projectmoon
/
rocket_cors
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Make Clippy happy again

This commit is contained in:
Henning Holm 2020-08-14 09:59:03 +02:00
parent 2046f3c7c0
commit 92bc525016
12 changed files with 185 additions and 273 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
examples/fairing.rs
View File

@ -1,7 +1,4 @@
#![feature(proc_macro_hygiene, decl_macro)]
use rocket;
use rocket_cors;
use std::error::Error;
use rocket::http::Method;

3
examples/guard.rs
View File

@ -1,7 +1,4 @@
#![feature(proc_macro_hygiene, decl_macro)]
use rocket;
use rocket_cors;
use std::error::Error;
use std::io::Cursor;

1
examples/json.rs
View File

@ -4,7 +4,6 @@
#![feature(proc_macro_hygiene, decl_macro)]
use rocket_cors as cors;
use serde_json;
use crate::cors::{AllowedHeaders, AllowedOrigins, CorsOptions};
use rocket::http::Method;

3
examples/manual.rs
View File

@ -1,7 +1,4 @@
#![feature(proc_macro_hygiene, decl_macro)]
use rocket;
use rocket_cors;
use std::io::Cursor;
use rocket::error::Error;

3
examples/mix.rs
View File

@ -4,9 +4,6 @@
//! `ping` route that you want to allow all Origins to access.
#![feature(proc_macro_hygiene, decl_macro)]
use rocket;
use rocket_cors;
use rocket::error::Error;
use rocket::http::Method;
use rocket::response::Responder;

16
src/headers.rs
View File

@ -12,9 +12,6 @@ use rocket::{self, outcome::Outcome};
use serde_derive::{Deserialize, Serialize};
use unicase::UniCase;
#[cfg(feature = "serialization")]
use unicase_serde;
/// A case insensitive header name
#[derive(Eq, PartialEq, Clone, Debug, Hash)]
#[cfg_attr(feature = "serialization", derive(Serialize, Deserialize))]
@ -255,11 +252,16 @@ impl<'a, 'r> FromRequest<'a, 'r> for AccessControlRequestHeaders {
mod tests {
use std::str::FromStr;
use rocket;
use rocket::http::hyper;
use rocket::http::Header;
use rocket::local::blocking::Client;
static ORIGIN: hyper::HeaderName = hyper::header::ORIGIN;
static ACCESS_CONTROL_REQUEST_METHOD: hyper::HeaderName =
hyper::header::ACCESS_CONTROL_REQUEST_METHOD;
static ACCESS_CONTROL_REQUEST_HEADERS: hyper::HeaderName =
hyper::header::ACCESS_CONTROL_REQUEST_HEADERS;
use super::*;
/// Make a client with no routes for unit testing
@ -328,7 +330,7 @@ mod tests {
let client = make_client();
let mut request = client.get("/");
let origin = Header::new(hyper::header::ORIGIN.as_str(), "https://www.example.com");
let origin = Header::new(ORIGIN.as_str(), "https://www.example.com");
request.add_header(origin);
let outcome = Origin::from_request_sync(request.inner());
@ -364,7 +366,7 @@ mod tests {
let client = make_client();
let mut request = client.get("/");
let method = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_METHOD.as_str(),
ACCESS_CONTROL_REQUEST_METHOD.as_str(),
hyper::Method::GET.as_str(),
);
request.add_header(method);
@ -390,7 +392,7 @@ mod tests {
let client = make_client();
let mut request = client.get("/");
let headers = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_HEADERS.as_str(),
ACCESS_CONTROL_REQUEST_HEADERS.as_str(),
"accept-language, date",
);
request.add_header(headers);

