cargo fmt
This commit is contained in:
parent
0b73773692
commit
4dda14373a
|
@ -1,5 +1,6 @@
|
||||||
#![feature(proc_macro_hygiene, decl_macro)]
|
#![feature(proc_macro_hygiene, decl_macro)]
|
||||||
#[macro_use] extern crate rocket;
|
#[macro_use]
|
||||||
|
extern crate rocket;
|
||||||
extern crate rocket_cors;
|
extern crate rocket_cors;
|
||||||
|
|
||||||
use rocket::http::Method;
|
use rocket::http::Method;
|
||||||
|
|
|
@ -1,5 +1,6 @@
|
||||||
#![feature(proc_macro_hygiene, decl_macro)]
|
#![feature(proc_macro_hygiene, decl_macro)]
|
||||||
#[macro_use] extern crate rocket;
|
#[macro_use]
|
||||||
|
extern crate rocket;
|
||||||
extern crate rocket_cors;
|
extern crate rocket_cors;
|
||||||
|
|
||||||
use std::io::Cursor;
|
use std::io::Cursor;
|
||||||
|
@ -48,10 +49,7 @@ fn main() {
|
||||||
};
|
};
|
||||||
|
|
||||||
rocket::ignite()
|
rocket::ignite()
|
||||||
.mount(
|
.mount("/", routes![responder, response])
|
||||||
"/",
|
|
||||||
routes![responder, response],
|
|
||||||
)
|
|
||||||
// Mount the routes to catch all the OPTIONS pre-flight requests
|
// Mount the routes to catch all the OPTIONS pre-flight requests
|
||||||
.mount("/", rocket_cors::catch_all_options_routes())
|
.mount("/", rocket_cors::catch_all_options_routes())
|
||||||
// You can also manually mount an OPTIONS route that will be used instead
|
// You can also manually mount an OPTIONS route that will be used instead
|
||||||
|
|
|
@ -1,5 +1,6 @@
|
||||||
#![feature(proc_macro_hygiene, decl_macro)]
|
#![feature(proc_macro_hygiene, decl_macro)]
|
||||||
#[macro_use] extern crate rocket;
|
#[macro_use]
|
||||||
|
extern crate rocket;
|
||||||
extern crate rocket_cors;
|
extern crate rocket_cors;
|
||||||
|
|
||||||
use std::io::Cursor;
|
use std::io::Cursor;
|
||||||
|
@ -66,15 +67,7 @@ fn cors_options() -> Cors {
|
||||||
|
|
||||||
fn main() {
|
fn main() {
|
||||||
rocket::ignite()
|
rocket::ignite()
|
||||||
.mount(
|
.mount("/", routes![borrowed, response, owned, owned_options,])
|
||||||
"/",
|
|
||||||
routes![
|
|
||||||
borrowed,
|
|
||||||
response,
|
|
||||||
owned,
|
|
||||||
owned_options,
|
|
||||||
],
|
|
||||||
)
|
|
||||||
.mount("/", rocket_cors::catch_all_options_routes()) // mount the catch all routes
|
.mount("/", rocket_cors::catch_all_options_routes()) // mount the catch all routes
|
||||||
.manage(cors_options())
|
.manage(cors_options())
|
||||||
.launch();
|
.launch();
|
||||||
|
|
|
@ -4,7 +4,8 @@
|
||||||
//! `ping` route that you want to allow all Origins to access.
|
//! `ping` route that you want to allow all Origins to access.
|
||||||
|
|
||||||
#![feature(proc_macro_hygiene, decl_macro)]
|
#![feature(proc_macro_hygiene, decl_macro)]
|
||||||
#[macro_use] extern crate rocket;
|
#[macro_use]
|
||||||
|
extern crate rocket;
|
||||||
extern crate rocket_cors;
|
extern crate rocket_cors;
|
||||||
|
|
||||||
use rocket::http::Method;
|
use rocket::http::Method;
|
||||||
|
@ -59,14 +60,7 @@ fn cors_options_all() -> Cors {
|
||||||
|
|
||||||
fn main() {
|
fn main() {
|
||||||
rocket::ignite()
|
rocket::ignite()
|
||||||
.mount(
|
.mount("/", routes![app, ping, ping_options,])
|
||||||
"/",
|
|
||||||
routes![
|
|
||||||
app,
|
|
||||||
ping,
|
|
||||||
ping_options,
|
|
||||||
],
|
|
||||||
)
|
|
||||||
.mount("/", rocket_cors::catch_all_options_routes()) // mount the catch all routes
|
.mount("/", rocket_cors::catch_all_options_routes()) // mount the catch all routes
|
||||||
.manage(cors_options())
|
.manage(cors_options())
|
||||||
.launch();
|
.launch();
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
//! Fairing implementation
|
//! Fairing implementation
|
||||||
use std::str::FromStr;
|
use std::str::FromStr;
|
||||||
|
|
||||||
use rocket::http::{self, Header, Status, uri::Origin};
|
use rocket::http::{self, uri::Origin, Header, Status};
|
||||||
use rocket::{self, Outcome, Request};
|
use rocket::{self, Outcome, Request};
|
||||||
|
|
||||||
use {actual_request_response, origin, preflight_response, request_headers, validate, Cors, Error};
|
use {actual_request_response, origin, preflight_response, request_headers, validate, Cors, Error};
|
||||||
|
@ -44,10 +44,13 @@ pub(crate) fn fairing_error_route<'r>(
|
||||||
request: &'r Request,
|
request: &'r Request,
|
||||||
_: rocket::Data,
|
_: rocket::Data,
|
||||||
) -> rocket::handler::Outcome<'r> {
|
) -> rocket::handler::Outcome<'r> {
|
||||||
let status = request.get_param::<u16>(0).unwrap_or(Ok(0)).unwrap_or_else(|e| {
|
let status = request
|
||||||
error_!("Fairing Error Handling Route error: {:?}", e);
|
.get_param::<u16>(0)
|
||||||
500
|
.unwrap_or(Ok(0))
|
||||||
});
|
.unwrap_or_else(|e| {
|
||||||
|
error_!("Fairing Error Handling Route error: {:?}", e);
|
||||||
|
500
|
||||||
|
});
|
||||||
let status = Status::from_code(status).unwrap_or_else(|| Status::InternalServerError);
|
let status = Status::from_code(status).unwrap_or_else(|| Status::InternalServerError);
|
||||||
Outcome::Failure(status)
|
Outcome::Failure(status)
|
||||||
}
|
}
|
||||||
|
|
|
@ -20,11 +20,7 @@ use url_serde;
|
||||||
#[derive(Eq, PartialEq, Clone, Debug, Hash)]
|
#[derive(Eq, PartialEq, Clone, Debug, Hash)]
|
||||||
#[cfg_attr(feature = "serialization", derive(Serialize, Deserialize))]
|
#[cfg_attr(feature = "serialization", derive(Serialize, Deserialize))]
|
||||||
pub struct HeaderFieldName(
|
pub struct HeaderFieldName(
|
||||||
#[cfg_attr(
|
#[cfg_attr(feature = "serialization", serde(with = "unicase_serde::unicase"))] UniCase<String>,
|
||||||
feature = "serialization",
|
|
||||||
serde(with = "unicase_serde::unicase")
|
|
||||||
)]
|
|
||||||
UniCase<String>,
|
|
||||||
);
|
);
|
||||||
|
|
||||||
impl Deref for HeaderFieldName {
|
impl Deref for HeaderFieldName {
|
||||||
|
|
105
src/lib.rs
105
src/lib.rs
|
@ -751,10 +751,7 @@ impl<T> AllOrSome<T> {
|
||||||
}
|
}
|
||||||
|
|
||||||
impl AllOrSome<HashSet<Url>> {
|
impl AllOrSome<HashSet<Url>> {
|
||||||
#[deprecated(
|
#[deprecated(since = "0.1.3", note = "please use `AllowedOrigins::Some` instead")]
|
||||||
since = "0.1.3",
|
|
||||||
note = "please use `AllowedOrigins::Some` instead"
|
|
||||||
)]
|
|
||||||
/// New `AllOrSome` from a list of URL strings.
