
|
||||
.collect()
|
||||
}
|
||||
|
||||
fn default_fairing_route_base() -> String {
|
||||
|
|
@ -2131,13 +2129,11 @@ mod tests {
|
|||
|
||||
// Build response and check built response header
|
||||
let response = response.response(response::Response::new());
|
||||
assert!(
|
||||
response
|
||||
.headers()
|
||||
.get("Access-Control-Max-Age")
|
||||
.next()
|
||||
.is_none()
|
||||
)
|
||||
assert!(response
|
||||
.headers()
|
||||
.get("Access-Control-Max-Age")
|
||||
.next()
|
||||
.is_none())
|
||||
}
|
||||
|
||||
#[test]
|
||||
|
|
@ -2168,7 +2164,8 @@ mod tests {
|
|||
validate_allowed_method(
|
||||
&FromStr::from_str(method).expect("not to fail"),
|
||||
&allowed_methods,
|
||||
).unwrap()
|
||||
)
|
||||
.unwrap()
|
||||
}
|
||||
|
||||
#[test]
|
||||
|
|
@ -2214,7 +2211,8 @@ mod tests {
|
|||
.map(|s| FromStr::from_str(*s).unwrap())
|
||||
.collect(),
|
||||
),
|
||||
).unwrap();
|
||||
)
|
||||
.unwrap();
|
||||
}
|
||||
|
||||
#[test]
|
||||
|
|
@ -2257,13 +2255,11 @@ mod tests {
|
|||
assert_eq!(expected_header, actual_header);
|
||||
|
||||
// Check that `Access-Control-Max-Age` is removed
|
||||
assert!(
|
||||
response
|
||||
.headers()
|
||||
.get("Access-Control-Max-Age")
|
||||
.next()
|
||||
.is_none()
|
||||
);
|
||||
assert!(response
|
||||
.headers()
|
||||
.get("Access-Control-Max-Age")
|
||||
.next()
|
||||
.is_none());
|
||||
}
|
||||
|
||||
#[derive(Debug, PartialEq)]
|
||||
|
|
@ -2305,9 +2301,10 @@ mod tests {
|
|||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||
hyper::method::Method::Get,
|
||||
));
|
||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap(),
|
||||
]);
|
||||
let request_headers =
|
||||
hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap()
|
||||
]);
|
||||
let request_headers = Header::from(request_headers);
|
||||
|
||||
let request = client
|
||||
|
|
@ -2338,9 +2335,10 @@ mod tests {
|
|||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||
hyper::method::Method::Get,
|
||||
));
|
||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap(),
|
||||
]);
|
||||
let request_headers =
|
||||
hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap()
|
||||
]);
|
||||
let request_headers = Header::from(request_headers);
|
||||
|
||||
let request = client
|
||||
|
|
@ -2363,9 +2361,10 @@ mod tests {
|
|||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||
hyper::method::Method::Get,
|
||||
));
|
||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap(),
|
||||
]);
|
||||
let request_headers =
|
||||
hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap()
|
||||
]);
|
||||
let request_headers = Header::from(request_headers);
|
||||
|
||||
let request = client
|
||||
|
|
@ -2394,9 +2393,10 @@ mod tests {
|
|||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||
hyper::method::Method::Get,
|
||||
));
|
||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap(),
|
||||
]);
|
||||
let request_headers =
|
||||
hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap()
|
||||
]);
|
||||
let request_headers = Header::from(request_headers);
|
||||
|
||||
let request = client
|
||||
|
|
@ -2416,9 +2416,10 @@ mod tests {
|
|||
|
||||
let origin_header =
|
||||
Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
|
||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap(),
|
||||
]);
|
||||
let request_headers =
|
||||
hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap()
|
||||
]);
|
||||
let request_headers = Header::from(request_headers);
|
||||
|
||||
let request = client
|
||||
|
|
@ -2440,9 +2441,10 @@ mod tests {
|
|||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||
