projectmoon
/
rocket_cors
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Rustfmt fix 

- Bump to 0.2.2
 - Add Travis cargo cache
This commit is contained in:
Yong Wen Chua 2018-02-14 13:22:43 +08:00
parent 456248eabf
commit ff1deabf55
16 changed files with 345 additions and 452 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.travis.yml
View File

@ -4,6 +4,7 @@ rust:
- nightly - nightly
# Minimum Rust set by Rocket # Minimum Rust set by Rocket
- nightly-2018-01-13 - nightly-2018-01-13
cache: cargo
env: env:
global: global:
- TRAVIS_CARGO_NIGHTLY_FEATURE="" - TRAVIS_CARGO_NIGHTLY_FEATURE=""

2
Cargo.toml
View File

@ -1,6 +1,6 @@
[package] [package]
name = "rocket_cors" name = "rocket_cors"
version = "0.2.1" version = "0.2.2"
license = "Apache-2.0" license = "Apache-2.0"
authors = ["Yong Wen Chua <me@yongwen.xyz>"] authors = ["Yong Wen Chua <me@yongwen.xyz>"]
description = "Cross-origin resource sharing (CORS) for Rocket.rs applications" description = "Cross-origin resource sharing (CORS) for Rocket.rs applications"

2
README.md
View File

@ -29,7 +29,7 @@ work, but they are subject to the minimum that Rocket sets.
Add the following to Cargo.toml: Add the following to Cargo.toml:
```toml ```toml
rocket_cors = "0.2.1" rocket_cors = "0.2.2"
``` ```
To use the latest `master` branch, for example: To use the latest `master` branch, for example:

2
examples/fairing.rs
View File

@ -4,7 +4,7 @@ extern crate rocket;
extern crate rocket_cors; extern crate rocket_cors;
use rocket::http::Method; use rocket::http::Method;
use rocket_cors::{AllowedOrigins, AllowedHeaders}; use rocket_cors::{AllowedHeaders, AllowedOrigins};
#[get("/")] #[get("/")]
fn cors<'a>() -> &'a str { fn cors<'a>() -> &'a str {

2
examples/guard.rs
View File

@ -7,7 +7,7 @@ use std::io::Cursor;
use rocket::Response; use rocket::Response;
use rocket::http::Method; use rocket::http::Method;
use rocket_cors::{Guard, AllowedOrigins, AllowedHeaders, Responder}; use rocket_cors::{AllowedHeaders, AllowedOrigins, Guard, Responder};
/// Using a `Responder` -- the usual way you would use this /// Using a `Responder` -- the usual way you would use this
#[get("/")] #[get("/")]

2
examples/json.rs
View File

@ -6,7 +6,7 @@ extern crate rocket_cors as cors;
extern crate serde_json; extern crate serde_json;
use rocket::http::Method; use rocket::http::Method;
use cors::{Cors, AllowedOrigins, AllowedHeaders}; use cors::{AllowedHeaders, AllowedOrigins, Cors};
fn main() { fn main() {
// The default demonstrates the "All" serialization of several of the settings // The default demonstrates the "All" serialization of several of the settings

16
examples/manual.rs
View File

@ -5,17 +5,17 @@ extern crate rocket_cors;
use std::io::Cursor; use std::io::Cursor;
use rocket::{State, Response}; use rocket::{Response, State};
use rocket::http::Method; use rocket::http::Method;
use rocket::response::Responder; use rocket::response::Responder;
use rocket_cors::{Cors, AllowedOrigins, AllowedHeaders}; use rocket_cors::{AllowedHeaders, AllowedOrigins, Cors};
/// Using a borrowed Cors /// Using a borrowed Cors
#[get("/")] #[get("/")]
fn borrowed<'r>(options: State<'r, Cors>) -> impl Responder<'r> { fn borrowed<'r>(options: State<'r, Cors>) -> impl Responder<'r> {
options.inner().respond_borrowed( options
|guard| guard.responder("Hello CORS"), .inner()
) .respond_borrowed(|guard| guard.responder("Hello CORS"))
} }
/// Using a `Response` instead of a `Responder`. You generally won't have to do this. /// Using a `Response` instead of a `Responder`. You generally won't have to do this.
@ -24,9 +24,9 @@ fn response<'r>(options: State<'r, Cors>) -> impl Responder<'r> {
let mut response = Response::new(); let mut response = Response::new();
response.set_sized_body(Cursor::new("Hello CORS!")); response.set_sized_body(Cursor::new("Hello CORS!"));
options.inner().respond_borrowed( options
move |guard| guard.response(response), .inner()
) .respond_borrowed(move |guard| guard.response(response))
} }
/// Create and use an ad-hoc Cors /// Create and use an ad-hoc Cors