|
/// New `AllOrSome` from a list of URL strings.
|
||||||
/// Returns a tuple where the first element is the struct `AllOrSome`,
|
/// Returns a tuple where the first element is the struct `AllOrSome`,
|
||||||
/// and the second element
|
/// and the second element
|
||||||
|
@ -1136,9 +1133,10 @@ impl Cors {
|
||||||
Method::Put,
|
Method::Put,
|
||||||
Method::Patch,
|
Method::Patch,
|
||||||
Method::Delete,
|
Method::Delete,
|
||||||
].into_iter()
|
]
|
||||||
.map(From::from)
|
.into_iter()
|
||||||
.collect()
|
.map(From::from)
|
||||||
|
.collect()
|
||||||
}
|
}
|
||||||
|
|
||||||
fn default_fairing_route_base() -> String {
|
fn default_fairing_route_base() -> String {
|
||||||
|
@ -2131,13 +2129,11 @@ mod tests {
|
||||||
|
|
||||||
// Build response and check built response header
|
// Build response and check built response header
|
||||||
let response = response.response(response::Response::new());
|
let response = response.response(response::Response::new());
|
||||||
assert!(
|
assert!(response
|
||||||
response
|
.headers()
|
||||||
.headers()
|
.get("Access-Control-Max-Age")
|
||||||
.get("Access-Control-Max-Age")
|
.next()
|
||||||
.next()
|
.is_none())
|
||||||
.is_none()
|
|
||||||
)
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
|
@ -2168,7 +2164,8 @@ mod tests {
|
||||||
validate_allowed_method(
|
validate_allowed_method(
|
||||||
&FromStr::from_str(method).expect("not to fail"),
|
&FromStr::from_str(method).expect("not to fail"),
|
||||||
&allowed_methods,
|
&allowed_methods,
|
||||||
).unwrap()
|
)
|
||||||
|
.unwrap()
|
||||||
}
|
}
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
|
@ -2214,7 +2211,8 @@ mod tests {
|
||||||
.map(|s| FromStr::from_str(*s).unwrap())
|
.map(|s| FromStr::from_str(*s).unwrap())
|
||||||
.collect(),
|
.collect(),
|
||||||
),
|
),
|
||||||
).unwrap();
|
)
|
||||||
|
.unwrap();
|
||||||
}
|
}
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
|
@ -2257,13 +2255,11 @@ mod tests {
|
||||||
assert_eq!(expected_header, actual_header);
|
assert_eq!(expected_header, actual_header);
|
||||||
|
|
||||||
// Check that `Access-Control-Max-Age` is removed
|
// Check that `Access-Control-Max-Age` is removed
|
||||||
assert!(
|
assert!(response
|
||||||
response
|
.headers()
|
||||||
.headers()
|
.get("Access-Control-Max-Age")
|
||||||
.get("Access-Control-Max-Age")
|
.next()
|
||||||
.next()
|
.is_none());
|
||||||
.is_none()
|
|
||||||
);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#[derive(Debug, PartialEq)]
|
#[derive(Debug, PartialEq)]
|
||||||
|
@ -2305,9 +2301,10 @@ mod tests {
|
||||||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||||
hyper::method::Method::Get,
|
hyper::method::Method::Get,
|
||||||
));
|
));
|
||||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
let request_headers =
|
||||||
FromStr::from_str("Authorization").unwrap(),
|
hyper::header::AccessControlRequestHeaders(vec![
|
||||||
]);
|
FromStr::from_str("Authorization").unwrap()
|
||||||
|
]);
|
||||||
let request_headers = Header::from(request_headers);
|
let request_headers = Header::from(request_headers);
|
||||||
|
|
||||||
let request = client
|
let request = client
|
||||||
|
@ -2338,9 +2335,10 @@ mod tests {
|
||||||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||||
hyper::method::Method::Get,
|
hyper::method::Method::Get,
|
||||||
));
|
));
|
||||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
let request_headers =
|
||||||
FromStr::from_str("Authorization").unwrap(),
|
hyper::header::AccessControlRequestHeaders(vec![
|
||||||
]);
|
FromStr::from_str("Authorization").unwrap()
|
||||||
|
]);
|
||||||
let request_headers = Header::from(request_headers);
|
let request_headers = Header::from(request_headers);
|
||||||
|
|
||||||
let request = client
|
let request = client
|
||||||
|
@ -2363,9 +2361,10 @@ mod tests {
|
||||||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||||
hyper::method::Method::Get,
|
hyper::method::Method::Get,
|
||||||
));
|
));
|
||||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
let request_headers =
|
||||||
FromStr::from_str("Authorization").unwrap(),
|
hyper::header::AccessControlRequestHeaders(vec![
|
||||||
]);
|
FromStr::from_str("Authorization").unwrap()
|
||||||
|
]);
|
||||||
let request_headers = Header::from(request_headers);
|
let request_headers = Header::from(request_headers);
|
||||||
|
|
||||||
let request = client
|
let request = client
|
||||||
|
@ -2394,9 +2393,10 @@ mod tests {
|
||||||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||||
hyper::method::Method::Get,
|
hyper::method::Method::Get,
|
||||||
));
|
));
|
||||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
let request_headers =
|
||||||
FromStr::from_str("Authorization").unwrap(),
|
hyper::header::AccessControlRequestHeaders(vec![
|
||||||
]);
|
FromStr::from_str("Authorization").unwrap()
|
||||||
|
]);
|
||||||
let request_headers = Header::from(request_headers);
|
let request_headers = Header::from(request_headers);
|
||||||
|
|
||||||
let request = client
|
let request = client
|
||||||
|
@ -2416,9 +2416,10 @@ mod tests {
|
||||||
|
|
||||||
let origin_header =
|
let origin_header =
|
||||||
Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
|
Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
|
||||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
let request_headers =
|
||||||
FromStr::from_str("Authorization").unwrap(),
|
hyper::header::AccessControlRequestHeaders(vec![
|
||||||
]);
|
FromStr::from_str("Authorization").unwrap()
|
||||||
|
]);
|
||||||
let request_headers = Header::from(request_headers);
|
let request_headers = Header::from(request_headers);
|
||||||
|
|
||||||
let request = client
|
let request = client
|
||||||
|
@ -2440,9 +2441,10 @@ mod tests {
|
||||||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||||
hyper::method::Method::Post,
|