hyper::method::Method::Post,
|
||||
));
|
||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap(),
|
||||
]);
|
||||
let request_headers =
|
||||
hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap()
|
||||
]);
|
||||
let request_headers = Header::from(request_headers);
|
||||
|
||||
let request = client
|
||||
|
|
@ -2562,9 +2564,10 @@ mod tests {
|
|||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||
hyper::method::Method::Get,
|
||||
));
|
||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap(),
|
||||
]);
|
||||
let request_headers =
|
||||
hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap()
|
||||
]);
|
||||
let request_headers = Header::from(request_headers);
|
||||
|
||||
let request = client
|
||||
|
|
@ -2600,9 +2603,10 @@ mod tests {
|
|||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||
hyper::method::Method::Get,
|
||||
));
|
||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap(),
|
||||
]);
|
||||
let request_headers =
|
||||
hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap()
|
||||
]);
|
||||
let request_headers = Header::from(request_headers);
|
||||
|
||||
let request = client
|
||||
|
|
@ -2638,9 +2642,10 @@ mod tests {
|
|||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||
hyper::method::Method::Get,
|
||||
));
|
||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap(),
|
||||
]);
|
||||
let request_headers =
|
||||
hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap()
|
||||
]);
|
||||
let request_headers = Header::from(request_headers);
|
||||
|
||||
let request = client
|
||||
|
|
|
|||
|
|
@ -1,7 +1,8 @@
|
|||
//! This crate tests using `rocket_cors` using Fairings
|
||||
#![feature(proc_macro_hygiene, decl_macro)]
|
||||
extern crate hyper;
|
||||
#[macro_use] extern crate rocket;
|
||||
#[macro_use]
|
||||
extern crate rocket;
|
||||
extern crate rocket_cors;
|
||||
|
||||
use std::str::FromStr;
|
||||
|
|
@ -50,9 +51,10 @@ fn smoke_test() {
|
|||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||
hyper::method::Method::Get,
|
||||
));
|
||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap(),
|
||||
]);
|
||||
let request_headers =
|
||||
hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap()
|
||||
]);
|
||||
let request_headers = Header::from(request_headers);
|
||||
let req = client
|
||||
.options("/")
|
||||
|
|
@ -90,9 +92,10 @@ fn cors_options_check() {
|
|||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||
hyper::method::Method::Get,
|
||||
));
|
||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap(),
|
||||
]);
|
||||
let request_headers =
|
||||
hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap()
|
||||
]);
|
||||
let request_headers = Header::from(request_headers);
|
||||
let req = client
|
||||
.options("/")
|
||||
|
|
@ -154,9 +157,10 @@ fn cors_options_bad_origin() {
|
|||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||
hyper::method::Method::Get,
|
||||
));
|
||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap(),
|
||||
]);
|
||||
let request_headers =
|
||||
hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap()
|
||||
]);
|
||||
let request_headers = Header::from(request_headers);
|
||||
let req = client
|
||||
.options("/")
|
||||
|
|
@ -176,9 +180,10 @@ fn cors_options_missing_origin() {
|
|||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||
hyper::method::Method::Get,
|
||||
));
|
||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap(),
|
||||
]);
|
||||
let request_headers =
|
||||
hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap()
|
||||
]);
|
||||
let request_headers = Header::from(request_headers);