98
src/lib.rs
View File

@ -261,7 +261,7 @@ See the [example](https://github.com/lawliet89/rocket_cors/blob/master/examples/
missing_debug_implementations,
unknown_lints,
unsafe_code,
intra_doc_link_resolution_failure
broken_intra_doc_links
)]
#![doc(test(attr(allow(unused_variables), deny(warnings))))]
@ -2037,12 +2037,16 @@ mod tests {
use rocket::http::hyper;
use rocket::http::Header;
use rocket::local::blocking::Client;
#[cfg(feature = "serialization")]
use serde_json;
use super::*;
use crate::http::Method;
static ORIGIN: hyper::HeaderName = hyper::header::ORIGIN;
static ACCESS_CONTROL_REQUEST_METHOD: hyper::HeaderName =
hyper::header::ACCESS_CONTROL_REQUEST_METHOD;
static ACCESS_CONTROL_REQUEST_HEADERS: hyper::HeaderName =
hyper::header::ACCESS_CONTROL_REQUEST_HEADERS;
fn to_parsed_origin<S: AsRef<str>>(origin: S) -> Result<Origin, Error> {
Origin::from_str(origin.as_ref())
}
@ -2600,15 +2604,12 @@ mod tests {
let cors = make_cors_options().to_cors().expect("To not fail");
let client = make_client();
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.acme.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.acme.com");
let method_header = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_METHOD.as_str(),
ACCESS_CONTROL_REQUEST_METHOD.as_str(),
hyper::Method::GET.as_str(),
);
let request_headers = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_HEADERS.as_str(),
"Authorization",
);
let request_headers = Header::new(ACCESS_CONTROL_REQUEST_HEADERS.as_str(), "Authorization");
let request = client
.options("/")
@ -2634,15 +2635,12 @@ mod tests {
let cors = options.to_cors().expect("To not fail");
let client = make_client();
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.example.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.example.com");
let method_header = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_METHOD.as_str(),
ACCESS_CONTROL_REQUEST_METHOD.as_str(),
hyper::Method::GET.as_str(),
);
let request_headers = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_HEADERS.as_str(),
"Authorization",
);
let request_headers = Header::new(ACCESS_CONTROL_REQUEST_HEADERS.as_str(), "Authorization");
let request = client
.options("/")
@ -2665,15 +2663,12 @@ mod tests {
let cors = make_cors_options().to_cors().expect("To not fail");
let client = make_client();
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.example.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.example.com");
let method_header = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_METHOD.as_str(),
ACCESS_CONTROL_REQUEST_METHOD.as_str(),
hyper::Method::GET.as_str(),
);
let request_headers = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_HEADERS.as_str(),
"Authorization",
);
let request_headers = Header::new(ACCESS_CONTROL_REQUEST_HEADERS.as_str(), "Authorization");
let request = client
.options("/")
@ -2690,11 +2685,8 @@ mod tests {
let cors = make_cors_options().to_cors().expect("To not fail");
let client = make_client();
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.acme.com");
let request_headers = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_HEADERS.as_str(),
"Authorization",
);
let origin_header = Header::new(ORIGIN.as_str(), "https://www.acme.com");
let request_headers = Header::new(ACCESS_CONTROL_REQUEST_HEADERS.as_str(), "Authorization");
let request = client
.options("/")
@ -2710,15 +2702,12 @@ mod tests {
let cors = make_cors_options().to_cors().expect("To not fail");
let client = make_client();
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.acme.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.acme.com");
let method_header = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_METHOD.as_str(),
ACCESS_CONTROL_REQUEST_METHOD.as_str(),
hyper::Method::POST.as_str(),
);
let request_headers = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_HEADERS.as_str(),
"Authorization",
);
let request_headers = Header::new(ACCESS_CONTROL_REQUEST_HEADERS.as_str(), "Authorization");
let request = client
.options("/")
@ -2735,13 +2724,13 @@ mod tests {
let cors = make_cors_options().to_cors().expect("To not fail");
let client = make_client();
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.acme.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.acme.com");
