projectmoon
/
rocket_cors
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Rustfmt fix 

- Bump to 0.2.2
 - Add Travis cargo cache
This commit is contained in:
Yong Wen Chua 2018-02-14 13:22:43 +08:00
parent 456248eabf
commit ff1deabf55
16 changed files with 345 additions and 452 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.travis.yml
View File

@ -4,6 +4,7 @@ rust:
- nightly
# Minimum Rust set by Rocket
- nightly-2018-01-13
cache: cargo
env:
global:
- TRAVIS_CARGO_NIGHTLY_FEATURE=""

2
Cargo.toml
View File

@ -1,6 +1,6 @@
[package]
name = "rocket_cors"
version = "0.2.1"
version = "0.2.2"
license = "Apache-2.0"
authors = ["Yong Wen Chua <me@yongwen.xyz>"]
description = "Cross-origin resource sharing (CORS) for Rocket.rs applications"

2
README.md
View File

@ -29,7 +29,7 @@ work, but they are subject to the minimum that Rocket sets.
Add the following to Cargo.toml:
```toml
rocket_cors = "0.2.1"
rocket_cors = "0.2.2"
```
To use the latest `master` branch, for example:

2
examples/fairing.rs
View File

@ -4,7 +4,7 @@ extern crate rocket;
extern crate rocket_cors;
use rocket::http::Method;
use rocket_cors::{AllowedOrigins, AllowedHeaders};
use rocket_cors::{AllowedHeaders, AllowedOrigins};
#[get("/")]
fn cors<'a>() -> &'a str {

2
examples/guard.rs
View File

@ -7,7 +7,7 @@ use std::io::Cursor;
use rocket::Response;
use rocket::http::Method;
use rocket_cors::{Guard, AllowedOrigins, AllowedHeaders, Responder};
use rocket_cors::{AllowedHeaders, AllowedOrigins, Guard, Responder};
/// Using a `Responder` -- the usual way you would use this
#[get("/")]

2
examples/json.rs
View File

@ -6,7 +6,7 @@ extern crate rocket_cors as cors;
extern crate serde_json;
use rocket::http::Method;
use cors::{Cors, AllowedOrigins, AllowedHeaders};
use cors::{AllowedHeaders, AllowedOrigins, Cors};
fn main() {
// The default demonstrates the "All" serialization of several of the settings

16
examples/manual.rs
View File

@ -5,17 +5,17 @@ extern crate rocket_cors;
use std::io::Cursor;
use rocket::{State, Response};
use rocket::{Response, State};
use rocket::http::Method;
use rocket::response::Responder;
use rocket_cors::{Cors, AllowedOrigins, AllowedHeaders};
use rocket_cors::{AllowedHeaders, AllowedOrigins, Cors};
/// Using a borrowed Cors
#[get("/")]
fn borrowed<'r>(options: State<'r, Cors>) -> impl Responder<'r> {
options.inner().respond_borrowed(
|guard| guard.responder("Hello CORS"),
)
options
.inner()
.respond_borrowed(|guard| guard.responder("Hello CORS"))
}
/// Using a `Response` instead of a `Responder`. You generally won't have to do this.
@ -24,9 +24,9 @@ fn response<'r>(options: State<'r, Cors>) -> impl Responder<'r> {
let mut response = Response::new();
response.set_sized_body(Cursor::new("Hello CORS!"));
options.inner().respond_borrowed(
move |guard| guard.response(response),
)
options
.inner()
.respond_borrowed(move |guard| guard.response(response))
}
/// Create and use an ad-hoc Cors

2
examples/mix.rs
View File

@ -10,7 +10,7 @@ extern crate rocket_cors;
use rocket::http::Method;
use rocket::response::Responder;
use rocket_cors::{Cors, Guard, AllowedOrigins, AllowedHeaders};
use rocket_cors::{AllowedHeaders, AllowedOrigins, Cors, Guard};
/// The "usual" app route
#[get("/")]

33
src/fairing.rs
View File

@ -1,10 +1,10 @@
//! Fairing implementation
use std::str::FromStr;
use rocket::{self, Request, Outcome};
use rocket::http::{self, Status, Header};
use rocket::{self, Outcome, Request};
use rocket::http::{self, Header, Status};
use {Cors, Error, validate, preflight_response, actual_request_response, origin, request_headers};
use {actual_request_response, origin, preflight_response, request_headers, validate, Cors, Error};
/// An injected header to quickly give the result of CORS
static CORS_HEADER: &str = "ROCKET-CORS";
@ -82,9 +82,10 @@ fn on_response_wrapper(
};
// Get validation result from injected header
let injected_header = request.headers().get_one(CORS_HEADER).ok_or_else(|| {
Error::MissingInjectedHeader
})?;
let injected_header = request
.headers()
.get_one(CORS_HEADER)
.ok_or_else(|| Error::MissingInjectedHeader)?;
let result = InjectedHeader::from_str(injected_header)?;
if let InjectedHeader::Failure = result {
@ -107,9 +108,7 @@ fn on_response_wrapper(
//
// TODO: Is there anyway we can make this smarter? Only modify status codes for
// requests where an actual route exist?
if request.method() == http::Method::Options &&
request.route().is_none()
{
if request.method() == http::Method::Options && request.route().is_none() {
info_!(
"CORS Fairing: Turned missing route {} into an OPTIONS pre-flight request",
request
@ -124,16 +123,14 @@ impl rocket::fairing::Fairing for Cors {
fn info(&self) -> rocket::fairing::Info {
rocket::fairing::Info {
name: "CORS",
kind: rocket::fairing::Kind::Attach | rocket::fairing::Kind::Request |
rocket::fairing::Kind::Response,
kind: rocket::fairing::Kind::Attach | rocket::fairing::Kind::Request
| rocket::fairing::Kind::Response,
}
}
fn on_attach(&self, rocket: rocket::Rocket) -> Result<rocket::Rocket, rocket::Rocket> {
match self.validate() {
Ok(()) => {
Ok(rocket.mount(&self.fairing_route_base, vec![fairing_route()]))
}
Ok(()) => Ok(rocket.mount(&self.fairing_route_base, vec![fairing_route()])),
Err(e) => {
error_!("Error attaching CORS fairing: {}", e);
Err(rocket)
@ -170,7 +167,7 @@ mod tests {
use rocket::http::{Method, Status};
use rocket::local::Client;
use {Cors, AllOrSome, AllowedOrigins, AllowedHeaders};
use {AllOrSome, AllowedHeaders, AllowedOrigins, Cors};
const CORS_ROOT: &'static str = "/my_cors";
@ -214,9 +211,9 @@ mod tests {
let rocket = rocket(make_cors_options());
let expected_uri = format!("{}/<status>", CORS_ROOT);
let error_route = rocket.routes().find(|r| {
r.method == Method::Get && r.uri.as_str() == expected_uri
});
let error_route = rocket
.routes()
.find(|r| r.method == Method::Get && r.uri.as_str() == expected_uri);
assert!(error_route.is_some());
}