2
examples/mix.rs
View File

@ -10,7 +10,7 @@ extern crate rocket_cors;
use rocket::http::Method; use rocket::http::Method;
use rocket::response::Responder; use rocket::response::Responder;
use rocket_cors::{Cors, Guard, AllowedOrigins, AllowedHeaders}; use rocket_cors::{AllowedHeaders, AllowedOrigins, Cors, Guard};
/// The "usual" app route /// The "usual" app route
#[get("/")] #[get("/")]

33
src/fairing.rs
View File

@ -1,10 +1,10 @@
//! Fairing implementation //! Fairing implementation
use std::str::FromStr; use std::str::FromStr;
use rocket::{self, Request, Outcome}; use rocket::{self, Outcome, Request};
use rocket::http::{self, Status, Header}; use rocket::http::{self, Header, Status};
use {Cors, Error, validate, preflight_response, actual_request_response, origin, request_headers}; use {actual_request_response, origin, preflight_response, request_headers, validate, Cors, Error};
/// An injected header to quickly give the result of CORS /// An injected header to quickly give the result of CORS
static CORS_HEADER: &str = "ROCKET-CORS"; static CORS_HEADER: &str = "ROCKET-CORS";
@ -82,9 +82,10 @@ fn on_response_wrapper(
}; };
// Get validation result from injected header // Get validation result from injected header
let injected_header = request.headers().get_one(CORS_HEADER).ok_or_else(|| { let injected_header = request
Error::MissingInjectedHeader .headers()
})?; .get_one(CORS_HEADER)
.ok_or_else(|| Error::MissingInjectedHeader)?;
let result = InjectedHeader::from_str(injected_header)?; let result = InjectedHeader::from_str(injected_header)?;
if let InjectedHeader::Failure = result { if let InjectedHeader::Failure = result {
@ -107,9 +108,7 @@ fn on_response_wrapper(
// //
// TODO: Is there anyway we can make this smarter? Only modify status codes for // TODO: Is there anyway we can make this smarter? Only modify status codes for
// requests where an actual route exist? // requests where an actual route exist?
if request.method() == http::Method::Options && if request.method() == http::Method::Options && request.route().is_none() {
request.route().is_none()
{
info_!( info_!(
"CORS Fairing: Turned missing route {} into an OPTIONS pre-flight request", "CORS Fairing: Turned missing route {} into an OPTIONS pre-flight request",
request request
@ -124,16 +123,14 @@ impl rocket::fairing::Fairing for Cors {
fn info(&self) -> rocket::fairing::Info { fn info(&self) -> rocket::fairing::Info {
rocket::fairing::Info { rocket::fairing::Info {
name: "CORS", name: "CORS",
kind: rocket::fairing::Kind::Attach | rocket::fairing::Kind::Request | kind: rocket::fairing::Kind::Attach | rocket::fairing::Kind::Request
rocket::fairing::Kind::Response, | rocket::fairing::Kind::Response,
} }
} }
fn on_attach(&self, rocket: rocket::Rocket) -> Result<rocket::Rocket, rocket::Rocket> { fn on_attach(&self, rocket: rocket::Rocket) -> Result<rocket::Rocket, rocket::Rocket> {
match self.validate() { match self.validate() {
Ok(()) => { Ok(()) => Ok(rocket.mount(&self.fairing_route_base, vec![fairing_route()])),
Ok(rocket.mount(&self.fairing_route_base, vec![fairing_route()]))
}
Err(e) => { Err(e) => {
error_!("Error attaching CORS fairing: {}", e); error_!("Error attaching CORS fairing: {}", e);
Err(rocket) Err(rocket)
@ -170,7 +167,7 @@ mod tests {
use rocket::http::{Method, Status}; use rocket::http::{Method, Status};
use rocket::local::Client; use rocket::local::Client;
use {Cors, AllOrSome, AllowedOrigins, AllowedHeaders}; use {AllOrSome, AllowedHeaders, AllowedOrigins, Cors};
const CORS_ROOT: &'static str = "/my_cors"; const CORS_ROOT: &'static str = "/my_cors";
@ -214,9 +211,9 @@ mod tests {
let rocket = rocket(make_cors_options()); let rocket = rocket(make_cors_options());
let expected_uri = format!("{}/<status>", CORS_ROOT); let expected_uri = format!("{}/<status>", CORS_ROOT);
let error_route = rocket.routes().find(|r| { let error_route = rocket
r.method == Method::Get && r.uri.as_str() == expected_uri .routes()
}); .find(|r| r.method == Method::Get && r.uri.as_str() == expected_uri);
assert!(error_route.is_some()); assert!(error_route.is_some());
} }