hyper::method::Method::Post,
|
||||||
));
|
));
|
||||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
let request_headers =
|
||||||
FromStr::from_str("Authorization").unwrap(),
|
hyper::header::AccessControlRequestHeaders(vec![
|
||||||
]);
|
FromStr::from_str("Authorization").unwrap()
|
||||||
|
]);
|
||||||
let request_headers = Header::from(request_headers);
|
let request_headers = Header::from(request_headers);
|
||||||
|
|
||||||
let request = client
|
let request = client
|
||||||
|
@ -2562,9 +2564,10 @@ mod tests {
|
||||||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||||
hyper::method::Method::Get,
|
hyper::method::Method::Get,
|
||||||
));
|
));
|
||||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
let request_headers =
|
||||||
FromStr::from_str("Authorization").unwrap(),
|
hyper::header::AccessControlRequestHeaders(vec![
|
||||||
]);
|
FromStr::from_str("Authorization").unwrap()
|
||||||
|
]);
|
||||||
let request_headers = Header::from(request_headers);
|
let request_headers = Header::from(request_headers);
|
||||||
|
|
||||||
let request = client
|
let request = client
|
||||||
|
@ -2600,9 +2603,10 @@ mod tests {
|
||||||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||||
hyper::method::Method::Get,
|
hyper::method::Method::Get,
|
||||||
));
|
));
|
||||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
let request_headers =
|
||||||
FromStr::from_str("Authorization").unwrap(),
|
hyper::header::AccessControlRequestHeaders(vec![
|
||||||
]);
|
FromStr::from_str("Authorization").unwrap()
|
||||||
|
]);
|
||||||
let request_headers = Header::from(request_headers);
|
let request_headers = Header::from(request_headers);
|
||||||
|
|
||||||
let request = client
|
let request = client
|
||||||
|
@ -2638,9 +2642,10 @@ mod tests {
|
||||||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||||
hyper::method::Method::Get,
|
hyper::method::Method::Get,
|
||||||
));
|
));
|
||||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
let request_headers =
|
||||||
FromStr::from_str("Authorization").unwrap(),
|
hyper::header::AccessControlRequestHeaders(vec![
|
||||||
]);
|
FromStr::from_str("Authorization").unwrap()
|
||||||
|
]);
|
||||||
let request_headers = Header::from(request_headers);
|
let request_headers = Header::from(request_headers);
|
||||||
|
|
||||||
let request = client
|
let request = client
|
||||||
|
|
|
@ -1,7 +1,8 @@
|
||||||
//! This crate tests using `rocket_cors` using Fairings
|
//! This crate tests using `rocket_cors` using Fairings
|
||||||
#![feature(proc_macro_hygiene, decl_macro)]
|
#![feature(proc_macro_hygiene, decl_macro)]
|
||||||
extern crate hyper;
|
extern crate hyper;
|
||||||
#[macro_use] extern crate rocket;
|
#[macro_use]
|
||||||
|
extern crate rocket;
|
||||||
extern crate rocket_cors;
|
extern crate rocket_cors;
|
||||||
|
|
||||||
use std::str::FromStr;
|
use std::str::FromStr;
|
||||||
|
@ -50,9 +51,10 @@ fn smoke_test() {
|
||||||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||||
hyper::method::Method::Get,
|
hyper::method::Method::Get,
|
||||||
));
|
));
|
||||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
let request_headers =
|
||||||
FromStr::from_str("Authorization").unwrap(),
|
hyper::header::AccessControlRequestHeaders(vec![
|
||||||
]);
|
FromStr::from_str("Authorization").unwrap()
|
||||||
|
]);
|
||||||
let request_headers = Header::from(request_headers);
|
let request_headers = Header::from(request_headers);
|
||||||
let req = client
|
let req = client
|
||||||
.options("/")
|
.options("/")
|
||||||
|
@ -90,9 +92,10 @@ fn cors_options_check() {
|
||||||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||||
hyper::method::Method::Get,
|
hyper::method::Method::Get,
|
||||||
));
|
));
|
||||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
let request_headers =
|
||||||
FromStr::from_str("Authorization").unwrap(),
|
hyper::header::AccessControlRequestHeaders(vec![
|
||||||
]);
|
FromStr::from_str("Authorization").unwrap()
|
||||||
|
]);
|
||||||
let request_headers = Header::from(request_headers);
|
let request_headers = Header::from(request_headers);
|
||||||
let req = client
|
let req = client
|
||||||
.options("/")
|
.options("/")
|
||||||
|
@ -154,9 +157,10 @@ fn cors_options_bad_origin() {
|
||||||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||||
hyper::method::Method::Get,
|
hyper::method::Method::Get,
|
||||||
));
|
));
|
||||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
let request_headers =
|
||||||
FromStr::from_str("Authorization").unwrap(),
|
hyper::header::AccessControlRequestHeaders(vec![
|
||||||
]);
|
FromStr::from_str("Authorization").unwrap()
|
||||||
|
]);
|
||||||
let request_headers = Header::from(request_headers);
|
let request_headers = Header::from(request_headers);
|
||||||
let req = client
|
let req = client
|
||||||
.options("/")
|
.options("/")
|
||||||
|
@ -176,9 +180,10 @@ fn cors_options_missing_origin() {
|
||||||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||||
hyper::method::Method::Get,
|
hyper::method::Method::Get,
|
||||||
));
|
));
|
||||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
let request_headers =
|
||||||
FromStr::from_str("Authorization").unwrap(),
|
hyper::header::AccessControlRequestHeaders(vec![
|
||||||
]);
|
FromStr::from_str("Authorization").unwrap()
|
||||||
|
]);
|
||||||
let request_headers = Header::from(request_headers);
|
let request_headers = Header::from(request_headers);
|
||||||
let req = client
|
let req = client
|
||||||
.options("/")
|
.options("/")
|
||||||
|
@ -188,12 +193,10 @@ fn cors_options_missing_origin() {
|
||||||
let response = req.dispatch();
|
let response = req.dispatch();
|
||||||
assert_eq!(response.status(), Status::NotFound);
|
assert_eq!(response.status(), Status::NotFound);
|
||||||
|
|
||||||
assert!(
|
assert!(response
|
||||||
response
|
.headers()