40
src/headers.rs
View File

@ -20,8 +20,7 @@ use url_serde;
#[derive(Eq, PartialEq, Clone, Debug, Hash)]
#[cfg_attr(feature = "serialization", derive(Serialize, Deserialize))]
pub struct HeaderFieldName(
#[cfg_attr(feature = "serialization", serde(with = "unicase_serde::unicase"))]
UniCase<String>
#[cfg_attr(feature = "serialization", serde(with = "unicase_serde::unicase"))] UniCase<String>,
);
impl Deref for HeaderFieldName {
@ -64,10 +63,7 @@ pub type HeaderFieldNamesSet = HashSet<HeaderFieldName>;
/// A wrapped `url::Url` to allow for deserialization
#[derive(Eq, PartialEq, Clone, Hash, Debug)]
#[cfg_attr(feature = "serialization", derive(Serialize, Deserialize))]
pub struct Url(
#[cfg_attr(feature = "serialization", serde(with = "url_serde"))]
url::Url
);
pub struct Url(#[cfg_attr(feature = "serialization", serde(with = "url_serde"))] url::Url);
impl fmt::Display for Url {
fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
@ -97,12 +93,10 @@ impl<'a, 'r> FromRequest<'a, 'r> for Url {
fn from_request(request: &'a rocket::Request<'r>) -> request::Outcome<Self, ::Error> {
match request.headers().get_one("Origin") {
Some(origin) => {
match Self::from_str(origin) {
Ok(origin) => Outcome::Success(origin),
Err(e) => Outcome::Failure((Status::BadRequest, ::Error::BadOrigin(e))),
}
}
Some(origin) => match Self::from_str(origin) {
Ok(origin) => Outcome::Success(origin),
Err(e) => Outcome::Failure((Status::BadRequest, ::Error::BadOrigin(e))),
},
None => Outcome::Forward(()),
}
}
@ -134,12 +128,10 @@ impl<'a, 'r> FromRequest<'a, 'r> for AccessControlRequestMethod {
fn from_request(request: &'a rocket::Request<'r>) -> request::Outcome<Self, ::Error> {
match request.headers().get_one("Access-Control-Request-Method") {
Some(request_method) => {
match Self::from_str(request_method) {
Ok(request_method) => Outcome::Success(request_method),
Err(e) => Outcome::Failure((Status::BadRequest, ::Error::BadRequestMethod(e))),
}
}
Some(request_method) => match Self::from_str(request_method) {
Ok(request_method) => Outcome::Success(request_method),
Err(e) => Outcome::Failure((Status::BadRequest, ::Error::BadRequestMethod(e))),
},
None => Outcome::Forward(()),
}
}
@ -175,14 +167,12 @@ impl<'a, 'r> FromRequest<'a, 'r> for AccessControlRequestHeaders {
fn from_request(request: &'a rocket::Request<'r>) -> request::Outcome<Self, ::Error> {
match request.headers().get_one("Access-Control-Request-Headers") {
Some(request_headers) => {
match Self::from_str(request_headers) {
Ok(request_headers) => Outcome::Success(request_headers),
Err(()) => {
unreachable!("`AccessControlRequestHeaders::from_str` should never fail")
}
Some(request_headers) => match Self::from_str(request_headers) {
Ok(request_headers) => Outcome::Success(request_headers),
Err(()) => {
unreachable!("`AccessControlRequestHeaders::from_str` should never fail")
}
}
},
None => Outcome::Forward(()),
}
}