40
src/headers.rs
View File

@ -20,8 +20,7 @@ use url_serde;
#[derive(Eq, PartialEq, Clone, Debug, Hash)] #[derive(Eq, PartialEq, Clone, Debug, Hash)]
#[cfg_attr(feature = "serialization", derive(Serialize, Deserialize))] #[cfg_attr(feature = "serialization", derive(Serialize, Deserialize))]
pub struct HeaderFieldName( pub struct HeaderFieldName(
#[cfg_attr(feature = "serialization", serde(with = "unicase_serde::unicase"))] #[cfg_attr(feature = "serialization", serde(with = "unicase_serde::unicase"))] UniCase<String>,
UniCase<String>
); );
impl Deref for HeaderFieldName { impl Deref for HeaderFieldName {
@ -64,10 +63,7 @@ pub type HeaderFieldNamesSet = HashSet<HeaderFieldName>;
/// A wrapped `url::Url` to allow for deserialization /// A wrapped `url::Url` to allow for deserialization
#[derive(Eq, PartialEq, Clone, Hash, Debug)] #[derive(Eq, PartialEq, Clone, Hash, Debug)]
#[cfg_attr(feature = "serialization", derive(Serialize, Deserialize))] #[cfg_attr(feature = "serialization", derive(Serialize, Deserialize))]
pub struct Url( pub struct Url(#[cfg_attr(feature = "serialization", serde(with = "url_serde"))] url::Url);
#[cfg_attr(feature = "serialization", serde(with = "url_serde"))]
url::Url
);
impl fmt::Display for Url { impl fmt::Display for Url {
fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result { fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
@ -97,12 +93,10 @@ impl<'a, 'r> FromRequest<'a, 'r> for Url {
fn from_request(request: &'a rocket::Request<'r>) -> request::Outcome<Self, ::Error> { fn from_request(request: &'a rocket::Request<'r>) -> request::Outcome<Self, ::Error> {
match request.headers().get_one("Origin") { match request.headers().get_one("Origin") {
Some(origin) => { Some(origin) => match Self::from_str(origin) {
match Self::from_str(origin) { Ok(origin) => Outcome::Success(origin),
Ok(origin) => Outcome::Success(origin), Err(e) => Outcome::Failure((Status::BadRequest, ::Error::BadOrigin(e))),
Err(e) => Outcome::Failure((Status::BadRequest, ::Error::BadOrigin(e))), },
}
}
None => Outcome::Forward(()), None => Outcome::Forward(()),
} }
} }
@ -134,12 +128,10 @@ impl<'a, 'r> FromRequest<'a, 'r> for AccessControlRequestMethod {
fn from_request(request: &'a rocket::Request<'r>) -> request::Outcome<Self, ::Error> { fn from_request(request: &'a rocket::Request<'r>) -> request::Outcome<Self, ::Error> {
match request.headers().get_one("Access-Control-Request-Method") { match request.headers().get_one("Access-Control-Request-Method") {
Some(request_method) => { Some(request_method) => match Self::from_str(request_method) {
match Self::from_str(request_method) { Ok(request_method) => Outcome::Success(request_method),
Ok(request_method) => Outcome::Success(request_method), Err(e) => Outcome::Failure((Status::BadRequest, ::Error::BadRequestMethod(e))),
Err(e) => Outcome::Failure((Status::BadRequest, ::Error::BadRequestMethod(e))), },
}
}
None => Outcome::Forward(()), None => Outcome::Forward(()),
} }
} }
@ -175,14 +167,12 @@ impl<'a, 'r> FromRequest<'a, 'r> for AccessControlRequestHeaders {
fn from_request(request: &'a rocket::Request<'r>) -> request::Outcome<Self, ::Error> { fn from_request(request: &'a rocket::Request<'r>) -> request::Outcome<Self, ::Error> {
match request.headers().get_one("Access-Control-Request-Headers") { match request.headers().get_one("Access-Control-Request-Headers") {
Some(request_headers) => { Some(request_headers) => match Self::from_str(request_headers) {
match Self::from_str(request_headers) { Ok(request_headers) => Outcome::Success(request_headers),
Ok(request_headers) => Outcome::Success(request_headers), Err(()) => {
Err(()) => { unreachable!("`AccessControlRequestHeaders::from_str` should never fail")
unreachable!("`AccessControlRequestHeaders::from_str` should never fail")
}
} }
} },
None => Outcome::Forward(()), None => Outcome::Forward(()),
} }
} }