let method_header = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_METHOD.as_str(),
ACCESS_CONTROL_REQUEST_METHOD.as_str(),
hyper::Method::GET.as_str(),
);
let request_headers = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_HEADERS.as_str(),
ACCESS_CONTROL_REQUEST_HEADERS.as_str(),
"Authorization, X-NOT-ALLOWED",
);
@ -2759,7 +2748,7 @@ mod tests {
let cors = make_cors_options().to_cors().expect("To not fail");
let client = make_client();
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.acme.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.acme.com");
let request = client.get("/").header(origin_header);
let result = validate(&cors, request.inner()).expect("to not fail");
@ -2777,7 +2766,7 @@ mod tests {
let cors = options.to_cors().expect("To not fail");
let client = make_client();
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.example.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.example.com");
let request = client.get("/").header(origin_header);
let result = validate(&cors, request.inner()).expect("to not fail");
@ -2794,7 +2783,7 @@ mod tests {
let cors = make_cors_options().to_cors().expect("To not fail");
let client = make_client();
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.example.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.example.com");
let request = client.get("/").header(origin_header);
let _ = validate(&cors, request.inner()).unwrap();
@ -2817,15 +2806,12 @@ mod tests {
let cors = options.to_cors().expect("To not fail");
let client = make_client();
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.acme.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.acme.com");
let method_header = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_METHOD.as_str(),
ACCESS_CONTROL_REQUEST_METHOD.as_str(),
hyper::Method::GET.as_str(),
);
let request_headers = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_HEADERS.as_str(),
"Authorization",
);
let request_headers = Header::new(ACCESS_CONTROL_REQUEST_HEADERS.as_str(), "Authorization");
let request = client
.options("/")
@ -2856,15 +2842,12 @@ mod tests {
let client = make_client();
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.acme.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.acme.com");
let method_header = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_METHOD.as_str(),
ACCESS_CONTROL_REQUEST_METHOD.as_str(),
hyper::Method::GET.as_str(),
);
let request_headers = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_HEADERS.as_str(),
"Authorization",
);
let request_headers = Header::new(ACCESS_CONTROL_REQUEST_HEADERS.as_str(), "Authorization");
let request = client
.options("/")
@ -2895,15 +2878,12 @@ mod tests {
let client = make_client();
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.acme.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.acme.com");
let method_header = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_METHOD.as_str(),
ACCESS_CONTROL_REQUEST_METHOD.as_str(),
hyper::Method::GET.as_str(),
);
let request_headers = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_HEADERS.as_str(),
"Authorization",
);
let request_headers = Header::new(ACCESS_CONTROL_REQUEST_HEADERS.as_str(), "Authorization");
let request = client
.options("/")
@ -2929,7 +2909,7 @@ mod tests {
let cors = options.to_cors().expect("To not fail");
let client = make_client();
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.acme.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.acme.com");
let request = client.get("/").header(origin_header);
let response = validate_and_build(&cors, request.inner()).expect("to not fail");
@ -2951,7 +2931,7 @@ mod tests {
let client = make_client();
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.acme.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.acme.com");
let request = client.get("/").header(origin_header);
let response = validate_and_build(&cors, request.inner()).expect("to not fail");
@ -2973,7 +2953,7 @@ mod tests {
let client = make_client();
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.acme.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.acme.com");
let request = client.get("/").header(origin_header);
let response = validate_and_build(&cors, request.inner()).expect("to not fail");