|
||||||
.headers()
|
.get_one("Access-Control-Allow-Origin")
|
||||||
.get_one("Access-Control-Allow-Origin")
|
.is_none());
|
||||||
.is_none()
|
|
||||||
);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
|
@ -205,9 +208,10 @@ fn cors_options_bad_request_method() {
|
||||||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||||
hyper::method::Method::Post,
|
hyper::method::Method::Post,
|
||||||
));
|
));
|
||||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
let request_headers =
|
||||||
FromStr::from_str("Authorization").unwrap(),
|
hyper::header::AccessControlRequestHeaders(vec![
|
||||||
]);
|
FromStr::from_str("Authorization").unwrap()
|
||||||
|
]);
|
||||||
let request_headers = Header::from(request_headers);
|
let request_headers = Header::from(request_headers);
|
||||||
let req = client
|
let req = client
|
||||||
.options("/")
|
.options("/")
|
||||||
|
@ -217,12 +221,10 @@ fn cors_options_bad_request_method() {
|
||||||
|
|
||||||
let response = req.dispatch();
|
let response = req.dispatch();
|
||||||
assert_eq!(response.status(), Status::Forbidden);
|
assert_eq!(response.status(), Status::Forbidden);
|
||||||
assert!(
|
assert!(response
|
||||||
response
|
.headers()
|
||||||
.headers()
|
.get_one("Access-Control-Allow-Origin")
|
||||||
.get_one("Access-Control-Allow-Origin")
|
.is_none());
|
||||||
.is_none()
|
|
||||||
);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
|
@ -245,12 +247,10 @@ fn cors_options_bad_request_header() {
|
||||||
|
|
||||||
let response = req.dispatch();
|
let response = req.dispatch();
|
||||||
assert_eq!(response.status(), Status::Forbidden);
|
assert_eq!(response.status(), Status::Forbidden);
|
||||||
assert!(
|
assert!(response
|
||||||
response
|
.headers()
|
||||||
.headers()
|
.get_one("Access-Control-Allow-Origin")
|
||||||
.get_one("Access-Control-Allow-Origin")
|
.is_none());
|
||||||
.is_none()
|
|
||||||
);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
|
@ -264,12 +264,10 @@ fn cors_get_bad_origin() {
|
||||||
|
|
||||||
let response = req.dispatch();
|
let response = req.dispatch();
|
||||||
assert_eq!(response.status(), Status::Forbidden);
|
assert_eq!(response.status(), Status::Forbidden);
|
||||||
assert!(
|
assert!(response
|
||||||
response
|
.headers()
|
||||||
.headers()
|
.get_one("Access-Control-Allow-Origin")
|
||||||
.get_one("Access-Control-Allow-Origin")
|
.is_none());
|
||||||
.is_none()
|
|
||||||
);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/// This test ensures that on a failing CORS request, the route (along with its side effects)
|
/// This test ensures that on a failing CORS request, the route (along with its side effects)
|
||||||
|
@ -284,9 +282,10 @@ fn routes_failing_checks_are_not_executed() {
|
||||||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||||
hyper::method::Method::Get,
|
hyper::method::Method::Get,
|
||||||
));
|
));
|
||||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
let request_headers =
|
||||||
FromStr::from_str("Authorization").unwrap(),
|
hyper::header::AccessControlRequestHeaders(vec![
|
||||||
]);
|
FromStr::from_str("Authorization").unwrap()
|
||||||
|
]);
|
||||||
let request_headers = Header::from(request_headers);
|
let request_headers = Header::from(request_headers);
|
||||||
let req = client
|
let req = client
|
||||||
.options("/panic")
|
.options("/panic")
|
||||||
|
@ -296,10 +295,8 @@ fn routes_failing_checks_are_not_executed() {
|
||||||
|
|
||||||
let response = req.dispatch();
|
let response = req.dispatch();
|
||||||
assert_eq!(response.status(), Status::Forbidden);
|
assert_eq!(response.status(), Status::Forbidden);
|
||||||
assert!(
|
assert!(response
|
||||||
response
|
.headers()
|
||||||
.headers()
|
.get_one("Access-Control-Allow-Origin")
|
||||||
.get_one("Access-Control-Allow-Origin")
|
.is_none());
|
||||||
.is_none()
|
|
||||||
);
|
|
||||||
}
|
}
|
||||||
|
|
127
tests/guard.rs
127
tests/guard.rs
|
@ -1,7 +1,8 @@
|
||||||
//! This crate tests using `rocket_cors` using the per-route handling with request guard
|
//! This crate tests using `rocket_cors` using the per-route handling with request guard
|
||||||
#![feature(proc_macro_hygiene, decl_macro)]
|
#![feature(proc_macro_hygiene, decl_macro)]
|
||||||
extern crate hyper;
|
extern crate hyper;
|
||||||
#[macro_use] extern crate rocket;
|
#[macro_use]
|
||||||
|
extern crate rocket;
|
||||||
extern crate rocket_cors as cors;
|
extern crate rocket_cors as cors;
|
||||||
|
|
||||||
use std::str::FromStr;
|
use std::str::FromStr;
|
||||||
|
@ -74,7 +75,10 @@ fn make_cors_options() -> cors::Cors {
|
||||||
fn make_rocket() -> rocket::Rocket {
|
fn make_rocket() -> rocket::Rocket {
|
||||||
rocket::ignite()
|
rocket::ignite()
|
||||||
.mount("/", routes![cors, panicking_route])
|
.mount("/", routes![cors, panicking_route])
|
||||||
.mount("/", routes![response, responder_string, responder_unit, state])
|
.mount(
|
||||||
|
"/",
|
||||||
|
routes![response, responder_string, responder_unit, state],
|
||||||
|
)
|
||||||
.mount("/", cors::catch_all_options_routes()) // mount the catch all routes
|
.mount("/", cors::catch_all_options_routes()) // mount the catch all routes
|
||||||
.mount("/", routes![cors_manual, cors_manual_options]) // manual OPTIOONS routes
|
.mount("/", routes![cors_manual, cors_manual_options]) // manual OPTIOONS routes
|
||||||
.manage(make_cors_options())
|
.manage(make_cors_options())
|
||||||
|
@ -92,9 +96,10 @@ fn smoke_test() {
|
||||||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||||
hyper::method::Method::Get,
|
hyper::method::Method::Get,
|
||||||
));
|
));
|
||||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
let request_headers =
|
||||||
FromStr::from_str("Authorization").unwrap(),
|
hyper::header::AccessControlRequestHeaders(vec![
|
||||||
]);
|
FromStr::from_str("Authorization").unwrap()
|
||||||