269
src/lib.rs
View File

@ -27,7 +27,7 @@
//! Add the following to Cargo.toml:
//!
//! ```toml
//! rocket_cors = "0.2.1"
//! rocket_cors = "0.2.2"
//! ```
//!
//! To use the latest `master` branch, for example:
@ -43,7 +43,7 @@
//! your `Cargo.toml` to:
//!
//! ```toml
//! rocket_cors = { version = "0.2.1", default-features = false }
//! rocket_cors = { version = "0.2.2", default-features = false }
//! ```
//!
//! ## Usage
@ -473,56 +473,18 @@
//!
//! ```
#![allow(
legacy_directory_ownership,
missing_copy_implementations,
missing_debug_implementations,
unknown_lints,
unsafe_code,
)]
#![deny(
const_err,
dead_code,
deprecated,
exceeding_bitshifts,
improper_ctypes,
missing_docs,
mutable_transmutes,
no_mangle_const_items,
non_camel_case_types,
non_shorthand_field_patterns,
non_upper_case_globals,
overflowing_literals,
path_statements,
plugin_as_library,
private_no_mangle_fns,
private_no_mangle_statics,
stable_features,
trivial_casts,
trivial_numeric_casts,
unconditional_recursion,
unknown_crate_types,
unreachable_code,
unused_allocation,
unused_assignments,
unused_attributes,
unused_comparisons,
unused_extern_crates,
unused_features,
unused_imports,
unused_import_braces,
unused_qualifications,
unused_must_use,
unused_mut,
unused_parens,
unused_results,
unused_unsafe,
unused_variables,
variant_size_differences,
warnings,
while_true,
)]
#![allow(legacy_directory_ownership, missing_copy_implementations, missing_debug_implementations,
unknown_lints, unsafe_code)]
#![deny(const_err, dead_code, deprecated, exceeding_bitshifts, improper_ctypes, missing_docs,
mutable_transmutes, no_mangle_const_items, non_camel_case_types,
non_shorthand_field_patterns, non_upper_case_globals, overflowing_literals,
path_statements, plugin_as_library, private_no_mangle_fns, private_no_mangle_statics,
stable_features, trivial_casts, trivial_numeric_casts, unconditional_recursion,
unknown_crate_types, unreachable_code, unused_allocation, unused_assignments,
unused_attributes, unused_comparisons, unused_extern_crates, unused_features,
unused_imports, unused_import_braces, unused_qualifications, unused_must_use, unused_mut,
unused_parens, unused_results, unused_unsafe, unused_variables, variant_size_differences,
warnings, while_true)]
#![cfg_attr(test, feature(plugin))]
#![cfg_attr(test, plugin(rocket_codegen))]
#![doc(test(attr(allow(unused_variables), deny(warnings))))]
@ -548,10 +510,10 @@ extern crate url_serde;
extern crate hyper;
#[cfg(feature = "serialization")]
#[cfg(test)]
extern crate serde_test;
extern crate serde_json;
#[cfg(feature = "serialization")]
#[cfg(test)]
extern crate serde_json;
extern crate serde_test;
#[cfg(test)]
#[macro_use]
@ -561,7 +523,7 @@ mod fairing;
pub mod headers;
use std::borrow::Cow;
use std::collections::{HashSet, HashMap};
use std::collections::{HashMap, HashSet};
use std::error;
use std::fmt;
use std::marker::PhantomData;
@ -570,11 +532,11 @@ use std::str::FromStr;
use rocket::{Outcome, State};
use rocket::http::{self, Status};
use rocket::request::{Request, FromRequest};
use rocket::request::{FromRequest, Request};
use rocket::response;
use headers::{HeaderFieldName, HeaderFieldNamesSet, Origin, AccessControlRequestHeaders,
AccessControlRequestMethod, Url};
use headers::{AccessControlRequestHeaders, AccessControlRequestMethod, HeaderFieldName,
HeaderFieldNamesSet, Origin, Url};
/// Errors during operations
///
@ -620,12 +582,14 @@ pub enum Error {
impl Error {
fn status(&self) -> Status {
match *self {
Error::MissingOrigin | Error::OriginNotAllowed | Error::MethodNotAllowed |
Error::HeadersNotAllowed => Status::Forbidden,
Error::CredentialsWithWildcardOrigin |
Error::MissingCorsInRocketState |
Error::MissingInjectedHeader |
Error::UnknownInjectedHeader => Status::InternalServerError,
Error::MissingOrigin
| Error::OriginNotAllowed
| Error::MethodNotAllowed
| Error::HeadersNotAllowed => Status::Forbidden,
Error::CredentialsWithWildcardOrigin
| Error::MissingCorsInRocketState
| Error::MissingInjectedHeader
| Error::UnknownInjectedHeader => Status::InternalServerError,
_ => Status::BadRequest,
}
}
@ -645,7 +609,7 @@ impl error::Error for Error {
}
Error::MissingRequestHeaders => {
"The request header `Access-Control-Request-Headers` \
is required but is missing"
is required but is missing"
}
Error::OriginNotAllowed => "Origin is not allowed to request",
Error::MethodNotAllowed => "Method is not allowed",
@ -778,7 +742,7 @@ mod method_serde {
use std::fmt;
use std::str::FromStr;
use serde::{self, Serialize, Deserialize};
use serde::{self, Deserialize, Serialize};
use Method;
@ -1158,7 +1122,6 @@ impl Cors {
}
}
/// A CORS Response which provides the following CORS headers:
///
/// - `Access-Control-Allow-Origin`
@ -1340,7 +1303,6 @@ impl Response {
}
}
/// A [request guard](https://rocket.rs/guide/requests/#request-guards) to check CORS headers
/// before a route is run. Will not execute the route if checks fail.
///
@ -1559,12 +1521,10 @@ fn validate_origin(
match *allowed_origins {
// Always matching is acceptable since the list of origins can be unbounded.
AllOrSome::All => Ok(()),
AllOrSome::Some(ref allowed_origins) => {
allowed_origins
.get(origin)
.and_then(|_| Some(()))
.ok_or_else(|| Error::OriginNotAllowed)
}
AllOrSome::Some(ref allowed_origins) => allowed_origins
.get(origin)
.and_then(|_| Some(()))
.ok_or_else(|| Error::OriginNotAllowed),
}
}
@ -1637,7 +1597,6 @@ fn preflight_validate(
method: &Option<AccessControlRequestMethod>,
headers: &Option<AccessControlRequestHeaders>,
) -> Result<(), Error> {
options.validate()?; // Fast-forward check for #7
// Note: All header parse failures are dealt with in the `FromRequest` trait implementation
@ -1828,13 +1787,13 @@ pub fn catch_all_options_routes() -> Vec<rocket::Route> {
isize::max_value(),
http::Method::Options,
"/",
catch_all_options_route_handler
catch_all_options_route_handler,
),
rocket::Route::ranked(
isize::max_value(),
http::Method::Options,
"/<catch_all_options_route..>",
catch_all_options_route_handler
catch_all_options_route_handler,
),
]
}
@ -1844,7 +1803,6 @@ fn catch_all_options_route_handler<'r>(
request: &'r Request,
_: rocket::Data,
) -> rocket::handler::Outcome<'r> {
let guard: Guard = match request.guard() {
Outcome::Success(guard) => guard,
Outcome::Failure((status, _)) => return rocket::handler::Outcome::failure(status),
@ -2099,7 +2057,6 @@ mod tests {
.collect(),
),
).unwrap();
}
#[test]
@ -2149,8 +2106,6 @@ mod tests {
.next()
.is_none()
);
}
#[derive(Debug, PartialEq)]
@ -2162,9 +2117,11 @@ mod tests {
#[cfg(feature = "serialization")]
#[test]
fn method_serde_roundtrip() {
use serde_test::{Token, assert_tokens};
use serde_test::{assert_tokens, Token};
let test = MethodTest { method: From::from(http::Method::Get) };
let test = MethodTest {
method: From::from(http::Method::Get),
};
assert_tokens(
&test,
@ -2185,15 +2142,14 @@ mod tests {
let options = make_cors_options();
let client = make_client();
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.acme.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get,
));
let request_headers = hyper::header::AccessControlRequestHeaders(
vec![FromStr::from_str("Authorization").unwrap()],