75
tests/fairing.rs
View File

@ -7,13 +7,19 @@ use rocket::local::blocking::Client;
use rocket::{get, routes};
use rocket_cors::*;
static ORIGIN: hyper::HeaderName = hyper::header::ORIGIN;
static ACCESS_CONTROL_REQUEST_METHOD: hyper::HeaderName =
hyper::header::ACCESS_CONTROL_REQUEST_METHOD;
static ACCESS_CONTROL_REQUEST_HEADERS: hyper::HeaderName =
hyper::header::ACCESS_CONTROL_REQUEST_HEADERS;
#[get("/")]
fn cors<'a>() -> &'a str {
"Hello CORS"
}
#[get("/panic")]
fn panicking_route() {
fn panicking_route<'a>() -> &'a str {
panic!("This route will panic");
}
@ -42,15 +48,12 @@ fn smoke_test() {
let client = Client::new(rocket()).unwrap();
// `Options` pre-flight checks
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.acme.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.acme.com");
let method_header = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_METHOD.as_str(),
ACCESS_CONTROL_REQUEST_METHOD.as_str(),
hyper::Method::GET.as_str(),
);
let request_headers = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_HEADERS.as_str(),
"Authorization",
);
let request_headers = Header::new(ACCESS_CONTROL_REQUEST_HEADERS.as_str(), "Authorization");
let req = client
.options("/")
.header(origin_header)
@ -61,7 +64,7 @@ fn smoke_test() {
assert!(response.status().class().is_success());
// "Actual" request
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.acme.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.acme.com");
let authorization = Header::new("Authorization", "let me in");
let req = client.get("/").header(origin_header).header(authorization);
@ -80,15 +83,12 @@ fn smoke_test() {
fn cors_options_check() {
let client = Client::new(rocket()).unwrap();
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.acme.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.acme.com");
let method_header = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_METHOD.as_str(),
ACCESS_CONTROL_REQUEST_METHOD.as_str(),
hyper::Method::GET.as_str(),
);
let request_headers = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_HEADERS.as_str(),
"Authorization",
);
let request_headers = Header::new(ACCESS_CONTROL_REQUEST_HEADERS.as_str(), "Authorization");
let req = client
.options("/")
.header(origin_header)
@ -109,7 +109,7 @@ fn cors_options_check() {
fn cors_get_check() {
let client = Client::new(rocket()).unwrap();
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.acme.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.acme.com");
let authorization = Header::new("Authorization", "let me in");
let req = client.get("/").header(origin_header).header(authorization);
@ -142,15 +142,12 @@ fn cors_get_no_origin() {
fn cors_options_bad_origin() {
let client = Client::new(rocket()).unwrap();
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.bad-origin.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.bad-origin.com");
let method_header = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_METHOD.as_str(),
ACCESS_CONTROL_REQUEST_METHOD.as_str(),
hyper::Method::GET.as_str(),
);
let request_headers = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_HEADERS.as_str(),
"Authorization",
);
let request_headers = Header::new(ACCESS_CONTROL_REQUEST_HEADERS.as_str(), "Authorization");
let req = client
.options("/")
.header(origin_header)
@ -167,13 +164,10 @@ fn cors_options_missing_origin() {
let client = Client::new(rocket()).unwrap();
let method_header = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_METHOD.as_str(),
ACCESS_CONTROL_REQUEST_METHOD.as_str(),
hyper::Method::GET.as_str(),
);
let request_headers = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_HEADERS.as_str(),
"Authorization",
);
let request_headers = Header::new(ACCESS_CONTROL_REQUEST_HEADERS.as_str(), "Authorization");
let req = client
.options("/")
.header(method_header)
@ -192,15 +186,12 @@ fn cors_options_missing_origin() {
fn cors_options_bad_request_method() {
let client = Client::new(rocket()).unwrap();
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.acme.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.acme.com");
let method_header = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_METHOD.as_str(),
ACCESS_CONTROL_REQUEST_METHOD.as_str(),
hyper::Method::POST.as_str(),
);
let request_headers = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_HEADERS.as_str(),
"Authorization",
);
let request_headers = Header::new(ACCESS_CONTROL_REQUEST_HEADERS.as_str(), "Authorization");
let req = client
.options("/")
.header(origin_header)
@ -219,15 +210,12 @@ fn cors_options_bad_request_method() {
fn cors_options_bad_request_header() {
let client = Client::new(rocket()).unwrap();
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.acme.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.acme.com");
let method_header = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_METHOD.as_str(),
ACCESS_CONTROL_REQUEST_METHOD.as_str(),
hyper::Method::GET.as_str(),
);
let request_headers = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_HEADERS.as_str(),
"Foobar",
);
let request_headers = Header::new(ACCESS_CONTROL_REQUEST_HEADERS.as_str(), "Foobar");
let req = client
.options("/")
.header(origin_header)
@ -246,7 +234,7 @@ fn cors_options_bad_request_header() {
fn cors_get_bad_origin() {
let client = Client::new(rocket()).unwrap();
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.bad-origin.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.bad-origin.com");
let authorization = Header::new("Authorization", "let me in");
let req = client.get("/").header(origin_header).header(authorization);
@ -265,15 +253,12 @@ fn cors_get_bad_origin() {
fn routes_failing_checks_are_not_executed() {
let client = Client::new(rocket()).unwrap();
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.bad-origin.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.bad-origin.com");
let method_header = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_METHOD.as_str(),
ACCESS_CONTROL_REQUEST_METHOD.as_str(),
hyper::Method::GET.as_str(),
);
let request_headers = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_HEADERS.as_str(),
"Authorization",
);
let request_headers = Header::new(ACCESS_CONTROL_REQUEST_HEADERS.as_str(), "Authorization");
let req = client
.options("/panic")
.header(origin_header)