|
||||
let req = client
|
||||
.options("/")
|
||||
|
|
@ -188,12 +193,10 @@ fn cors_options_missing_origin() {
|
|||
let response = req.dispatch();
|
||||
assert_eq!(response.status(), Status::NotFound);
|
||||
|
||||
assert!(
|
||||
response
|
||||
.headers()
|
||||
.get_one("Access-Control-Allow-Origin")
|
||||
.is_none()
|
||||
);
|
||||
assert!(response
|
||||
.headers()
|
||||
.get_one("Access-Control-Allow-Origin")
|
||||
.is_none());
|
||||
}
|
||||
|
||||
#[test]
|
||||
|
|
@ -205,9 +208,10 @@ fn cors_options_bad_request_method() {
|
|||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||
hyper::method::Method::Post,
|
||||
));
|
||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap(),
|
||||
]);
|
||||
let request_headers =
|
||||
hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap()
|
||||
]);
|
||||
let request_headers = Header::from(request_headers);
|
||||
let req = client
|
||||
.options("/")
|
||||
|
|
@ -217,12 +221,10 @@ fn cors_options_bad_request_method() {
|
|||
|
||||
let response = req.dispatch();
|
||||
assert_eq!(response.status(), Status::Forbidden);
|
||||
assert!(
|
||||
response
|
||||
.headers()
|
||||
.get_one("Access-Control-Allow-Origin")
|
||||
.is_none()
|
||||
);
|
||||
assert!(response
|
||||
.headers()
|
||||
.get_one("Access-Control-Allow-Origin")
|
||||
.is_none());
|
||||
}
|
||||
|
||||
#[test]
|
||||
|
|
@ -245,12 +247,10 @@ fn cors_options_bad_request_header() {
|
|||
|
||||
let response = req.dispatch();
|
||||
assert_eq!(response.status(), Status::Forbidden);
|
||||
assert!(
|
||||
response
|
||||
.headers()
|
||||
.get_one("Access-Control-Allow-Origin")
|
||||
.is_none()
|
||||
);
|
||||
assert!(response
|
||||
.headers()
|
||||
.get_one("Access-Control-Allow-Origin")
|
||||
.is_none());
|
||||
}
|
||||
|
||||
#[test]
|
||||
|
|
@ -264,12 +264,10 @@ fn cors_get_bad_origin() {
|
|||
|
||||
let response = req.dispatch();
|
||||
assert_eq!(response.status(), Status::Forbidden);
|
||||
assert!(
|
||||
response
|
||||
.headers()
|
||||
.get_one("Access-Control-Allow-Origin")
|
||||
.is_none()
|
||||
);
|
||||
assert!(response
|
||||
.headers()
|
||||
.get_one("Access-Control-Allow-Origin")
|
||||
.is_none());
|
||||
}
|
||||
|
||||
/// This test ensures that on a failing CORS request, the route (along with its side effects)
|
||||
|
|
@ -284,9 +282,10 @@ fn routes_failing_checks_are_not_executed() {
|
|||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||
hyper::method::Method::Get,
|
||||
));
|
||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap(),
|
||||
]);
|
||||
let request_headers =
|
||||
hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap()
|
||||
]);
|
||||
let request_headers = Header::from(request_headers);
|
||||
let req = client
|
||||
.options("/panic")
|
||||
|
|
@ -296,10 +295,8 @@ fn routes_failing_checks_are_not_executed() {
|
|||
|
||||
let response = req.dispatch();
|
||||
assert_eq!(response.status(), Status::Forbidden);
|
||||
assert!(
|
||||
response
|
||||
.headers()
|
||||
.get_one("Access-Control-Allow-Origin")
|
||||
.is_none()
|
||||
);
|
||||
assert!(response
|
||||
.headers()
|
||||
.get_one("Access-Control-Allow-Origin")
|
||||
.is_none());
|
||||
}
|
||||
|
|
|
|||
127
tests/guard.rs
127
tests/guard.rs
|
|
@ -1,7 +1,8 @@
|
|||
//! This crate tests using `rocket_cors` using the per-route handling with request guard
|
||||
#![feature(proc_macro_hygiene, decl_macro)]
|
||||
extern crate hyper;
|
||||
#[macro_use] extern crate rocket;
|
||||
#[macro_use]
|
||||
extern crate rocket;
|
||||
extern crate rocket_cors as cors;
|
||||
|
||||
use std::str::FromStr;