);
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
FromStr::from_str("Authorization").unwrap(),
]);
let request_headers = Header::from(request_headers);
let request = client
@ -2219,15 +2175,14 @@ mod tests {
let options = make_invalid_options();
let client = make_client();
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.acme.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get,
));
let request_headers = hyper::header::AccessControlRequestHeaders(
vec![FromStr::from_str("Authorization").unwrap()],
);
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
FromStr::from_str("Authorization").unwrap(),
]);
let request_headers = Header::from(request_headers);
let request = client
@ -2245,15 +2200,14 @@ mod tests {
options.allowed_origins = AllOrSome::All;
let client = make_client();
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.example.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.example.com").unwrap());
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get,
));
let request_headers = hyper::header::AccessControlRequestHeaders(
vec![FromStr::from_str("Authorization").unwrap()],
);
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
FromStr::from_str("Authorization").unwrap(),
]);
let request_headers = Header::from(request_headers);
let request = client
@ -2277,15 +2231,14 @@ mod tests {
let options = make_cors_options();
let client = make_client();
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.example.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.example.com").unwrap());
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get,
));
let request_headers = hyper::header::AccessControlRequestHeaders(
vec![FromStr::from_str("Authorization").unwrap()],
);
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
FromStr::from_str("Authorization").unwrap(),
]);
let request_headers = Header::from(request_headers);
let request = client
@ -2303,17 +2256,17 @@ mod tests {
let options = make_cors_options();
let client = make_client();
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.acme.com").unwrap(),
);
let request_headers = hyper::header::AccessControlRequestHeaders(
vec![FromStr::from_str("Authorization").unwrap()],
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
FromStr::from_str("Authorization").unwrap(),
]);
let request_headers = Header::from(request_headers);
let request = client.options("/").header(origin_header).header(
request_headers,
);
let request = client
.options("/")
.header(origin_header)
.header(request_headers);
let _ = validate(&options, request.inner()).unwrap();
}
@ -2324,15 +2277,14 @@ mod tests {
let options = make_cors_options();
let client = make_client();
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.acme.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Post,
));
let request_headers = hyper::header::AccessControlRequestHeaders(
vec![FromStr::from_str("Authorization").unwrap()],
);
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
FromStr::from_str("Authorization").unwrap(),
]);
let request_headers = Header::from(request_headers);
let request = client
@ -2350,9 +2302,8 @@ mod tests {
let options = make_cors_options();
let client = make_client();
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.acme.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get,
));
@ -2376,9 +2327,8 @@ mod tests {
let options = make_cors_options();
let client = make_client();
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.acme.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
let request = client.get("/").header(origin_header);
let result = validate(&options, request.inner()).expect("to not fail");
@ -2395,9 +2345,8 @@ mod tests {
let options = make_invalid_options();
let client = make_client();
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.acme.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
let request = client.get("/").header(origin_header);
let _ = validate(&options, request.inner()).unwrap();
@ -2409,9 +2358,8 @@ mod tests {
options.allowed_origins = AllOrSome::All;
let client = make_client();
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.example.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.example.com").unwrap());
let request = client.get("/").header(origin_header);
let result = validate(&options, request.inner()).expect("to not fail");
@ -2428,9 +2376,8 @@ mod tests {
let options = make_cors_options();
let client = make_client();
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.example.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.example.com").unwrap());
let request = client.get("/").header(origin_header);
let _ = validate(&options, request.inner()).unwrap();
@ -2452,15 +2399,14 @@ mod tests {
let options = make_cors_options();
let client = make_client();
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.acme.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get,
));
let request_headers = hyper::header::AccessControlRequestHeaders(
vec![FromStr::from_str("Authorization").unwrap()],
);
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
FromStr::from_str("Authorization").unwrap(),
]);
let request_headers = Header::from(request_headers);
let request = client
@ -2491,15 +2437,14 @@ mod tests {
let client = make_client();
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.acme.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get,
));
let request_headers = hyper::header::AccessControlRequestHeaders(
vec![FromStr::from_str("Authorization").unwrap()],
);
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
FromStr::from_str("Authorization").unwrap(),
]);
let request_headers = Header::from(request_headers);
let request = client
@ -2530,15 +2475,14 @@ mod tests {
let client = make_client();
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.acme.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get,
));
let request_headers = hyper::header::AccessControlRequestHeaders(
vec![FromStr::from_str("Authorization").unwrap()],
);
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
FromStr::from_str("Authorization").unwrap(),
]);
let request_headers = Header::from(request_headers);
let request = client
@ -2564,9 +2508,8 @@ mod tests {
let options = make_cors_options();
let client = make_client();
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.acme.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
let request = client.get("/").header(origin_header);
let response = validate_and_build(&options, request.inner()).expect("to not fail");
@ -2587,9 +2530,8 @@ mod tests {
let client = make_client();
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.acme.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
let request = client.get("/").header(origin_header);
let response = validate_and_build(&options, request.inner()).expect("to not fail");
@ -2610,9 +2552,8 @@ mod tests {
let client = make_client();
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.acme.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
let request = client.get("/").header(origin_header);
let response = validate_and_build(&options, request.inner()).expect("to not fail");