86
tests/guard.rs
View File

@ -9,13 +9,19 @@ use rocket::local::blocking::Client;
use rocket::{get, options, routes};
use rocket::{Response, State};
static ORIGIN: hyper::HeaderName = hyper::header::ORIGIN;
static ACCESS_CONTROL_REQUEST_METHOD: hyper::HeaderName =
hyper::header::ACCESS_CONTROL_REQUEST_METHOD;
static ACCESS_CONTROL_REQUEST_HEADERS: hyper::HeaderName =
hyper::header::ACCESS_CONTROL_REQUEST_HEADERS;
#[get("/")]
fn cors(cors: cors::Guard<'_>) -> cors::Responder<'_, '_, &str> {
cors.responder("Hello CORS")
}
#[get("/panic")]
fn panicking_route(_cors: cors::Guard<'_>) {
fn panicking_route(_cors: cors::Guard<'_>) -> cors::Responder<'_, '_, &str> {
panic!("This route will panic");
}
@ -92,15 +98,12 @@ fn smoke_test() {
let client = Client::new(rocket).unwrap();
// `Options` pre-flight checks
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.acme.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.acme.com");
let method_header = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_METHOD.as_str(),
ACCESS_CONTROL_REQUEST_METHOD.as_str(),
hyper::Method::GET.as_str(),
);
let request_headers = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_HEADERS.as_str(),
"Authorization",
);
let request_headers = Header::new(ACCESS_CONTROL_REQUEST_HEADERS.as_str(), "Authorization");
let req = client
.options("/")
.header(origin_header)
@ -111,7 +114,7 @@ fn smoke_test() {
assert!(response.status().class().is_success());
// "Actual" request
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.acme.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.acme.com");
let authorization = Header::new("Authorization", "let me in");
let req = client.get("/").header(origin_header).header(authorization);
@ -132,15 +135,12 @@ fn cors_options_catch_all_check() {
let rocket = make_rocket();
let client = Client::new(rocket).unwrap();
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.acme.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.acme.com");
let method_header = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_METHOD.as_str(),
ACCESS_CONTROL_REQUEST_METHOD.as_str(),
hyper::Method::GET.as_str(),
);
let request_headers = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_HEADERS.as_str(),
"Authorization",
);
let request_headers = Header::new(ACCESS_CONTROL_REQUEST_HEADERS.as_str(), "Authorization");
let req = client
.options("/")
.header(origin_header)
@ -163,15 +163,12 @@ fn cors_options_catch_all_check_other_routes() {
let rocket = make_rocket();
let client = Client::new(rocket).unwrap();
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.acme.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.acme.com");
let method_header = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_METHOD.as_str(),
ACCESS_CONTROL_REQUEST_METHOD.as_str(),
hyper::Method::GET.as_str(),
);
let request_headers = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_HEADERS.as_str(),
"Authorization",
);
let request_headers = Header::new(ACCESS_CONTROL_REQUEST_HEADERS.as_str(), "Authorization");
let req = client
.options("/response/unit")
.header(origin_header)
@ -193,7 +190,7 @@ fn cors_get_check() {
let rocket = make_rocket();
let client = Client::new(rocket).unwrap();
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.acme.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.acme.com");
let authorization = Header::new("Authorization", "let me in");
let req = client.get("/").header(origin_header).header(authorization);
@ -232,15 +229,12 @@ fn cors_options_bad_origin() {
let rocket = make_rocket();
let client = Client::new(rocket).unwrap();
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.bad-origin.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.bad-origin.com");
let method_header = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_METHOD.as_str(),
ACCESS_CONTROL_REQUEST_METHOD.as_str(),
hyper::Method::GET.as_str(),
);
let request_headers = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_HEADERS.as_str(),
"Authorization",
);
let request_headers = Header::new(ACCESS_CONTROL_REQUEST_HEADERS.as_str(), "Authorization");
let req = client
.options("/")
.header(origin_header)
@ -261,13 +255,10 @@ fn cors_options_missing_origin() {
let client = Client::new(rocket).unwrap();
let method_header = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_METHOD.as_str(),
ACCESS_CONTROL_REQUEST_METHOD.as_str(),
hyper::Method::GET.as_str(),
);
let request_headers = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_HEADERS.as_str(),
"Authorization",
);
let request_headers = Header::new(ACCESS_CONTROL_REQUEST_HEADERS.as_str(), "Authorization");
let req = client
.options("/")
.header(method_header)
@ -286,15 +277,12 @@ fn cors_options_bad_request_method() {
let rocket = make_rocket();
let client = Client::new(rocket).unwrap();
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.acme.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.acme.com");
let method_header = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_METHOD.as_str(),
ACCESS_CONTROL_REQUEST_METHOD.as_str(),
hyper::Method::POST.as_str(),
);
let request_headers = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_HEADERS.as_str(),
"Authorization",
);
let request_headers = Header::new(ACCESS_CONTROL_REQUEST_HEADERS.as_str(), "Authorization");
let req = client
.options("/")
.header(origin_header)
@ -314,15 +302,12 @@ fn cors_options_bad_request_header() {
let rocket = make_rocket();
let client = Client::new(rocket).unwrap();
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.acme.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.acme.com");
let method_header = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_METHOD.as_str(),
ACCESS_CONTROL_REQUEST_METHOD.as_str(),
hyper::Method::GET.as_str(),
);
let request_headers = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_HEADERS.as_str(),
"Foobar",
);
let request_headers = Header::new(ACCESS_CONTROL_REQUEST_HEADERS.as_str(), "Foobar");
let req = client
.options("/")
.header(origin_header)
@ -342,7 +327,7 @@ fn cors_get_bad_origin() {
let rocket = make_rocket();
let client = Client::new(rocket).unwrap();
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.bad-origin.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.bad-origin.com");
let authorization = Header::new("Authorization", "let me in");
let req = client.get("/").header(origin_header).header(authorization);
@ -362,7 +347,7 @@ fn routes_failing_checks_are_not_executed() {
let rocket = make_rocket();
let client = Client::new(rocket).unwrap();
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.bad-origin.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.bad-origin.com");
let authorization = Header::new("Authorization", "let me in");
let req = client.get("/").header(origin_header).header(authorization);
@ -381,15 +366,12 @@ fn overridden_options_routes_are_used() {
let rocket = make_rocket();
let client = Client::new(rocket).unwrap();
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.acme.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.acme.com");
let method_header = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_METHOD.as_str(),
ACCESS_CONTROL_REQUEST_METHOD.as_str(),
hyper::Method::GET.as_str(),
);
let request_headers = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_HEADERS.as_str(),
"Authorization",
);
let request_headers = Header::new(ACCESS_CONTROL_REQUEST_HEADERS.as_str(), "Authorization");
let req = client
.options("/manual")
.header(origin_header)