|
||||
|
|
@ -74,7 +75,10 @@ fn make_cors_options() -> cors::Cors {
|
|||
fn make_rocket() -> rocket::Rocket {
|
||||
rocket::ignite()
|
||||
.mount("/", routes![cors, panicking_route])
|
||||
.mount("/", routes![response, responder_string, responder_unit, state])
|
||||
.mount(
|
||||
"/",
|
||||
routes![response, responder_string, responder_unit, state],
|
||||
)
|
||||
.mount("/", cors::catch_all_options_routes()) // mount the catch all routes
|
||||
.mount("/", routes![cors_manual, cors_manual_options]) // manual OPTIOONS routes
|
||||
.manage(make_cors_options())
|
||||
|
|
@ -92,9 +96,10 @@ fn smoke_test() {
|
|||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||
hyper::method::Method::Get,
|
||||
));
|
||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap(),
|
||||
]);
|
||||
let request_headers =
|
||||
hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap()
|
||||
]);
|
||||
let request_headers = Header::from(request_headers);
|
||||
let req = client
|
||||
.options("/")
|
||||
|
|
@ -134,9 +139,10 @@ fn cors_options_catch_all_check() {
|
|||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||
hyper::method::Method::Get,
|
||||
));
|
||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap(),
|
||||
]);
|
||||
let request_headers =
|
||||
hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap()
|
||||
]);
|
||||
let request_headers = Header::from(request_headers);
|
||||
let req = client
|
||||
.options("/")
|
||||
|
|
@ -165,9 +171,10 @@ fn cors_options_catch_all_check_other_routes() {
|
|||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||
hyper::method::Method::Get,
|
||||
));
|
||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap(),
|
||||
]);
|
||||
let request_headers =
|
||||
hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap()
|
||||
]);
|
||||
let request_headers = Header::from(request_headers);
|
||||
let req = client
|
||||
.options("/response/unit")
|
||||
|
|
@ -220,12 +227,10 @@ fn cors_get_no_origin() {
|
|||
assert!(response.status().class().is_success());
|
||||
let body_str = response.body().and_then(|body| body.into_string());
|
||||
assert_eq!(body_str, Some("Hello CORS".to_string()));
|
||||
assert!(
|
||||
response
|
||||
.headers()
|
||||
.get_one("Access-Control-Allow-Origin")
|
||||
.is_none()
|
||||
);
|
||||
assert!(response
|
||||
.headers()
|
||||
.get_one("Access-Control-Allow-Origin")
|
||||
.is_none());
|
||||
}
|
||||
|
||||
#[test]
|
||||
|
|
@ -238,9 +243,10 @@ fn cors_options_bad_origin() {
|
|||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||
hyper::method::Method::Get,
|
||||
));
|
||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap(),
|
||||
]);
|
||||
let request_headers =
|
||||
hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap()
|
||||
]);
|
||||
let request_headers = Header::from(request_headers);
|
||||
let req = client
|
||||
.options("/")
|
||||
|
|
@ -250,12 +256,10 @@ fn cors_options_bad_origin() {
|
|||
|
||||
let response = req.dispatch();
|
||||
assert_eq!(response.status(), Status::Forbidden);
|
||||
assert!(
|
||||
response
|
||||
.headers()
|
||||
.get_one("Access-Control-Allow-Origin")
|
||||
.is_none()
|
||||
);
|
||||
assert!(response
|
||||
.headers()
|
||||
.get_one("Access-Control-Allow-Origin")
|
||||
.is_none());
|
||||
}
|
||||
|
||||
#[test]
|
||||
|
|
@ -266,9 +270,10 @@ fn cors_options_missing_origin() {
|
|||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||
hyper::method::Method::Get,
|
||||
));
|
||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap(),
|
||||
]);
|
||||
let request_headers =
|
||||
hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap()
|
||||
]);
|
||||
let request_headers = Header::from(request_headers);
|
||||
let req = client
|
||||
.options("/")
|
||||
|
|
@ -277,12 +282,10 @@ fn cors_options_missing_origin() {
|
|||
|
||||
let response = req.dispatch();
|
||||
assert!(response.status().class().is_success());
|
||||
assert!(
|
||||
response
|
||||
.headers()
|
||||
.get_one("Access-Control-Allow-Origin")
|
||||
.is_none()
|
||||
);
|
||||
assert!(response
|
||||
.headers()
|
||||
.get_one("Access-Control-Allow-Origin")
|
||||
.is_none());
|
||||
}
|
||||
|
||||
#[test]
|
||||
|
|
@ -295,9 +298,10 @@ fn cors_options_bad_request_method() {
|
|||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||
hyper::method::Method::Post,
|
||||
));
|
||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap(),
|
||||
]);
|
||||
let request_headers =
|
||||
hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap()
|
||||
]);
|
||||
let request_headers = Header::from(request_headers);
|
||||
let req = client
|
||||
.options("/")
|
||||
|
|
@ -307,12 +311,10 @@ fn cors_options_bad_request_method() {
|
|||
|
||||
let response = req.dispatch();
|
||||
assert_eq!(response.status(), Status::Forbidden);
|
||||
assert!(
|
||||
response
|
||||
.headers()
|
||||
.get_one("Access-Control-Allow-Origin")
|
||||
.is_none()
|
||||
);
|
||||
assert!(response
|
||||
.headers()
|
||||
.get_one("Access-Control-Allow-Origin")
|
||||
.is_none());
|
||||
}
|
||||
|
||||
#[test]
|
||||
|
|
@ -336,12 +338,10 @@ fn cors_options_bad_request_header() {
|
|||
|
||||
let response = req.dispatch();
|
||||
assert_eq!(response.status(), Status::Forbidden);
|
||||
assert!(
|
||||
response
|
||||
.headers()
|
||||
.get_one("Access-Control-Allow-Origin")
|
||||
.is_none()
|
||||
);
|
||||
assert!(response
|
||||
.headers()
|
||||
.get_one("Access-Control-Allow-Origin")
|
||||
.is_none());
|
||||
}
|
||||
|
||||
#[test]
|
||||
|
|
@ -356,12 +356,10 @@ fn cors_get_bad_origin() {
|
|||
|
||||
let response = req.dispatch();
|
||||
assert_eq!(response.status(), Status::Forbidden);
|
||||
assert!(
|
||||
response
|
||||
.headers()
|
||||
.get_one("Access-Control-Allow-Origin")
|
||||
.is_none()
|
||||
);
|
||||
assert!(response
|
||||
.headers()
|
||||
.get_one("Access-Control-Allow-Origin")
|
||||
.is_none());
|
||||
}
|
||||
|
||||
/// This test ensures that on a failing CORS request, the route (along with its side effects)
|
||||
|
|
@ -379,12 +377,10 @@ fn routes_failing_checks_are_not_executed() {
|
|||
|
||||
let response = req.dispatch();
|
||||
assert_eq!(response.status(), Status::Forbidden);
|
||||
assert!(
|
||||
response
|
||||
.headers()
|
||||
.get_one("Access-Control-Allow-Origin")
|
||||
.is_none()
|
||||
);
|
||||
assert!(response
|
||||
.headers()
|
||||
.get_one("Access-Control-Allow-Origin")
|
||||
.is_none());
|
||||
}
|
||||
|
||||
/// This test ensures that manually mounted CORS OPTIONS routes are used even in the presence of
|
||||
|
|
@ -399,9 +395,10 @@ fn overridden_options_routes_are_used() {
|
|||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||
hyper::method::Method::Get,
|
||||
));
|
||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap(),
|
||||
]);
|
||||
let request_headers =
|
||||
hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap()
|
||||
]);
|
||||
let request_headers = Header::from(request_headers);
|
||||
let req = client
|
||||
.options("/manual")
|
||||
|
|
|
|||
|
|
@ -1,7 +1,8 @@
|
|||
//! This crate tests that all the request headers are parsed correctly in the round trip
|
||||
#![feature(proc_macro_hygiene, decl_macro)]
|
||||
extern crate hyper;