269
src/lib.rs
View File

@ -27,7 +27,7 @@
//! Add the following to Cargo.toml: //! Add the following to Cargo.toml:
//! //!
//! ```toml //! ```toml
//! rocket_cors = "0.2.1" //! rocket_cors = "0.2.2"
//! ``` //! ```
//! //!
//! To use the latest `master` branch, for example: //! To use the latest `master` branch, for example:
@ -43,7 +43,7 @@
//! your `Cargo.toml` to: //! your `Cargo.toml` to:
//! //!
//! ```toml //! ```toml
//! rocket_cors = { version = "0.2.1", default-features = false } //! rocket_cors = { version = "0.2.2", default-features = false }
//! ``` //! ```
//! //!
//! ## Usage //! ## Usage
@ -473,56 +473,18 @@
//! //!
//! ``` //! ```
#![allow( #![allow(legacy_directory_ownership, missing_copy_implementations, missing_debug_implementations,
legacy_directory_ownership, unknown_lints, unsafe_code)]
missing_copy_implementations, #![deny(const_err, dead_code, deprecated, exceeding_bitshifts, improper_ctypes, missing_docs,
missing_debug_implementations, mutable_transmutes, no_mangle_const_items, non_camel_case_types,
unknown_lints, non_shorthand_field_patterns, non_upper_case_globals, overflowing_literals,
unsafe_code, path_statements, plugin_as_library, private_no_mangle_fns, private_no_mangle_statics,
)] stable_features, trivial_casts, trivial_numeric_casts, unconditional_recursion,
#![deny( unknown_crate_types, unreachable_code, unused_allocation, unused_assignments,
const_err, unused_attributes, unused_comparisons, unused_extern_crates, unused_features,
dead_code, unused_imports, unused_import_braces, unused_qualifications, unused_must_use, unused_mut,
deprecated, unused_parens, unused_results, unused_unsafe, unused_variables, variant_size_differences,
exceeding_bitshifts, warnings, while_true)]
improper_ctypes,
missing_docs,
mutable_transmutes,
no_mangle_const_items,
non_camel_case_types,
non_shorthand_field_patterns,
non_upper_case_globals,
overflowing_literals,
path_statements,
plugin_as_library,
private_no_mangle_fns,
private_no_mangle_statics,
stable_features,
trivial_casts,
trivial_numeric_casts,
unconditional_recursion,
unknown_crate_types,
unreachable_code,
unused_allocation,
unused_assignments,
unused_attributes,
unused_comparisons,
unused_extern_crates,
unused_features,
unused_imports,
unused_import_braces,
unused_qualifications,
unused_must_use,
unused_mut,
unused_parens,
unused_results,
unused_unsafe,
unused_variables,
variant_size_differences,
warnings,
while_true,
)]
#![cfg_attr(test, feature(plugin))] #![cfg_attr(test, feature(plugin))]
#![cfg_attr(test, plugin(rocket_codegen))] #![cfg_attr(test, plugin(rocket_codegen))]
#![doc(test(attr(allow(unused_variables), deny(warnings))))] #![doc(test(attr(allow(unused_variables), deny(warnings))))]
@ -548,10 +510,10 @@ extern crate url_serde;
extern crate hyper; extern crate hyper;
#[cfg(feature = "serialization")] #[cfg(feature = "serialization")]
#[cfg(test)] #[cfg(test)]
extern crate serde_test; extern crate serde_json;
#[cfg(feature = "serialization")] #[cfg(feature = "serialization")]
#[cfg(test)] #[cfg(test)]
extern crate serde_json; extern crate serde_test;
#[cfg(test)] #[cfg(test)]
#[macro_use] #[macro_use]
@ -561,7 +523,7 @@ mod fairing;
pub mod headers; pub mod headers;
use std::borrow::Cow; use std::borrow::Cow;
use std::collections::{HashSet, HashMap}; use std::collections::{HashMap, HashSet};
use std::error; use std::error;
use std::fmt; use std::fmt;
use std::marker::PhantomData; use std::marker::PhantomData;
@ -570,11 +532,11 @@ use std::str::FromStr;
use rocket::{Outcome, State}; use rocket::{Outcome, State};
use rocket::http::{self, Status}; use rocket::http::{self, Status};
use rocket::request::{Request, FromRequest}; use rocket::request::{FromRequest, Request};
use rocket::response; use rocket::response;
use headers::{HeaderFieldName, HeaderFieldNamesSet, Origin, AccessControlRequestHeaders, use headers::{AccessControlRequestHeaders, AccessControlRequestMethod, HeaderFieldName,
AccessControlRequestMethod, Url}; HeaderFieldNamesSet, Origin, Url};
/// Errors during operations /// Errors during operations
/// ///
@ -620,12 +582,14 @@ pub enum Error {
impl Error { impl Error {
fn status(&self) -> Status { fn status(&self) -> Status {
match *self { match *self {
Error::MissingOrigin | Error::OriginNotAllowed | Error::MethodNotAllowed | Error::MissingOrigin
Error::HeadersNotAllowed => Status::Forbidden, | Error::OriginNotAllowed
Error::CredentialsWithWildcardOrigin | | Error::MethodNotAllowed
Error::MissingCorsInRocketState | | Error::HeadersNotAllowed => Status::Forbidden,
Error::MissingInjectedHeader | Error::CredentialsWithWildcardOrigin
Error::UnknownInjectedHeader => Status::InternalServerError, | Error::MissingCorsInRocketState
| Error::MissingInjectedHeader
| Error::UnknownInjectedHeader => Status::InternalServerError,
_ => Status::BadRequest, _ => Status::BadRequest,
} }
} }
@ -645,7 +609,7 @@ impl error::Error for Error {
} }
Error::MissingRequestHeaders => { Error::MissingRequestHeaders => {
"The request header `Access-Control-Request-Headers` \ "The request header `Access-Control-Request-Headers` \
is required but is missing" is required but is missing"
} }