12
tests/headers.rs
View File

@ -8,6 +8,12 @@ use rocket::local::blocking::Client;
use rocket::{get, routes};
use rocket_cors::headers::*;
static ORIGIN: hyper::HeaderName = hyper::header::ORIGIN;
static ACCESS_CONTROL_REQUEST_METHOD: hyper::HeaderName =
hyper::header::ACCESS_CONTROL_REQUEST_METHOD;
static ACCESS_CONTROL_REQUEST_HEADERS: hyper::HeaderName =
hyper::header::ACCESS_CONTROL_REQUEST_HEADERS;
#[get("/request_headers")]
fn request_headers(
origin: Origin,
@ -30,13 +36,13 @@ fn request_headers_round_trip_smoke_test() {
let rocket = rocket::ignite().mount("/", routes![request_headers]);
let client = Client::new(rocket).expect("A valid Rocket client");
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://foo.bar.xyz");
let origin_header = Header::new(ORIGIN.as_str(), "https://foo.bar.xyz");
let method_header = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_METHOD.as_str(),
ACCESS_CONTROL_REQUEST_METHOD.as_str(),
hyper::Method::GET.as_str(),
);
let request_headers = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_HEADERS.as_str(),
ACCESS_CONTROL_REQUEST_HEADERS.as_str(),
"accept-language, X-Ping",
);
let req = client

86
tests/manual.rs
View File

@ -9,6 +9,12 @@ use rocket::State;
use rocket::{get, options, routes};
use rocket_cors::*;
static ORIGIN: hyper::HeaderName = hyper::header::ORIGIN;
static ACCESS_CONTROL_REQUEST_METHOD: hyper::HeaderName =
hyper::header::ACCESS_CONTROL_REQUEST_METHOD;
static ACCESS_CONTROL_REQUEST_HEADERS: hyper::HeaderName =
hyper::header::ACCESS_CONTROL_REQUEST_HEADERS;
/// Using a borrowed `Cors`
#[get("/")]
fn cors(options: State<'_, Cors>) -> impl Responder<'_, '_> {
@ -44,6 +50,7 @@ fn owned<'r, 'o: 'r>() -> impl Responder<'r, 'o> {
/// `Responder` with String
#[get("/")]
#[allow(dead_code)]
fn responder_string(options: State<'_, Cors>) -> impl Responder<'_, '_> {
options
.inner()
@ -53,6 +60,7 @@ fn responder_string(options: State<'_, Cors>) -> impl Responder<'_, '_> {
struct TestState;
/// Borrow something else from Rocket with lifetime `'r`
#[get("/")]
#[allow(dead_code)]
fn borrow<'r, 'o: 'r>(
options: State<'r, Cors>,
test_state: State<'r, TestState>,
@ -101,15 +109,12 @@ fn smoke_test() {
let client = Client::new(rocket()).unwrap();
// `Options` pre-flight checks
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.acme.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.acme.com");
let method_header = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_METHOD.as_str(),
ACCESS_CONTROL_REQUEST_METHOD.as_str(),
hyper::Method::GET.as_str(),
);
let request_headers = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_HEADERS.as_str(),
"Authorization",
);
let request_headers = Header::new(ACCESS_CONTROL_REQUEST_HEADERS.as_str(), "Authorization");
let req = client
.options("/")
.header(origin_header)
@ -120,7 +125,7 @@ fn smoke_test() {
assert!(response.status().class().is_success());
// "Actual" request
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.acme.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.acme.com");
let authorization = Header::new("Authorization", "let me in");
let req = client.get("/").header(origin_header).header(authorization);
@ -139,15 +144,12 @@ fn smoke_test() {
fn cors_options_borrowed_check() {
let client = Client::new(rocket()).unwrap();
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.acme.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.acme.com");
let method_header = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_METHOD.as_str(),
ACCESS_CONTROL_REQUEST_METHOD.as_str(),
hyper::Method::GET.as_str(),
);
let request_headers = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_HEADERS.as_str(),
"Authorization",
);
let request_headers = Header::new(ACCESS_CONTROL_REQUEST_HEADERS.as_str(), "Authorization");
let req = client
.options("/")
.header(origin_header)
@ -168,7 +170,7 @@ fn cors_options_borrowed_check() {
fn cors_get_borrowed_check() {
let client = Client::new(rocket()).unwrap();
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.acme.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.acme.com");
let authorization = Header::new("Authorization", "let me in");
let req = client.get("/").header(origin_header).header(authorization);
@ -201,15 +203,12 @@ fn cors_get_no_origin() {
fn cors_options_bad_origin() {
let client = Client::new(rocket()).unwrap();
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.bad-origin.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.bad-origin.com");