|
||||
#[macro_use] extern crate rocket;
|
||||
#[macro_use]
|
||||
extern crate rocket;
|
||||
extern crate rocket_cors;
|
||||
|
||||
use std::ops::Deref;
|
||||
|
|
|
|||
102
tests/manual.rs
102
tests/manual.rs
|
|
@ -1,7 +1,8 @@
|
|||
//! This crate tests using `rocket_cors` using manual mode
|
||||
#![feature(proc_macro_hygiene, decl_macro)]
|
||||
extern crate hyper;
|
||||
#[macro_use] extern crate rocket;
|
||||
#[macro_use]
|
||||
extern crate rocket;
|
||||
extern crate rocket_cors;
|
||||
|
||||
use std::str::FromStr;
|
||||
|
|
@ -109,9 +110,10 @@ fn smoke_test() {
|
|||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||
hyper::method::Method::Get,
|
||||
));
|
||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap(),
|
||||
]);
|
||||
let request_headers =
|
||||
hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap()
|
||||
]);
|
||||
let request_headers = Header::from(request_headers);
|
||||
let req = client
|
||||
.options("/")
|
||||
|
|
@ -149,9 +151,10 @@ fn cors_options_borrowed_check() {
|
|||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||
hyper::method::Method::Get,
|
||||
));
|
||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap(),
|
||||
]);
|
||||
let request_headers =
|
||||
hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap()
|
||||
]);
|
||||
let request_headers = Header::from(request_headers);
|
||||
let req = client
|
||||
.options("/")
|
||||
|
|
@ -213,9 +216,10 @@ fn cors_options_bad_origin() {
|
|||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||
hyper::method::Method::Get,
|
||||
));
|
||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap(),
|
||||
]);
|
||||
let request_headers =
|
||||
hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap()
|
||||
]);
|
||||
let request_headers = Header::from(request_headers);
|
||||
let req = client
|
||||
.options("/")
|
||||
|
|
@ -234,9 +238,10 @@ fn cors_options_missing_origin() {
|
|||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||
hyper::method::Method::Get,
|
||||
));
|
||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap(),
|
||||
]);
|
||||
let request_headers =
|
||||
hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap()
|
||||
]);
|
||||
let request_headers = Header::from(request_headers);
|
||||
let req = client
|
||||
.options("/")
|
||||
|
|
@ -245,12 +250,10 @@ fn cors_options_missing_origin() {
|
|||
|
||||
let response = req.dispatch();
|
||||
assert!(response.status().class().is_success());
|
||||
assert!(
|
||||
response
|
||||
.headers()
|
||||
.get_one("Access-Control-Allow-Origin")
|
||||
.is_none()
|
||||
);
|
||||
assert!(response
|
||||
.headers()
|
||||
.get_one("Access-Control-Allow-Origin")
|
||||
.is_none());
|
||||
}
|
||||
|
||||
#[test]
|
||||
|
|
@ -262,9 +265,10 @@ fn cors_options_bad_request_method() {
|
|||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||
hyper::method::Method::Post,
|
||||
));
|
||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap(),
|
||||
]);
|
||||
let request_headers =
|
||||
hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap()
|
||||
]);
|
||||
let request_headers = Header::from(request_headers);
|
||||
let req = client
|
||||
.options("/")
|
||||
|
|
@ -274,12 +278,10 @@ fn cors_options_bad_request_method() {
|
|||
|
||||
let response = req.dispatch();
|
||||
assert_eq!(response.status(), Status::Forbidden);
|
||||
assert!(
|
||||
response
|
||||
.headers()
|
||||
.get_one("Access-Control-Allow-Origin")
|
||||
.is_none()
|
||||
);
|
||||
assert!(response
|
||||
.headers()
|
||||
.get_one("Access-Control-Allow-Origin")
|
||||
.is_none());
|
||||
}