88
tests/fairing.rs
View File

@ -47,15 +47,14 @@ fn smoke_test() {
let client = Client::new(rocket()).unwrap();
// `Options` pre-flight checks
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.acme.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get,
));
let request_headers = hyper::header::AccessControlRequestHeaders(
vec![FromStr::from_str("Authorization").unwrap()],
);
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
FromStr::from_str("Authorization").unwrap(),
]);
let request_headers = Header::from(request_headers);
let req = client
.options("/")
@ -67,9 +66,8 @@ fn smoke_test() {
assert!(response.status().class().is_success());
// "Actual" request
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.acme.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
let authorization = Header::new("Authorization", "let me in");
let req = client.get("/").header(origin_header).header(authorization);
@ -89,15 +87,14 @@ fn smoke_test() {
fn cors_options_check() {
let client = Client::new(rocket()).unwrap();
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.acme.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get,
));
let request_headers = hyper::header::AccessControlRequestHeaders(
vec![FromStr::from_str("Authorization").unwrap()],
);
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
FromStr::from_str("Authorization").unwrap(),
]);
let request_headers = Header::from(request_headers);
let req = client
.options("/")
@ -119,9 +116,8 @@ fn cors_options_check() {
fn cors_get_check() {
let client = Client::new(rocket()).unwrap();
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.acme.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
let authorization = Header::new("Authorization", "let me in");
let req = client.get("/").header(origin_header).header(authorization);
@ -155,15 +151,14 @@ fn cors_get_no_origin() {
fn cors_options_bad_origin() {
let client = Client::new(rocket()).unwrap();
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.bad-origin.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.bad-origin.com").unwrap());
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get,
));
let request_headers = hyper::header::AccessControlRequestHeaders(
vec![FromStr::from_str("Authorization").unwrap()],
);
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
FromStr::from_str("Authorization").unwrap(),
]);
let request_headers = Header::from(request_headers);
let req = client
.options("/")
@ -183,13 +178,14 @@ fn cors_options_missing_origin() {
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get,
));
let request_headers = hyper::header::AccessControlRequestHeaders(
vec![FromStr::from_str("Authorization").unwrap()],
);
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
FromStr::from_str("Authorization").unwrap(),
]);
let request_headers = Header::from(request_headers);
let req = client.options("/").header(method_header).header(
request_headers,
);
let req = client
.options("/")
.header(method_header)
.header(request_headers);
let response = req.dispatch();
assert_eq!(response.status(), Status::NotFound);
@ -206,15 +202,14 @@ fn cors_options_missing_origin() {
fn cors_options_bad_request_method() {
let client = Client::new(rocket()).unwrap();
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.acme.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Post,
));
let request_headers = hyper::header::AccessControlRequestHeaders(
vec![FromStr::from_str("Authorization").unwrap()],
);
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
FromStr::from_str("Authorization").unwrap(),
]);
let request_headers = Header::from(request_headers);
let req = client
.options("/")
@ -236,9 +231,8 @@ fn cors_options_bad_request_method() {
fn cors_options_bad_request_header() {
let client = Client::new(rocket()).unwrap();
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.acme.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get,
));
@ -265,9 +259,8 @@ fn cors_options_bad_request_header() {
fn cors_get_bad_origin() {
let client = Client::new(rocket()).unwrap();
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.bad-origin.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.bad-origin.com").unwrap());
let authorization = Header::new("Authorization", "let me in");
let req = client.get("/").header(origin_header).header(authorization);
@ -288,15 +281,14 @@ fn cors_get_bad_origin() {
fn routes_failing_checks_are_not_executed() {
let client = Client::new(rocket()).unwrap();
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.bad-origin.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.bad-origin.com").unwrap());
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get,
));
let request_headers = hyper::header::AccessControlRequestHeaders(
vec![FromStr::from_str("Authorization").unwrap()],
);
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
FromStr::from_str("Authorization").unwrap(),
]);
let request_headers = Header::from(request_headers);
let req = client
.options("/panic")