Error::OriginNotAllowed => "Origin is not allowed to request", Error::OriginNotAllowed => "Origin is not allowed to request",
Error::MethodNotAllowed => "Method is not allowed", Error::MethodNotAllowed => "Method is not allowed",
@ -778,7 +742,7 @@ mod method_serde {
use std::fmt; use std::fmt;
use std::str::FromStr; use std::str::FromStr;
use serde::{self, Serialize, Deserialize}; use serde::{self, Deserialize, Serialize};
use Method; use Method;
@ -1158,7 +1122,6 @@ impl Cors {
} }
} }
/// A CORS Response which provides the following CORS headers: /// A CORS Response which provides the following CORS headers:
/// ///
/// - `Access-Control-Allow-Origin` /// - `Access-Control-Allow-Origin`
@ -1340,7 +1303,6 @@ impl Response {
} }
} }
/// A [request guard](https://rocket.rs/guide/requests/#request-guards) to check CORS headers /// A [request guard](https://rocket.rs/guide/requests/#request-guards) to check CORS headers
/// before a route is run. Will not execute the route if checks fail. /// before a route is run. Will not execute the route if checks fail.
/// ///
@ -1559,12 +1521,10 @@ fn validate_origin(
match *allowed_origins { match *allowed_origins {
// Always matching is acceptable since the list of origins can be unbounded. // Always matching is acceptable since the list of origins can be unbounded.
AllOrSome::All => Ok(()), AllOrSome::All => Ok(()),
AllOrSome::Some(ref allowed_origins) => { AllOrSome::Some(ref allowed_origins) => allowed_origins
allowed_origins .get(origin)
.get(origin) .and_then(|_| Some(()))
.and_then(|_| Some(())) .ok_or_else(|| Error::OriginNotAllowed),
.ok_or_else(|| Error::OriginNotAllowed)
}
} }
} }
@ -1637,7 +1597,6 @@ fn preflight_validate(
method: &Option<AccessControlRequestMethod>, method: &Option<AccessControlRequestMethod>,
headers: &Option<AccessControlRequestHeaders>, headers: &Option<AccessControlRequestHeaders>,
) -> Result<(), Error> { ) -> Result<(), Error> {
options.validate()?; // Fast-forward check for #7 options.validate()?; // Fast-forward check for #7
// Note: All header parse failures are dealt with in the `FromRequest` trait implementation // Note: All header parse failures are dealt with in the `FromRequest` trait implementation
@ -1828,13 +1787,13 @@ pub fn catch_all_options_routes() -> Vec<rocket::Route> {
isize::max_value(), isize::max_value(),
http::Method::Options, http::Method::Options,
"/", "/",
catch_all_options_route_handler catch_all_options_route_handler,
), ),
rocket::Route::ranked( rocket::Route::ranked(
isize::max_value(), isize::max_value(),
http::Method::Options, http::Method::Options,
"/<catch_all_options_route..>", "/<catch_all_options_route..>",
catch_all_options_route_handler catch_all_options_route_handler,
), ),
] ]
} }
@ -1844,7 +1803,6 @@ fn catch_all_options_route_handler<'r>(
request: &'r Request, request: &'r Request,
_: rocket::Data, _: rocket::Data,
) -> rocket::handler::Outcome<'r> { ) -> rocket::handler::Outcome<'r> {
let guard: Guard = match request.guard() { let guard: Guard = match request.guard() {
Outcome::Success(guard) => guard, Outcome::Success(guard) => guard,
Outcome::Failure((status, _)) => return rocket::handler::Outcome::failure(status), Outcome::Failure((status, _)) => return rocket::handler::Outcome::failure(status),
@ -2099,7 +2057,6 @@ mod tests {
.collect(), .collect(),
), ),
).unwrap(); ).unwrap();
} }
#[test] #[test]
@ -2149,8 +2106,6 @@ mod tests {
.next() .next()
.is_none() .is_none()
); );
} }
#[derive(Debug, PartialEq)] #[derive(Debug, PartialEq)]
@ -2162,9 +2117,11 @@ mod tests {
#[cfg(feature = "serialization")] #[cfg(feature = "serialization")]
#[test] #[test]
fn method_serde_roundtrip() { fn method_serde_roundtrip() {
use serde_test::{Token, assert_tokens}; use serde_test::{assert_tokens, Token};
let test = MethodTest { method: From::from(http::Method::Get) }; let test = MethodTest {
method: From::from(http::Method::Get),
};
assert_tokens( assert_tokens(
&test, &test,
@ -2185,15 +2142,14 @@ mod tests {
let options = make_cors_options(); let options = make_cors_options();
let client = make_client(); let client = make_client();
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.acme.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
);
let method_header = Header::from(hyper::header::AccessControlRequestMethod( let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get, hyper::method::Method::Get,
)); ));
let request_headers = hyper::header::AccessControlRequestHeaders( let request_headers = hyper::header::AccessControlRequestHeaders(vec![
vec![FromStr::from_str("Authorization").unwrap()], FromStr::from_str("Authorization").unwrap(),
); ]);
let request_headers = Header::from(request_headers); let request_headers = Header::from(request_headers);
let request = client let request = client
@ -2219,15 +2175,14 @@ mod tests {
let options = make_invalid_options(); let options = make_invalid_options();
let client = make_client(); let client = make_client();
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.acme.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
);
let method_header = Header::from(hyper::header::AccessControlRequestMethod( let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get, hyper::method::Method::Get,