|
]);
|
||||||
let request_headers = Header::from(request_headers);
|
let request_headers = Header::from(request_headers);
|
||||||
let req = client
|
let req = client
|
||||||
.options("/")
|
.options("/")
|
||||||
|
@ -134,9 +139,10 @@ fn cors_options_catch_all_check() {
|
||||||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||||
hyper::method::Method::Get,
|
hyper::method::Method::Get,
|
||||||
));
|
));
|
||||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
let request_headers =
|
||||||
FromStr::from_str("Authorization").unwrap(),
|
hyper::header::AccessControlRequestHeaders(vec![
|
||||||
]);
|
FromStr::from_str("Authorization").unwrap()
|
||||||
|
]);
|
||||||
let request_headers = Header::from(request_headers);
|
let request_headers = Header::from(request_headers);
|
||||||
let req = client
|
let req = client
|
||||||
.options("/")
|
.options("/")
|
||||||
|
@ -165,9 +171,10 @@ fn cors_options_catch_all_check_other_routes() {
|
||||||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||||
hyper::method::Method::Get,
|
hyper::method::Method::Get,
|
||||||
));
|
));
|
||||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
let request_headers =
|
||||||
FromStr::from_str("Authorization").unwrap(),
|
hyper::header::AccessControlRequestHeaders(vec![
|
||||||
]);
|
FromStr::from_str("Authorization").unwrap()
|
||||||
|
]);
|
||||||
let request_headers = Header::from(request_headers);
|
let request_headers = Header::from(request_headers);
|
||||||
let req = client
|
let req = client
|
||||||
.options("/response/unit")
|
.options("/response/unit")
|
||||||
|
@ -220,12 +227,10 @@ fn cors_get_no_origin() {
|
||||||
assert!(response.status().class().is_success());
|
assert!(response.status().class().is_success());
|
||||||
let body_str = response.body().and_then(|body| body.into_string());
|
let body_str = response.body().and_then(|body| body.into_string());
|
||||||
assert_eq!(body_str, Some("Hello CORS".to_string()));
|
assert_eq!(body_str, Some("Hello CORS".to_string()));
|
||||||
assert!(
|
assert!(response
|
||||||
response
|
.headers()
|
||||||
.headers()
|
.get_one("Access-Control-Allow-Origin")
|
||||||
.get_one("Access-Control-Allow-Origin")
|
.is_none());
|
||||||
.is_none()
|
|
||||||
);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
|
@ -238,9 +243,10 @@ fn cors_options_bad_origin() {
|
||||||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||||
hyper::method::Method::Get,
|
hyper::method::Method::Get,
|
||||||
));
|
));
|
||||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
let request_headers =
|
||||||
FromStr::from_str("Authorization").unwrap(),
|
hyper::header::AccessControlRequestHeaders(vec![
|
||||||
]);
|
FromStr::from_str("Authorization").unwrap()
|
||||||
|
]);
|
||||||
let request_headers = Header::from(request_headers);
|
let request_headers = Header::from(request_headers);
|
||||||
let req = client
|
let req = client
|
||||||
.options("/")
|
.options("/")
|
||||||
|
@ -250,12 +256,10 @@ fn cors_options_bad_origin() {
|
||||||
|
|
||||||
let response = req.dispatch();
|
let response = req.dispatch();
|
||||||
assert_eq!(response.status(), Status::Forbidden);
|
assert_eq!(response.status(), Status::Forbidden);
|
||||||
assert!(
|
assert!(response
|
||||||
response
|
.headers()
|
||||||
.headers()
|
.get_one("Access-Control-Allow-Origin")
|
||||||
.get_one("Access-Control-Allow-Origin")
|
.is_none());
|
||||||
.is_none()
|
|
||||||
);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
|
@ -266,9 +270,10 @@ fn cors_options_missing_origin() {
|
||||||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||||
hyper::method::Method::Get,
|
hyper::method::Method::Get,
|
||||||
));
|
));
|
||||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
let request_headers =
|
||||||
FromStr::from_str("Authorization").unwrap(),
|
hyper::header::AccessControlRequestHeaders(vec![
|
||||||
]);
|
FromStr::from_str("Authorization").unwrap()
|
||||||
|
]);
|
||||||
let request_headers = Header::from(request_headers);
|
let request_headers = Header::from(request_headers);
|
||||||
let req = client
|
let req = client
|
||||||
.options("/")
|
.options("/")
|
||||||
|
@ -277,12 +282,10 @@ fn cors_options_missing_origin() {
|
||||||
|
|
||||||
let response = req.dispatch();
|
let response = req.dispatch();
|
||||||
assert!(response.status().class().is_success());
|
assert!(response.status().class().is_success());
|
||||||
assert!(
|
assert!(response
|
||||||
response
|
.headers()
|
||||||
.headers()
|
.get_one("Access-Control-Allow-Origin")
|
||||||
.get_one("Access-Control-Allow-Origin")
|
.is_none());
|
||||||
.is_none()
|
|
||||||
);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
|
@ -295,9 +298,10 @@ fn cors_options_bad_request_method() {
|
||||||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||||
hyper::method::Method::Post,
|
hyper::method::Method::Post,
|
||||||
));
|
));
|
||||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
let request_headers =
|
||||||
FromStr::from_str("Authorization").unwrap(),
|
hyper::header::AccessControlRequestHeaders(vec![
|
||||||
]);
|
FromStr::from_str("Authorization").unwrap()
|
||||||
|
]);
|
||||||
let request_headers = Header::from(request_headers);
|
let request_headers = Header::from(request_headers);
|
||||||
let req = client
|
let req = client
|
||||||
.options("/")
|
.options("/")
|
||||||
|
@ -307,12 +311,10 @@ fn cors_options_bad_request_method() {
|
||||||
|
|
||||||
let response = req.dispatch();
|
let response = req.dispatch();
|
||||||
assert_eq!(response.status(), Status::Forbidden);
|
assert_eq!(response.status(), Status::Forbidden);
|
||||||
assert!(
|
assert!(response
|
||||||
response
|
.headers()
|
||||||
.headers()
|
.get_one("Access-Control-Allow-Origin")
|
||||||
.get_one("Access-Control-Allow-Origin")
|
.is_none());
|
||||||
.is_none()
|
|
||||||