let method_header = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_METHOD.as_str(),
ACCESS_CONTROL_REQUEST_METHOD.as_str(),
hyper::Method::GET.as_str(),
);
let request_headers = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_HEADERS.as_str(),
"Authorization",
);
let request_headers = Header::new(ACCESS_CONTROL_REQUEST_HEADERS.as_str(), "Authorization");
let req = client
.options("/")
.header(origin_header)
@ -225,13 +224,10 @@ fn cors_options_missing_origin() {
let client = Client::new(rocket()).unwrap();
let method_header = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_METHOD.as_str(),
ACCESS_CONTROL_REQUEST_METHOD.as_str(),
hyper::Method::GET.as_str(),
);
let request_headers = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_HEADERS.as_str(),
"Authorization",
);
let request_headers = Header::new(ACCESS_CONTROL_REQUEST_HEADERS.as_str(), "Authorization");
let req = client
.options("/")
.header(method_header)
@ -249,15 +245,12 @@ fn cors_options_missing_origin() {
fn cors_options_bad_request_method() {
let client = Client::new(rocket()).unwrap();
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.acme.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.acme.com");
let method_header = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_METHOD.as_str(),
ACCESS_CONTROL_REQUEST_METHOD.as_str(),
hyper::Method::POST.as_str(),
);
let request_headers = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_HEADERS.as_str(),
"Authorization",
);
let request_headers = Header::new(ACCESS_CONTROL_REQUEST_HEADERS.as_str(), "Authorization");
let req = client
.options("/")
.header(origin_header)
@ -276,15 +269,12 @@ fn cors_options_bad_request_method() {
fn cors_options_bad_request_header() {
let client = Client::new(rocket()).unwrap();
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.acme.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.acme.com");
let method_header = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_METHOD.as_str(),
ACCESS_CONTROL_REQUEST_METHOD.as_str(),
hyper::Method::GET.as_str(),
);
let request_headers = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_HEADERS.as_str(),
"Foobar",
);
let request_headers = Header::new(ACCESS_CONTROL_REQUEST_HEADERS.as_str(), "Foobar");
let req = client
.options("/")
.header(origin_header)
@ -303,7 +293,7 @@ fn cors_options_bad_request_header() {
fn cors_get_bad_origin() {
let client = Client::new(rocket()).unwrap();
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.bad-origin.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.bad-origin.com");
let authorization = Header::new("Authorization", "let me in");
let req = client.get("/").header(origin_header).header(authorization);
@ -322,15 +312,12 @@ fn cors_get_bad_origin() {
fn routes_failing_checks_are_not_executed() {
let client = Client::new(rocket()).unwrap();
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.bad-origin.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.bad-origin.com");
let method_header = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_METHOD.as_str(),
ACCESS_CONTROL_REQUEST_METHOD.as_str(),
hyper::Method::GET.as_str(),
);
let request_headers = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_HEADERS.as_str(),
"Authorization",
);
let request_headers = Header::new(ACCESS_CONTROL_REQUEST_HEADERS.as_str(), "Authorization");
let req = client
.options("/panic")
.header(origin_header)
@ -351,15 +338,12 @@ fn cors_options_owned_check() {
let rocket = rocket();
let client = Client::new(rocket).unwrap();
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.example.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.example.com");
let method_header = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_METHOD.as_str(),
ACCESS_CONTROL_REQUEST_METHOD.as_str(),
hyper::Method::GET.as_str(),
);
let request_headers = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_HEADERS.as_str(),
"Authorization",
);
let request_headers = Header::new(ACCESS_CONTROL_REQUEST_HEADERS.as_str(), "Authorization");
let req = client
.options("/owned")
.header(origin_header)
@ -383,7 +367,7 @@ fn cors_options_owned_check() {
fn cors_get_owned_check() {
let client = Client::new(rocket()).unwrap();
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.example.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.example.com");
let authorization = Header::new("Authorization", "let me in");
let req = client
.get("/owned")