)); ));
let request_headers = hyper::header::AccessControlRequestHeaders( let request_headers = hyper::header::AccessControlRequestHeaders(vec![
vec![FromStr::from_str("Authorization").unwrap()], FromStr::from_str("Authorization").unwrap(),
); ]);
let request_headers = Header::from(request_headers); let request_headers = Header::from(request_headers);
let request = client let request = client
@ -2245,15 +2200,14 @@ mod tests {
options.allowed_origins = AllOrSome::All; options.allowed_origins = AllOrSome::All;
let client = make_client(); let client = make_client();
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.example.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.example.com").unwrap());
);
let method_header = Header::from(hyper::header::AccessControlRequestMethod( let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get, hyper::method::Method::Get,
)); ));
let request_headers = hyper::header::AccessControlRequestHeaders( let request_headers = hyper::header::AccessControlRequestHeaders(vec![
vec![FromStr::from_str("Authorization").unwrap()], FromStr::from_str("Authorization").unwrap(),
); ]);
let request_headers = Header::from(request_headers); let request_headers = Header::from(request_headers);
let request = client let request = client
@ -2277,15 +2231,14 @@ mod tests {
let options = make_cors_options(); let options = make_cors_options();
let client = make_client(); let client = make_client();
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.example.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.example.com").unwrap());
);
let method_header = Header::from(hyper::header::AccessControlRequestMethod( let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get, hyper::method::Method::Get,
)); ));
let request_headers = hyper::header::AccessControlRequestHeaders( let request_headers = hyper::header::AccessControlRequestHeaders(vec![
vec![FromStr::from_str("Authorization").unwrap()], FromStr::from_str("Authorization").unwrap(),
); ]);
let request_headers = Header::from(request_headers); let request_headers = Header::from(request_headers);
let request = client let request = client
@ -2303,17 +2256,17 @@ mod tests {
let options = make_cors_options(); let options = make_cors_options();
let client = make_client(); let client = make_client();
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.acme.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
); let request_headers = hyper::header::AccessControlRequestHeaders(vec![
let request_headers = hyper::header::AccessControlRequestHeaders( FromStr::from_str("Authorization").unwrap(),
vec![FromStr::from_str("Authorization").unwrap()], ]);
);
let request_headers = Header::from(request_headers); let request_headers = Header::from(request_headers);
let request = client.options("/").header(origin_header).header( let request = client
request_headers, .options("/")
); .header(origin_header)
.header(request_headers);
let _ = validate(&options, request.inner()).unwrap(); let _ = validate(&options, request.inner()).unwrap();
} }
@ -2324,15 +2277,14 @@ mod tests {
let options = make_cors_options(); let options = make_cors_options();
let client = make_client(); let client = make_client();
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.acme.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
);
let method_header = Header::from(hyper::header::AccessControlRequestMethod( let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Post, hyper::method::Method::Post,
)); ));
let request_headers = hyper::header::AccessControlRequestHeaders( let request_headers = hyper::header::AccessControlRequestHeaders(vec![
vec![FromStr::from_str("Authorization").unwrap()], FromStr::from_str("Authorization").unwrap(),
); ]);
let request_headers = Header::from(request_headers); let request_headers = Header::from(request_headers);
let request = client let request = client
@ -2350,9 +2302,8 @@ mod tests {
let options = make_cors_options(); let options = make_cors_options();
let client = make_client(); let client = make_client();
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.acme.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
);
let method_header = Header::from(hyper::header::AccessControlRequestMethod( let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get, hyper::method::Method::Get,
)); ));
@ -2376,9 +2327,8 @@ mod tests {
let options = make_cors_options(); let options = make_cors_options();
let client = make_client(); let client = make_client();
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.acme.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
);
let request = client.get("/").header(origin_header); let request = client.get("/").header(origin_header);
let result = validate(&options, request.inner()).expect("to not fail"); let result = validate(&options, request.inner()).expect("to not fail");
@ -2395,9 +2345,8 @@ mod tests {
let options = make_invalid_options(); let options = make_invalid_options();
let client = make_client(); let client = make_client();
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.acme.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
);