);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
|
@ -336,12 +338,10 @@ fn cors_options_bad_request_header() {
|
||||||
|
|
||||||
let response = req.dispatch();
|
let response = req.dispatch();
|
||||||
assert_eq!(response.status(), Status::Forbidden);
|
assert_eq!(response.status(), Status::Forbidden);
|
||||||
assert!(
|
assert!(response
|
||||||
response
|
.headers()
|
||||||
.headers()
|
.get_one("Access-Control-Allow-Origin")
|
||||||
.get_one("Access-Control-Allow-Origin")
|
.is_none());
|
||||||
.is_none()
|
|
||||||
);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
|
@ -356,12 +356,10 @@ fn cors_get_bad_origin() {
|
||||||
|
|
||||||
let response = req.dispatch();
|
let response = req.dispatch();
|
||||||
assert_eq!(response.status(), Status::Forbidden);
|
assert_eq!(response.status(), Status::Forbidden);
|
||||||
assert!(
|
assert!(response
|
||||||
response
|
.headers()
|
||||||
.headers()
|
.get_one("Access-Control-Allow-Origin")
|
||||||
.get_one("Access-Control-Allow-Origin")
|
.is_none());
|
||||||
.is_none()
|
|
||||||
);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/// This test ensures that on a failing CORS request, the route (along with its side effects)
|
/// This test ensures that on a failing CORS request, the route (along with its side effects)
|
||||||
|
@ -379,12 +377,10 @@ fn routes_failing_checks_are_not_executed() {
|
||||||
|
|
||||||
let response = req.dispatch();
|
let response = req.dispatch();
|
||||||
assert_eq!(response.status(), Status::Forbidden);
|
assert_eq!(response.status(), Status::Forbidden);
|
||||||
assert!(
|
assert!(response
|
||||||
response
|
.headers()
|
||||||
.headers()
|
.get_one("Access-Control-Allow-Origin")
|
||||||
.get_one("Access-Control-Allow-Origin")
|
.is_none());
|
||||||
.is_none()
|
|
||||||
);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/// This test ensures that manually mounted CORS OPTIONS routes are used even in the presence of
|
/// This test ensures that manually mounted CORS OPTIONS routes are used even in the presence of
|
||||||
|
@ -399,9 +395,10 @@ fn overridden_options_routes_are_used() {
|
||||||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||||
hyper::method::Method::Get,
|
hyper::method::Method::Get,
|
||||||
));
|
));
|
||||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
let request_headers =
|
||||||
FromStr::from_str("Authorization").unwrap(),
|
hyper::header::AccessControlRequestHeaders(vec![
|
||||||
]);
|
FromStr::from_str("Authorization").unwrap()
|
||||||
|
]);
|
||||||
let request_headers = Header::from(request_headers);
|
let request_headers = Header::from(request_headers);
|
||||||
let req = client
|
let req = client
|
||||||
.options("/manual")
|
.options("/manual")
|
||||||
|
|
|
@ -1,7 +1,8 @@
|
||||||
//! This crate tests that all the request headers are parsed correctly in the round trip
|
//! This crate tests that all the request headers are parsed correctly in the round trip
|
||||||
#![feature(proc_macro_hygiene, decl_macro)]
|
#![feature(proc_macro_hygiene, decl_macro)]
|
||||||
extern crate hyper;
|
extern crate hyper;
|
||||||
#[macro_use] extern crate rocket;
|
#[macro_use]
|
||||||
|
extern crate rocket;
|
||||||
extern crate rocket_cors;
|
extern crate rocket_cors;
|
||||||
|
|
||||||
use std::ops::Deref;
|
use std::ops::Deref;
|
||||||
|
|
102
tests/manual.rs
102
tests/manual.rs
|
@ -1,7 +1,8 @@
|
||||||
//! This crate tests using `rocket_cors` using manual mode
|
//! This crate tests using `rocket_cors` using manual mode
|
||||||
#![feature(proc_macro_hygiene, decl_macro)]
|
#![feature(proc_macro_hygiene, decl_macro)]
|
||||||
extern crate hyper;
|
extern crate hyper;
|
||||||
#[macro_use] extern crate rocket;
|
#[macro_use]
|
||||||
|
extern crate rocket;
|
||||||
extern crate rocket_cors;
|
extern crate rocket_cors;
|
||||||
|
|
||||||
use std::str::FromStr;
|
use std::str::FromStr;
|
||||||
|
@ -109,9 +110,10 @@ fn smoke_test() {
|
||||||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||||
hyper::method::Method::Get,
|
hyper::method::Method::Get,
|
||||||
));
|
));
|
||||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
let request_headers =
|
||||||
FromStr::from_str("Authorization").unwrap(),
|
hyper::header::AccessControlRequestHeaders(vec![
|
||||||
]);
|
FromStr::from_str("Authorization").unwrap()
|
||||||
|
]);
|
||||||
let request_headers = Header::from(request_headers);
|
let request_headers = Header::from(request_headers);
|
||||||
let req = client
|
let req = client
|
||||||
.options("/")
|
.options("/")
|
||||||
|
@ -149,9 +151,10 @@ fn cors_options_borrowed_check() {
|
||||||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||||
hyper::method::Method::Get,
|
hyper::method::Method::Get,
|
||||||
));
|
));
|
||||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
let request_headers =
|
||||||
FromStr::from_str("Authorization").unwrap(),
|
hyper::header::AccessControlRequestHeaders(vec![
|
||||||
]);
|
FromStr::from_str("Authorization").unwrap()
|
||||||
|
]);
|
||||||
let request_headers = Header::from(request_headers);
|
let request_headers = Header::from(request_headers);
|
||||||
let req = client
|
let req = client
|
||||||
.options("/")
|
.options("/")
|
||||||
|
@ -213,9 +216,10 @@ fn cors_options_bad_origin() {
|
||||||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||||
hyper::method::Method::Get,
|
hyper::method::Method::Get,
|
||||||
));
|
));
|
||||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
let request_headers =
|
||||||
FromStr::from_str("Authorization").unwrap(),
|
hyper::header::AccessControlRequestHeaders(vec![
|
||||||
]);
|
FromStr::from_str("Authorization").unwrap()
|
||||||
|
]);
|
||||||
let request_headers = Header::from(request_headers);
|
let request_headers = Header::from(request_headers);
|
||||||
let req = client
|
let req = client
|
||||||
.options("/")
|
.options("/")