|
||||
|
||||
#[test]
|
||||
|
|
@ -302,12 +304,10 @@ fn cors_options_bad_request_header() {
|
|||
|
||||
let response = req.dispatch();
|
||||
assert_eq!(response.status(), Status::Forbidden);
|
||||
assert!(
|
||||
response
|
||||
.headers()
|
||||
.get_one("Access-Control-Allow-Origin")
|
||||
.is_none()
|
||||
);
|
||||
assert!(response
|
||||
.headers()
|
||||
.get_one("Access-Control-Allow-Origin")
|
||||
.is_none());
|
||||
}
|
||||
|
||||
#[test]
|
||||
|
|
@ -321,12 +321,10 @@ fn cors_get_bad_origin() {
|
|||
|
||||
let response = req.dispatch();
|
||||
assert_eq!(response.status(), Status::Forbidden);
|
||||
assert!(
|
||||
response
|
||||
.headers()
|
||||
.get_one("Access-Control-Allow-Origin")
|
||||
.is_none()
|
||||
);
|
||||
assert!(response
|
||||
.headers()
|
||||
.get_one("Access-Control-Allow-Origin")
|
||||
.is_none());
|
||||
}
|
||||
|
||||
/// This test ensures that on a failing CORS request, the route (along with its side effects)
|
||||
|
|
@ -341,9 +339,10 @@ fn routes_failing_checks_are_not_executed() {
|
|||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||
hyper::method::Method::Get,
|
||||
));
|
||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap(),
|
||||
]);
|
||||
let request_headers =
|
||||
hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap()
|
||||
]);
|
||||
let request_headers = Header::from(request_headers);
|
||||
let req = client
|
||||
.options("/panic")
|
||||
|
|
@ -353,12 +352,10 @@ fn routes_failing_checks_are_not_executed() {
|
|||
|
||||
let response = req.dispatch();
|
||||
assert_eq!(response.status(), Status::Forbidden);
|
||||
assert!(
|
||||
response
|
||||
.headers()
|
||||
.get_one("Access-Control-Allow-Origin")
|
||||
.is_none()
|
||||
);
|
||||
assert!(response
|
||||
.headers()
|
||||
.get_one("Access-Control-Allow-Origin")
|
||||
.is_none());
|
||||
}
|
||||
|
||||
/// Manual OPTIONS routes are called
|
||||
|
|
@ -372,9 +369,10 @@ fn cors_options_owned_check() {
|
|||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||
hyper::method::Method::Get,
|
||||
));
|
||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap(),
|
||||
]);
|
||||
let request_headers =
|
||||
hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap()
|
||||
]);
|
||||
let request_headers = Header::from(request_headers);
|
||||
let req = client
|
||||
.options("/owned")
|
||||
|
|
|
|||
87
tests/mix.rs
87
tests/mix.rs
|
|
@ -4,7 +4,8 @@
|
|||
//! `ping` route that you want to allow all Origins to access.
|
||||
#![feature(proc_macro_hygiene, decl_macro)]
|
||||
extern crate hyper;
|
||||
#[macro_use] extern crate rocket;
|
||||
#[macro_use]
|
||||
extern crate rocket;
|
||||
extern crate rocket_cors;
|
||||
|
||||
use std::str::FromStr;
|
||||
|
|
@ -63,14 +64,7 @@ fn cors_options_all() -> Cors {
|
|||
|
||||
fn rocket() -> rocket::Rocket {
|
||||
rocket::ignite()
|
||||
.mount(
|
||||
"/",
|
||||
routes![
|
||||
app,
|
||||
ping,
|
||||
ping_options,
|
||||
],
|
||||
)
|
||||
.mount("/", routes![app, ping, ping_options,])
|
||||
.mount("/", rocket_cors::catch_all_options_routes()) // mount the catch all routes
|
||||
.manage(cors_options())
|
||||
}
|
||||
|
|
@ -85,9 +79,10 @@ fn smoke_test() {
|
|||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||
hyper::method::Method::Get,
|
||||
));
|
||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap(),
|
||||
]);
|
||||
let request_headers =
|
||||
hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap()
|
||||
]);
|
||||
let request_headers = Header::from(request_headers);
|
||||
let req = client
|
||||
.options("/")
|
||||
|
|
@ -125,9 +120,10 @@ fn cors_options_check() {