105
tests/guard.rs
View File

@ -89,15 +89,14 @@ fn smoke_test() {
let client = Client::new(rocket).unwrap();
// `Options` pre-flight checks
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.acme.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get,
));
let request_headers = hyper::header::AccessControlRequestHeaders(
vec![FromStr::from_str("Authorization").unwrap()],
);
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
FromStr::from_str("Authorization").unwrap(),
]);
let request_headers = Header::from(request_headers);
let req = client
.options("/")
@ -109,9 +108,8 @@ fn smoke_test() {
assert!(response.status().class().is_success());
// "Actual" request
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.acme.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
let authorization = Header::new("Authorization", "let me in");
let req = client.get("/").header(origin_header).header(authorization);
@ -133,15 +131,14 @@ fn cors_options_catch_all_check() {
let rocket = make_rocket();
let client = Client::new(rocket).unwrap();
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.acme.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get,
));
let request_headers = hyper::header::AccessControlRequestHeaders(
vec![FromStr::from_str("Authorization").unwrap()],
);
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
FromStr::from_str("Authorization").unwrap(),
]);
let request_headers = Header::from(request_headers);
let req = client
.options("/")
@ -159,22 +156,20 @@ fn cors_options_catch_all_check() {
assert_eq!("https://www.acme.com", origin_header);
}
/// Check the "catch all" OPTIONS route works for other routes
#[test]
fn cors_options_catch_all_check_other_routes() {
let rocket = make_rocket();
let client = Client::new(rocket).unwrap();
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.acme.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get,
));
let request_headers = hyper::header::AccessControlRequestHeaders(
vec![FromStr::from_str("Authorization").unwrap()],
);
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
FromStr::from_str("Authorization").unwrap(),
]);
let request_headers = Header::from(request_headers);
let req = client
.options("/response/unit")
@ -197,9 +192,8 @@ fn cors_get_check() {
let rocket = make_rocket();
let client = Client::new(rocket).unwrap();
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.acme.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
let authorization = Header::new("Authorization", "let me in");
let req = client.get("/").header(origin_header).header(authorization);
@ -241,15 +235,14 @@ fn cors_options_bad_origin() {
let rocket = make_rocket();
let client = Client::new(rocket).unwrap();
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.bad-origin.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.bad-origin.com").unwrap());
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get,
));
let request_headers = hyper::header::AccessControlRequestHeaders(
vec![FromStr::from_str("Authorization").unwrap()],
);
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
FromStr::from_str("Authorization").unwrap(),
]);
let request_headers = Header::from(request_headers);
let req = client
.options("/")
@ -275,13 +268,14 @@ fn cors_options_missing_origin() {
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get,
));
let request_headers = hyper::header::AccessControlRequestHeaders(
vec![FromStr::from_str("Authorization").unwrap()],
);
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
FromStr::from_str("Authorization").unwrap(),
]);
let request_headers = Header::from(request_headers);
let req = client.options("/").header(method_header).header(
request_headers,
);
let req = client
.options("/")
.header(method_header)
.header(request_headers);
let response = req.dispatch();
assert!(response.status().class().is_success());
@ -298,15 +292,14 @@ fn cors_options_bad_request_method() {
let rocket = make_rocket();
let client = Client::new(rocket).unwrap();
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.acme.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Post,
));
let request_headers = hyper::header::AccessControlRequestHeaders(
vec![FromStr::from_str("Authorization").unwrap()],
);
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
FromStr::from_str("Authorization").unwrap(),
]);
let request_headers = Header::from(request_headers);
let req = client
.options("/")
@ -329,9 +322,8 @@ fn cors_options_bad_request_header() {
let rocket = make_rocket();
let client = Client::new(rocket).unwrap();
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.acme.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get,
));
@ -359,9 +351,8 @@ fn cors_get_bad_origin() {
let rocket = make_rocket();
let client = Client::new(rocket).unwrap();
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.bad-origin.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.bad-origin.com").unwrap());
let authorization = Header::new("Authorization", "let me in");
let req = client.get("/").header(origin_header).header(authorization);
@ -383,9 +374,8 @@ fn routes_failing_checks_are_not_executed() {
let rocket = make_rocket();
let client = Client::new(rocket).unwrap();
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.bad-origin.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.bad-origin.com").unwrap());
let authorization = Header::new("Authorization", "let me in");
let req = client.get("/").header(origin_header).header(authorization);
@ -406,15 +396,14 @@ fn overridden_options_routes_are_used() {
let rocket = make_rocket();
let client = Client::new(rocket).unwrap();
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.acme.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get,
));
let request_headers = hyper::header::AccessControlRequestHeaders(
vec![FromStr::from_str("Authorization").unwrap()],
);
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
FromStr::from_str("Authorization").unwrap(),
]);
let request_headers = Header::from(request_headers);
let req = client
.options("/manual")