|
||||||
|
@ -234,9 +238,10 @@ fn cors_options_missing_origin() {
|
||||||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||||
hyper::method::Method::Get,
|
hyper::method::Method::Get,
|
||||||
));
|
));
|
||||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
let request_headers =
|
||||||
FromStr::from_str("Authorization").unwrap(),
|
hyper::header::AccessControlRequestHeaders(vec![
|
||||||
]);
|
FromStr::from_str("Authorization").unwrap()
|
||||||
|
]);
|
||||||
let request_headers = Header::from(request_headers);
|
let request_headers = Header::from(request_headers);
|
||||||
let req = client
|
let req = client
|
||||||
.options("/")
|
.options("/")
|
||||||
|
@ -245,12 +250,10 @@ fn cors_options_missing_origin() {
|
||||||
|
|
||||||
let response = req.dispatch();
|
let response = req.dispatch();
|
||||||
assert!(response.status().class().is_success());
|
assert!(response.status().class().is_success());
|
||||||
assert!(
|
assert!(response
|
||||||
response
|
.headers()
|
||||||
.headers()
|
.get_one("Access-Control-Allow-Origin")
|
||||||
.get_one("Access-Control-Allow-Origin")
|
.is_none());
|
||||||
.is_none()
|
|
||||||
);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
|
@ -262,9 +265,10 @@ fn cors_options_bad_request_method() {
|
||||||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||||
hyper::method::Method::Post,
|
hyper::method::Method::Post,
|
||||||
));
|
));
|
||||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
let request_headers =
|
||||||
FromStr::from_str("Authorization").unwrap(),
|
hyper::header::AccessControlRequestHeaders(vec![
|
||||||
]);
|
FromStr::from_str("Authorization").unwrap()
|
||||||
|
]);
|
||||||
let request_headers = Header::from(request_headers);
|
let request_headers = Header::from(request_headers);
|
||||||
let req = client
|
let req = client
|
||||||
.options("/")
|
.options("/")
|
||||||
|
@ -274,12 +278,10 @@ fn cors_options_bad_request_method() {
|
||||||
|
|
||||||
let response = req.dispatch();
|
let response = req.dispatch();
|
||||||
assert_eq!(response.status(), Status::Forbidden);
|
assert_eq!(response.status(), Status::Forbidden);
|
||||||
assert!(
|
assert!(response
|
||||||
response
|
.headers()
|
||||||
.headers()
|
.get_one("Access-Control-Allow-Origin")
|
||||||
.get_one("Access-Control-Allow-Origin")
|
.is_none());
|
||||||
.is_none()
|
|
||||||
);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
|
@ -302,12 +304,10 @@ fn cors_options_bad_request_header() {
|
||||||
|
|
||||||
let response = req.dispatch();
|
let response = req.dispatch();
|
||||||
assert_eq!(response.status(), Status::Forbidden);
|
assert_eq!(response.status(), Status::Forbidden);
|
||||||
assert!(
|
assert!(response
|
||||||
response
|
.headers()
|
||||||
.headers()
|
.get_one("Access-Control-Allow-Origin")
|
||||||
.get_one("Access-Control-Allow-Origin")
|
.is_none());
|
||||||
.is_none()
|
|
||||||
);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
|
@ -321,12 +321,10 @@ fn cors_get_bad_origin() {
|
||||||
|
|
||||||
let response = req.dispatch();
|
let response = req.dispatch();
|
||||||
assert_eq!(response.status(), Status::Forbidden);
|
assert_eq!(response.status(), Status::Forbidden);
|
||||||
assert!(
|
assert!(response
|
||||||
response
|
.headers()
|
||||||
.headers()
|
.get_one("Access-Control-Allow-Origin")
|
||||||
.get_one("Access-Control-Allow-Origin")
|
.is_none());
|
||||||
.is_none()
|
|
||||||
);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/// This test ensures that on a failing CORS request, the route (along with its side effects)
|
/// This test ensures that on a failing CORS request, the route (along with its side effects)
|
||||||
|
@ -341,9 +339,10 @@ fn routes_failing_checks_are_not_executed() {
|
||||||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||||
hyper::method::Method::Get,
|
hyper::method::Method::Get,
|
||||||
));
|
));
|
||||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
let request_headers =
|
||||||
FromStr::from_str("Authorization").unwrap(),
|
hyper::header::AccessControlRequestHeaders(vec![
|
||||||
]);
|
FromStr::from_str("Authorization").unwrap()
|
||||||
|
]);
|
||||||
let request_headers = Header::from(request_headers);
|
let request_headers = Header::from(request_headers);
|
||||||
let req = client
|
let req = client
|
||||||
.options("/panic")
|
.options("/panic")
|
||||||
|
@ -353,12 +352,10 @@ fn routes_failing_checks_are_not_executed() {
|
||||||
|
|
||||||
let response = req.dispatch();
|
let response = req.dispatch();
|
||||||
assert_eq!(response.status(), Status::Forbidden);
|
assert_eq!(response.status(), Status::Forbidden);
|
||||||
assert!(
|
assert!(response
|
||||||
response
|
.headers()
|
||||||
.headers()
|
.get_one("Access-Control-Allow-Origin")
|
||||||
.get_one("Access-Control-Allow-Origin")
|
.is_none());
|
||||||
.is_none()
|
|
||||||
);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Manual OPTIONS routes are called
|
/// Manual OPTIONS routes are called
|
||||||
|
@ -372,9 +369,10 @@ fn cors_options_owned_check() {
|
||||||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||||
hyper::method::Method::Get,
|
hyper::method::Method::Get,
|
||||||
));
|
));
|
||||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
let request_headers =
|
||||||
FromStr::from_str("Authorization").unwrap(),
|
hyper::header::AccessControlRequestHeaders(vec![
|
||||||
]);
|
FromStr::from_str("Authorization").unwrap()
|
||||||
|
]);
|
||||||
let request_headers = Header::from(request_headers);
|
let request_headers = Header::from(request_headers);
|
||||||
let req = client
|
let req = client
|
||||||
.options("/owned")
|
.options("/owned")
|
||||||
|
|
87
tests/mix.rs
87
tests/mix.rs
|
@ -4,7 +4,8 @@
|
||||||
//! `ping` route that you want to allow all Origins to access.
|
//! `ping` route that you want to allow all Origins to access.