|
|||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||
hyper::method::Method::Get,
|
||||
));
|
||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap(),
|
||||
]);
|
||||
let request_headers =
|
||||
hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap()
|
||||
]);
|
||||
let request_headers = Header::from(request_headers);
|
||||
let req = client
|
||||
.options("/")
|
||||
|
|
@ -189,9 +185,10 @@ fn cors_options_bad_origin() {
|
|||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||
hyper::method::Method::Get,
|
||||
));
|
||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap(),
|
||||
]);
|
||||
let request_headers =
|
||||
hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap()
|
||||
]);
|
||||
let request_headers = Header::from(request_headers);
|
||||
let req = client
|
||||
.options("/")
|
||||
|
|
@ -210,9 +207,10 @@ fn cors_options_missing_origin() {
|
|||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||
hyper::method::Method::Get,
|
||||
));
|
||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap(),
|
||||
]);
|
||||
let request_headers =
|
||||
hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap()
|
||||
]);
|
||||
let request_headers = Header::from(request_headers);
|
||||
let req = client
|
||||
.options("/")
|
||||
|
|
@ -221,12 +219,10 @@ fn cors_options_missing_origin() {
|
|||
|
||||
let response = req.dispatch();
|
||||
assert!(response.status().class().is_success());
|
||||
assert!(
|
||||
response
|
||||
.headers()
|
||||
.get_one("Access-Control-Allow-Origin")
|
||||
.is_none()
|
||||
);
|
||||
assert!(response
|
||||
.headers()
|
||||
.get_one("Access-Control-Allow-Origin")
|
||||
.is_none());
|
||||
}
|
||||
|
||||
#[test]
|
||||
|
|
@ -238,9 +234,10 @@ fn cors_options_bad_request_method() {
|
|||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||
hyper::method::Method::Post,
|
||||
));
|
||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap(),
|
||||
]);
|
||||
let request_headers =
|
||||
hyper::header::AccessControlRequestHeaders(vec![
|
||||
FromStr::from_str("Authorization").unwrap()
|
||||
]);
|
||||
let request_headers = Header::from(request_headers);
|
||||
let req = client
|
||||
.options("/")
|
||||
|
|
@ -250,12 +247,10 @@ fn cors_options_bad_request_method() {
|
|||
|
||||
let response = req.dispatch();
|
||||
assert_eq!(response.status(), Status::Forbidden);
|
||||
assert!(
|
||||
response
|
||||
.headers()
|
||||
.get_one("Access-Control-Allow-Origin")
|
||||
.is_none()
|
||||
);
|
||||
assert!(response
|
||||
.headers()
|
||||
.get_one("Access-Control-Allow-Origin")
|
||||
.is_none());
|
||||
}
|
||||
|
||||
#[test]
|
||||
|
|
@ -278,12 +273,10 @@ fn cors_options_bad_request_header() {
|
|||
|
||||
let response = req.dispatch();
|
||||
assert_eq!(response.status(), Status::Forbidden);
|
||||
assert!(
|
||||
response
|
||||
.headers()
|
||||
.get_one("Access-Control-Allow-Origin")
|
||||
.is_none()
|
||||
);
|
||||
assert!(response
|
||||
.headers()
|
||||
.get_one("Access-Control-Allow-Origin")
|
||||
.is_none());
|
||||
}
|
||||
|
||||
#[test]
|
||||
|
|
@ -297,12 +290,10 @@ fn cors_get_bad_origin() {
|
|||
|
||||
let response = req.dispatch();
|
||||
assert_eq!(response.status(), Status::Forbidden);
|
||||
assert!(
|
||||
response
|
||||
.headers()
|
||||
.get_one("Access-Control-Allow-Origin")
|
||||
.is_none()
|
||||
);
|
||||
assert!(response
|
||||
.headers()
|
||||
.get_one("Access-Control-Allow-Origin")
|
||||
.is_none());
|
||||
}
|
||||
|
||||
/// Tests that the `ping` route accepts other Origins
|
||||
|
|
|
|||
Loading…
Reference in New Issue