12
tests/headers.rs
View File

@ -34,9 +34,8 @@ fn request_headers_round_trip_smoke_test() {
let rocket = rocket::ignite().mount("/", routes![request_headers]);
let client = Client::new(rocket).expect("A valid Rocket client");
let origin_header = Header::from(
hyper::header::Origin::from_str("https://foo.bar.xyz").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://foo.bar.xyz").unwrap());
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get,
));
@ -53,9 +52,10 @@ fn request_headers_round_trip_smoke_test() {
let mut response = req.dispatch();
assert!(response.status().class().is_success());
let body_str = response.body().and_then(|body| body.into_string()).expect(
"Non-empty body",
);
let body_str = response
.body()
.and_then(|body| body.into_string())
.expect("Non-empty body");
let expected_body = r#"https://foo.bar.xyz/
GET
X-Ping, accept-language"#;

123
tests/manual.rs
View File

@ -18,9 +18,9 @@ use rocket_cors::*;
/// Using a borrowed `Cors`
#[get("/")]
fn cors<'r>(options: State<'r, Cors>) -> impl Responder<'r> {
options.inner().respond_borrowed(
|guard| guard.responder("Hello CORS"),
)
options
.inner()
.respond_borrowed(|guard| guard.responder("Hello CORS"))
}
#[get("/panic")]
@ -52,9 +52,9 @@ fn owned<'r>() -> impl Responder<'r> {
#[allow(unmounted_route)]
#[get("/")]
fn responder_string<'r>(options: State<'r, Cors>) -> impl Responder<'r> {
options.inner().respond_borrowed(|guard| {
guard.responder("Hello CORS".to_string())
})
options
.inner()
.respond_borrowed(|guard| guard.responder("Hello CORS".to_string()))
}
struct TestState;
@ -108,15 +108,14 @@ fn smoke_test() {
let client = Client::new(rocket()).unwrap();
// `Options` pre-flight checks
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.acme.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get,
));
let request_headers = hyper::header::AccessControlRequestHeaders(
vec![FromStr::from_str("Authorization").unwrap()],
);
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
FromStr::from_str("Authorization").unwrap(),
]);
let request_headers = Header::from(request_headers);
let req = client
.options("/")
@ -128,9 +127,8 @@ fn smoke_test() {
assert!(response.status().class().is_success());
// "Actual" request
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.acme.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
let authorization = Header::new("Authorization", "let me in");
let req = client.get("/").header(origin_header).header(authorization);
@ -150,15 +148,14 @@ fn smoke_test() {
fn cors_options_borrowed_check() {
let client = Client::new(rocket()).unwrap();
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.acme.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get,
));
let request_headers = hyper::header::AccessControlRequestHeaders(
vec![FromStr::from_str("Authorization").unwrap()],
);
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
FromStr::from_str("Authorization").unwrap(),
]);
let request_headers = Header::from(request_headers);
let req = client
.options("/")
@ -180,9 +177,8 @@ fn cors_options_borrowed_check() {
fn cors_get_borrowed_check() {
let client = Client::new(rocket()).unwrap();
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.acme.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
let authorization = Header::new("Authorization", "let me in");
let req = client.get("/").header(origin_header).header(authorization);
@ -216,15 +212,14 @@ fn cors_get_no_origin() {
fn cors_options_bad_origin() {
let client = Client::new(rocket()).unwrap();
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.bad-origin.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.bad-origin.com").unwrap());
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get,
));
let request_headers = hyper::header::AccessControlRequestHeaders(
vec![FromStr::from_str("Authorization").unwrap()],
);
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
FromStr::from_str("Authorization").unwrap(),
]);
let request_headers = Header::from(request_headers);
let req = client
.options("/")
@ -243,13 +238,14 @@ fn cors_options_missing_origin() {
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get,
));
let request_headers = hyper::header::AccessControlRequestHeaders(
vec![FromStr::from_str("Authorization").unwrap()],
);
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
FromStr::from_str("Authorization").unwrap(),
]);
let request_headers = Header::from(request_headers);
let req = client.options("/").header(method_header).header(
request_headers,
);
let req = client
.options("/")
.header(method_header)
.header(request_headers);
let response = req.dispatch();
assert!(response.status().class().is_success());
@ -265,15 +261,14 @@ fn cors_options_missing_origin() {
fn cors_options_bad_request_method() {
let client = Client::new(rocket()).unwrap();
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.acme.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Post,
));
let request_headers = hyper::header::AccessControlRequestHeaders(
vec![FromStr::from_str("Authorization").unwrap()],
);
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
FromStr::from_str("Authorization").unwrap(),
]);
let request_headers = Header::from(request_headers);
let req = client
.options("/")
@ -295,9 +290,8 @@ fn cors_options_bad_request_method() {
fn cors_options_bad_request_header() {
let client = Client::new(rocket()).unwrap();
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.acme.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get,
));
@ -324,9 +318,8 @@ fn cors_options_bad_request_header() {
fn cors_get_bad_origin() {
let client = Client::new(rocket()).unwrap();
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.bad-origin.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.bad-origin.com").unwrap());
let authorization = Header::new("Authorization", "let me in");
let req = client.get("/").header(origin_header).header(authorization);
@ -347,15 +340,14 @@ fn cors_get_bad_origin() {
fn routes_failing_checks_are_not_executed() {
let client = Client::new(rocket()).unwrap();
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.bad-origin.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.bad-origin.com").unwrap());
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get,
));
let request_headers = hyper::header::AccessControlRequestHeaders(
vec![FromStr::from_str("Authorization").unwrap()],
);
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
FromStr::from_str("Authorization").unwrap(),
]);
let request_headers = Header::from(request_headers);
let req = client
.options("/panic")
@ -379,15 +371,14 @@ fn cors_options_owned_check() {
let rocket = rocket();
let client = Client::new(rocket).unwrap();
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.example.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.example.com").unwrap());
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get,
));
let request_headers = hyper::header::AccessControlRequestHeaders(
vec![FromStr::from_str("Authorization").unwrap()],
);
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
FromStr::from_str("Authorization").unwrap(),
]);
let request_headers = Header::from(request_headers);
let req = client
.options("/owned")
@ -412,13 +403,13 @@ fn cors_options_owned_check() {
fn cors_get_owned_check() {
let client = Client::new(rocket()).unwrap();
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.example.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.example.com").unwrap());
let authorization = Header::new("Authorization", "let me in");
let req = client.get("/owned").header(origin_header).header(
authorization,
);
let req = client
.get("/owned")
.header(origin_header)
.header(authorization);
let mut response = req.dispatch();
assert!(response.status().class().is_success());