|
||||||
#![feature(proc_macro_hygiene, decl_macro)]
|
#![feature(proc_macro_hygiene, decl_macro)]
|
||||||
extern crate hyper;
|
extern crate hyper;
|
||||||
#[macro_use] extern crate rocket;
|
#[macro_use]
|
||||||
|
extern crate rocket;
|
||||||
extern crate rocket_cors;
|
extern crate rocket_cors;
|
||||||
|
|
||||||
use std::str::FromStr;
|
use std::str::FromStr;
|
||||||
|
@ -63,14 +64,7 @@ fn cors_options_all() -> Cors {
|
||||||
|
|
||||||
fn rocket() -> rocket::Rocket {
|
fn rocket() -> rocket::Rocket {
|
||||||
rocket::ignite()
|
rocket::ignite()
|
||||||
.mount(
|
.mount("/", routes![app, ping, ping_options,])
|
||||||
"/",
|
|
||||||
routes![
|
|
||||||
app,
|
|
||||||
ping,
|
|
||||||
ping_options,
|
|
||||||
],
|
|
||||||
)
|
|
||||||
.mount("/", rocket_cors::catch_all_options_routes()) // mount the catch all routes
|
.mount("/", rocket_cors::catch_all_options_routes()) // mount the catch all routes
|
||||||
.manage(cors_options())
|
.manage(cors_options())
|
||||||
}
|
}
|
||||||
|
@ -85,9 +79,10 @@ fn smoke_test() {
|
||||||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||||
hyper::method::Method::Get,
|
hyper::method::Method::Get,
|
||||||
));
|
));
|
||||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
let request_headers =
|
||||||
FromStr::from_str("Authorization").unwrap(),
|
hyper::header::AccessControlRequestHeaders(vec![
|
||||||
]);
|
FromStr::from_str("Authorization").unwrap()
|
||||||
|
]);
|
||||||
let request_headers = Header::from(request_headers);
|
let request_headers = Header::from(request_headers);
|
||||||
let req = client
|
let req = client
|
||||||
.options("/")
|
.options("/")
|
||||||
|
@ -125,9 +120,10 @@ fn cors_options_check() {
|
||||||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||||
hyper::method::Method::Get,
|
hyper::method::Method::Get,
|
||||||
));
|
));
|
||||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
let request_headers =
|
||||||
FromStr::from_str("Authorization").unwrap(),
|
hyper::header::AccessControlRequestHeaders(vec![
|
||||||
]);
|
FromStr::from_str("Authorization").unwrap()
|
||||||
|
]);
|
||||||
let request_headers = Header::from(request_headers);
|
let request_headers = Header::from(request_headers);
|
||||||
let req = client
|
let req = client
|
||||||
.options("/")
|
.options("/")
|
||||||
|
@ -189,9 +185,10 @@ fn cors_options_bad_origin() {
|
||||||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||||
hyper::method::Method::Get,
|
hyper::method::Method::Get,
|
||||||
));
|
));
|
||||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
let request_headers =
|
||||||
FromStr::from_str("Authorization").unwrap(),
|
hyper::header::AccessControlRequestHeaders(vec![
|
||||||
]);
|
FromStr::from_str("Authorization").unwrap()
|
||||||
|
]);
|
||||||
let request_headers = Header::from(request_headers);
|
let request_headers = Header::from(request_headers);
|
||||||
let req = client
|
let req = client
|
||||||
.options("/")
|
.options("/")
|
||||||
|
@ -210,9 +207,10 @@ fn cors_options_missing_origin() {
|
||||||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||||
hyper::method::Method::Get,
|
hyper::method::Method::Get,
|
||||||
));
|
));
|
||||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
let request_headers =
|
||||||
FromStr::from_str("Authorization").unwrap(),
|
hyper::header::AccessControlRequestHeaders(vec![
|
||||||
]);
|
FromStr::from_str("Authorization").unwrap()
|
||||||
|
]);
|
||||||
let request_headers = Header::from(request_headers);
|
let request_headers = Header::from(request_headers);
|
||||||
let req = client
|
let req = client
|
||||||
.options("/")
|
.options("/")
|
||||||
|
@ -221,12 +219,10 @@ fn cors_options_missing_origin() {
|
||||||
|
|
||||||
let response = req.dispatch();
|
let response = req.dispatch();
|
||||||
assert!(response.status().class().is_success());
|
assert!(response.status().class().is_success());
|
||||||
assert!(
|
assert!(response
|
||||||
response
|
.headers()
|
||||||
.headers()
|
.get_one("Access-Control-Allow-Origin")
|
||||||
.get_one("Access-Control-Allow-Origin")
|
.is_none());
|
||||||
.is_none()
|
|
||||||
);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
|
@ -238,9 +234,10 @@ fn cors_options_bad_request_method() {
|
||||||
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
|
||||||
hyper::method::Method::Post,
|
hyper::method::Method::Post,
|
||||||
));
|
));
|
||||||
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
|
let request_headers =
|
||||||
FromStr::from_str("Authorization").unwrap(),
|
hyper::header::AccessControlRequestHeaders(vec![
|
||||||
]);
|
FromStr::from_str("Authorization").unwrap()
|
||||||
|
]);
|
||||||
let request_headers = Header::from(request_headers);
|
let request_headers = Header::from(request_headers);
|
||||||
let req = client
|
let req = client
|
||||||
.options("/")
|
.options("/")
|
||||||
|
@ -250,12 +247,10 @@ fn cors_options_bad_request_method() {
|
||||||
|
|
||||||
let response = req.dispatch();
|
let response = req.dispatch();
|
||||||
assert_eq!(response.status(), Status::Forbidden);
|
assert_eq!(response.status(), Status::Forbidden);
|
||||||
assert!(
|
assert!(response
|
||||||
response
|
.headers()
|
||||||
.headers()
|
.get_one("Access-Control-Allow-Origin")
|
||||||
.get_one("Access-Control-Allow-Origin")
|
.is_none());
|
||||||
.is_none()
|
|
||||||
);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
|
@ -278,12 +273,10 @@ fn cors_options_bad_request_header() {
|
||||||
|
|
||||||
let response = req.dispatch();
|
let response = req.dispatch();
|
||||||
assert_eq!(response.status(), Status::Forbidden);
|
assert_eq!(response.status(), Status::Forbidden);
|
||||||
assert!(
|
assert!(response
|
||||||
response
|
.headers()
|
||||||
.headers()
|
.get_one("Access-Control-Allow-Origin")
|
||||||
.get_one("Access-Control-Allow-Origin")
|
.is_none());
|
||||||
.is_none()
|
|
||||||
);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
|
@ -297,12 +290,10 @@ fn cors_get_bad_origin() {
|
||||||
|
|
||||||
let response = req.dispatch();
|
let response = req.dispatch();
|
||||||
assert_eq!(response.status(), Status::Forbidden);
|
assert_eq!(response.status(), Status::Forbidden);
|
||||||
assert!(
|
assert!(response
|
||||||
response
|
.headers()
|
||||||
.headers()
|
.get_one("Access-Control-Allow-Origin")
|
||||||
.get_one("Access-Control-Allow-Origin")
|
.is_none());
|
||||||
.is_none()
|
|
||||||
);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Tests that the `ping` route accepts other Origins
|
/// Tests that the `ping` route accepts other Origins
|
||||||
|
|
Loading…
Reference in New Issue