let request = client.get("/").header(origin_header); let request = client.get("/").header(origin_header);
let _ = validate(&options, request.inner()).unwrap(); let _ = validate(&options, request.inner()).unwrap();
@ -2409,9 +2358,8 @@ mod tests {
options.allowed_origins = AllOrSome::All; options.allowed_origins = AllOrSome::All;
let client = make_client(); let client = make_client();
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.example.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.example.com").unwrap());
);
let request = client.get("/").header(origin_header); let request = client.get("/").header(origin_header);
let result = validate(&options, request.inner()).expect("to not fail"); let result = validate(&options, request.inner()).expect("to not fail");
@ -2428,9 +2376,8 @@ mod tests {
let options = make_cors_options(); let options = make_cors_options();
let client = make_client(); let client = make_client();
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.example.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.example.com").unwrap());
);
let request = client.get("/").header(origin_header); let request = client.get("/").header(origin_header);
let _ = validate(&options, request.inner()).unwrap(); let _ = validate(&options, request.inner()).unwrap();
@ -2452,15 +2399,14 @@ mod tests {
let options = make_cors_options(); let options = make_cors_options();
let client = make_client(); let client = make_client();
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.acme.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
);
let method_header = Header::from(hyper::header::AccessControlRequestMethod( let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get, hyper::method::Method::Get,
)); ));
let request_headers = hyper::header::AccessControlRequestHeaders( let request_headers = hyper::header::AccessControlRequestHeaders(vec![
vec![FromStr::from_str("Authorization").unwrap()], FromStr::from_str("Authorization").unwrap(),
); ]);
let request_headers = Header::from(request_headers); let request_headers = Header::from(request_headers);
let request = client let request = client
@ -2491,15 +2437,14 @@ mod tests {
let client = make_client(); let client = make_client();
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.acme.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
);
let method_header = Header::from(hyper::header::AccessControlRequestMethod( let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get, hyper::method::Method::Get,
)); ));
let request_headers = hyper::header::AccessControlRequestHeaders( let request_headers = hyper::header::AccessControlRequestHeaders(vec![
vec![FromStr::from_str("Authorization").unwrap()], FromStr::from_str("Authorization").unwrap(),
); ]);
let request_headers = Header::from(request_headers); let request_headers = Header::from(request_headers);
let request = client let request = client
@ -2530,15 +2475,14 @@ mod tests {
let client = make_client(); let client = make_client();
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.acme.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
);
let method_header = Header::from(hyper::header::AccessControlRequestMethod( let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get, hyper::method::Method::Get,
)); ));
let request_headers = hyper::header::AccessControlRequestHeaders( let request_headers = hyper::header::AccessControlRequestHeaders(vec![
vec![FromStr::from_str("Authorization").unwrap()], FromStr::from_str("Authorization").unwrap(),
); ]);
let request_headers = Header::from(request_headers); let request_headers = Header::from(request_headers);
let request = client let request = client
@ -2564,9 +2508,8 @@ mod tests {
let options = make_cors_options(); let options = make_cors_options();
let client = make_client(); let client = make_client();
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.acme.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
);
let request = client.get("/").header(origin_header); let request = client.get("/").header(origin_header);
let response = validate_and_build(&options, request.inner()).expect("to not fail"); let response = validate_and_build(&options, request.inner()).expect("to not fail");
@ -2587,9 +2530,8 @@ mod tests {
let client = make_client(); let client = make_client();
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.acme.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
);
let request = client.get("/").header(origin_header); let request = client.get("/").header(origin_header);
let response = validate_and_build(&options, request.inner()).expect("to not fail"); let response = validate_and_build(&options, request.inner()).expect("to not fail");
@ -2610,9 +2552,8 @@ mod tests {
let client = make_client(); let client = make_client();
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.acme.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
);
let request = client.get("/").header(origin_header); let request = client.get("/").header(origin_header);
let response = validate_and_build(&options, request.inner()).expect("to not fail"); let response = validate_and_build(&options, request.inner()).expect("to not fail");