98
tests/mix.rs
View File

@ -11,11 +11,11 @@ extern crate rocket_cors;
use std::str::FromStr;
use rocket::http::{Method, Header, Status};
use rocket::http::{Header, Method, Status};
use rocket::local::Client;
use rocket::response::Responder;
use rocket_cors::{Cors, Guard, AllowedOrigins, AllowedHeaders};
use rocket_cors::{AllowedHeaders, AllowedOrigins, Cors, Guard};
/// The "usual" app route
#[get("/")]
@ -82,15 +82,14 @@ fn smoke_test() {
let client = Client::new(rocket()).unwrap();
// `Options` pre-flight checks
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.acme.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get,
));
let request_headers = hyper::header::AccessControlRequestHeaders(
vec![FromStr::from_str("Authorization").unwrap()],
);
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
FromStr::from_str("Authorization").unwrap(),
]);
let request_headers = Header::from(request_headers);
let req = client
.options("/")
@ -102,9 +101,8 @@ fn smoke_test() {
assert!(response.status().class().is_success());
// "Actual" request
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.acme.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
let authorization = Header::new("Authorization", "let me in");
let req = client.get("/").header(origin_header).header(authorization);
@ -124,15 +122,14 @@ fn smoke_test() {
fn cors_options_check() {
let client = Client::new(rocket()).unwrap();
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.acme.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get,
));
let request_headers = hyper::header::AccessControlRequestHeaders(
vec![FromStr::from_str("Authorization").unwrap()],
);
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
FromStr::from_str("Authorization").unwrap(),
]);
let request_headers = Header::from(request_headers);
let req = client
.options("/")
@ -154,9 +151,8 @@ fn cors_options_check() {
fn cors_get_check() {
let client = Client::new(rocket()).unwrap();
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.acme.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
let authorization = Header::new("Authorization", "let me in");
let req = client.get("/").header(origin_header).header(authorization);
@ -190,15 +186,14 @@ fn cors_get_no_origin() {
fn cors_options_bad_origin() {
let client = Client::new(rocket()).unwrap();
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.bad-origin.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.bad-origin.com").unwrap());
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get,
));
let request_headers = hyper::header::AccessControlRequestHeaders(
vec![FromStr::from_str("Authorization").unwrap()],
);
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
FromStr::from_str("Authorization").unwrap(),
]);
let request_headers = Header::from(request_headers);
let req = client
.options("/")
@ -217,13 +212,14 @@ fn cors_options_missing_origin() {
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get,
));
let request_headers = hyper::header::AccessControlRequestHeaders(
vec![FromStr::from_str("Authorization").unwrap()],
);
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
FromStr::from_str("Authorization").unwrap(),
]);
let request_headers = Header::from(request_headers);
let req = client.options("/").header(method_header).header(
request_headers,
);
let req = client
.options("/")
.header(method_header)
.header(request_headers);
let response = req.dispatch();
assert!(response.status().class().is_success());
@ -239,15 +235,14 @@ fn cors_options_missing_origin() {
fn cors_options_bad_request_method() {
let client = Client::new(rocket()).unwrap();
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.acme.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Post,
));
let request_headers = hyper::header::AccessControlRequestHeaders(
vec![FromStr::from_str("Authorization").unwrap()],
);
let request_headers = hyper::header::AccessControlRequestHeaders(vec![
FromStr::from_str("Authorization").unwrap(),
]);
let request_headers = Header::from(request_headers);
let req = client
.options("/")
@ -269,9 +264,8 @@ fn cors_options_bad_request_method() {
fn cors_options_bad_request_header() {
let client = Client::new(rocket()).unwrap();
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.acme.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get,
));
@ -298,9 +292,8 @@ fn cors_options_bad_request_header() {
fn cors_get_bad_origin() {
let client = Client::new(rocket()).unwrap();
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.bad-origin.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.bad-origin.com").unwrap());
let authorization = Header::new("Authorization", "let me in");
let req = client.get("/").header(origin_header).header(authorization);
@ -319,16 +312,16 @@ fn cors_get_bad_origin() {
fn cors_options_ping_check() {
let client = Client::new(rocket()).unwrap();
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.example.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.example.com").unwrap());
let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get,
));
let req = client.options("/ping").header(origin_header).header(
method_header,
);
let req = client
.options("/ping")
.header(origin_header)
.header(method_header);
let response = req.dispatch();
assert!(response.status().class().is_success());
@ -345,9 +338,8 @@ fn cors_options_ping_check() {
fn cors_get_ping_check() {
let client = Client::new(rocket()).unwrap();
let origin_header = Header::from(
hyper::header::Origin::from_str("https://www.example.com").unwrap(),
);
let origin_header =
Header::from(hyper::header::Origin::from_str("https://www.example.com").unwrap());
let req = client.get("/ping").header(origin_header);