72
tests/mix.rs
View File

@ -3,8 +3,6 @@
//! In this example, you typically have an application wide `Cors` struct except for one specific
//! `ping` route that you want to allow all Origins to access.
#![feature(proc_macro_hygiene, decl_macro)]
use rocket_cors;
use rocket::http::hyper;
use rocket::http::{Header, Method, Status};
use rocket::local::blocking::Client;
@ -13,6 +11,12 @@ use rocket::{get, options, routes};
use rocket_cors::{AllowedHeaders, AllowedOrigins, CorsOptions, Guard};
static ORIGIN: hyper::HeaderName = hyper::header::ORIGIN;
static ACCESS_CONTROL_REQUEST_METHOD: hyper::HeaderName =
hyper::header::ACCESS_CONTROL_REQUEST_METHOD;
static ACCESS_CONTROL_REQUEST_HEADERS: hyper::HeaderName =
hyper::header::ACCESS_CONTROL_REQUEST_HEADERS;
/// The "usual" app route
#[get("/")]
fn app(cors: Guard<'_>) -> rocket_cors::Responder<'_, '_, &str> {
@ -70,15 +74,12 @@ fn smoke_test() {
let client = Client::new(rocket()).unwrap();
// `Options` pre-flight checks
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.acme.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.acme.com");
let method_header = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_METHOD.as_str(),
ACCESS_CONTROL_REQUEST_METHOD.as_str(),
hyper::Method::GET.as_str(),
);
let request_headers = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_HEADERS.as_str(),
"Authorization",
);
let request_headers = Header::new(ACCESS_CONTROL_REQUEST_HEADERS.as_str(), "Authorization");
let req = client
.options("/")
.header(origin_header)
@ -89,7 +90,7 @@ fn smoke_test() {
assert!(response.status().class().is_success());
// "Actual" request
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.acme.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.acme.com");
let authorization = Header::new("Authorization", "let me in");
let req = client.get("/").header(origin_header).header(authorization);
@ -108,15 +109,12 @@ fn smoke_test() {
fn cors_options_check() {
let client = Client::new(rocket()).unwrap();
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.acme.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.acme.com");
let method_header = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_METHOD.as_str(),
ACCESS_CONTROL_REQUEST_METHOD.as_str(),
hyper::Method::GET.as_str(),
);
let request_headers = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_HEADERS.as_str(),
"Authorization",
);
let request_headers = Header::new(ACCESS_CONTROL_REQUEST_HEADERS.as_str(), "Authorization");
let req = client
.options("/")
.header(origin_header)
@ -137,7 +135,7 @@ fn cors_options_check() {
fn cors_get_check() {
let client = Client::new(rocket()).unwrap();
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.acme.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.acme.com");
let authorization = Header::new("Authorization", "let me in");
let req = client.get("/").header(origin_header).header(authorization);
@ -170,15 +168,12 @@ fn cors_get_no_origin() {
fn cors_options_bad_origin() {
let client = Client::new(rocket()).unwrap();
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.bad-origin.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.bad-origin.com");
let method_header = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_METHOD.as_str(),
ACCESS_CONTROL_REQUEST_METHOD.as_str(),
hyper::Method::GET.as_str(),
);
let request_headers = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_HEADERS.as_str(),
"Authorization",
);
let request_headers = Header::new(ACCESS_CONTROL_REQUEST_HEADERS.as_str(), "Authorization");
let req = client
.options("/")
.header(origin_header)
@ -194,13 +189,10 @@ fn cors_options_missing_origin() {
let client = Client::new(rocket()).unwrap();
let method_header = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_METHOD.as_str(),
ACCESS_CONTROL_REQUEST_METHOD.as_str(),
hyper::Method::GET.as_str(),
);
let request_headers = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_HEADERS.as_str(),
"Authorization",
);
let request_headers = Header::new(ACCESS_CONTROL_REQUEST_HEADERS.as_str(), "Authorization");
let req = client
.options("/")
.header(method_header)
@ -218,15 +210,12 @@ fn cors_options_missing_origin() {
fn cors_options_bad_request_method() {
let client = Client::new(rocket()).unwrap();
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.acme.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.acme.com");
let method_header = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_METHOD.as_str(),
ACCESS_CONTROL_REQUEST_METHOD.as_str(),
hyper::Method::POST.as_str(),
);
let request_headers = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_HEADERS.as_str(),
"Authorization",
);
let request_headers = Header::new(ACCESS_CONTROL_REQUEST_HEADERS.as_str(), "Authorization");
let req = client
.options("/")
.header(origin_header)
@ -245,15 +234,12 @@ fn cors_options_bad_request_method() {
fn cors_options_bad_request_header() {
let client = Client::new(rocket()).unwrap();
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.acme.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.acme.com");
let method_header = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_METHOD.as_str(),
ACCESS_CONTROL_REQUEST_METHOD.as_str(),
hyper::Method::GET.as_str(),
);
let request_headers = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_HEADERS.as_str(),
"Foobar",
);
let request_headers = Header::new(ACCESS_CONTROL_REQUEST_HEADERS.as_str(), "Foobar");
let req = client
.options("/")
.header(origin_header)
@ -272,7 +258,7 @@ fn cors_options_bad_request_header() {
fn cors_get_bad_origin() {
let client = Client::new(rocket()).unwrap();
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.bad-origin.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.bad-origin.com");
let authorization = Header::new("Authorization", "let me in");
let req = client.get("/").header(origin_header).header(authorization);
@ -289,9 +275,9 @@ fn cors_get_bad_origin() {
fn cors_options_ping_check() {
let client = Client::new(rocket()).unwrap();
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.example.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.example.com");
let method_header = Header::new(
hyper::header::ACCESS_CONTROL_REQUEST_METHOD.as_str(),
ACCESS_CONTROL_REQUEST_METHOD.as_str(),
hyper::Method::GET.as_str(),
);
@ -315,7 +301,7 @@ fn cors_options_ping_check() {
fn cors_get_ping_check() {
let client = Client::new(rocket()).unwrap();
let origin_header = Header::new(hyper::header::ORIGIN.as_str(), "https://www.example.com");
let origin_header = Header::new(ORIGIN.as_str(), "https://www.example.com");
let req = client.get("/ping").header(origin_header);