88
tests/fairing.rs
View File

@ -47,15 +47,14 @@ fn smoke_test() {
let client = Client::new(rocket()).unwrap(); let client = Client::new(rocket()).unwrap();
// `Options` pre-flight checks // `Options` pre-flight checks
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.acme.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
);
let method_header = Header::from(hyper::header::AccessControlRequestMethod( let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get, hyper::method::Method::Get,
)); ));
let request_headers = hyper::header::AccessControlRequestHeaders( let request_headers = hyper::header::AccessControlRequestHeaders(vec![
vec![FromStr::from_str("Authorization").unwrap()], FromStr::from_str("Authorization").unwrap(),
); ]);
let request_headers = Header::from(request_headers); let request_headers = Header::from(request_headers);
let req = client let req = client
.options("/") .options("/")
@ -67,9 +66,8 @@ fn smoke_test() {
assert!(response.status().class().is_success()); assert!(response.status().class().is_success());
// "Actual" request // "Actual" request
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.acme.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
);
let authorization = Header::new("Authorization", "let me in"); let authorization = Header::new("Authorization", "let me in");
let req = client.get("/").header(origin_header).header(authorization); let req = client.get("/").header(origin_header).header(authorization);
@ -89,15 +87,14 @@ fn smoke_test() {
fn cors_options_check() { fn cors_options_check() {
let client = Client::new(rocket()).unwrap(); let client = Client::new(rocket()).unwrap();
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.acme.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
);
let method_header = Header::from(hyper::header::AccessControlRequestMethod( let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get, hyper::method::Method::Get,
)); ));
let request_headers = hyper::header::AccessControlRequestHeaders( let request_headers = hyper::header::AccessControlRequestHeaders(vec![
vec![FromStr::from_str("Authorization").unwrap()], FromStr::from_str("Authorization").unwrap(),
); ]);
let request_headers = Header::from(request_headers); let request_headers = Header::from(request_headers);
let req = client let req = client
.options("/") .options("/")
@ -119,9 +116,8 @@ fn cors_options_check() {
fn cors_get_check() { fn cors_get_check() {
let client = Client::new(rocket()).unwrap(); let client = Client::new(rocket()).unwrap();
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.acme.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
);
let authorization = Header::new("Authorization", "let me in"); let authorization = Header::new("Authorization", "let me in");
let req = client.get("/").header(origin_header).header(authorization); let req = client.get("/").header(origin_header).header(authorization);
@ -155,15 +151,14 @@ fn cors_get_no_origin() {
fn cors_options_bad_origin() { fn cors_options_bad_origin() {
let client = Client::new(rocket()).unwrap(); let client = Client::new(rocket()).unwrap();
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.bad-origin.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.bad-origin.com").unwrap());
);
let method_header = Header::from(hyper::header::AccessControlRequestMethod( let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get, hyper::method::Method::Get,
)); ));
let request_headers = hyper::header::AccessControlRequestHeaders( let request_headers = hyper::header::AccessControlRequestHeaders(vec![
vec![FromStr::from_str("Authorization").unwrap()], FromStr::from_str("Authorization").unwrap(),
); ]);
let request_headers = Header::from(request_headers); let request_headers = Header::from(request_headers);
let req = client let req = client
.options("/") .options("/")
@ -183,13 +178,14 @@ fn cors_options_missing_origin() {
let method_header = Header::from(hyper::header::AccessControlRequestMethod( let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get, hyper::method::Method::Get,
)); ));
let request_headers = hyper::header::AccessControlRequestHeaders( let request_headers = hyper::header::AccessControlRequestHeaders(vec![
vec![FromStr::from_str("Authorization").unwrap()], FromStr::from_str("Authorization").unwrap(),
); ]);
let request_headers = Header::from(request_headers); let request_headers = Header::from(request_headers);
let req = client.options("/").header(method_header).header( let req = client
request_headers, .options("/")
); .header(method_header)
.header(request_headers);
let response = req.dispatch(); let response = req.dispatch();
assert_eq!(response.status(), Status::NotFound); assert_eq!(response.status(), Status::NotFound);
@ -206,15 +202,14 @@ fn cors_options_missing_origin() {
fn cors_options_bad_request_method() { fn cors_options_bad_request_method() {
let client = Client::new(rocket()).unwrap(); let client = Client::new(rocket()).unwrap();
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.acme.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
);
let method_header = Header::from(hyper::header::AccessControlRequestMethod( let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Post, hyper::method::Method::Post,
)); ));
let request_headers = hyper::header::AccessControlRequestHeaders( let request_headers = hyper::header::AccessControlRequestHeaders(vec![
vec![FromStr::from_str("Authorization").unwrap()], FromStr::from_str("Authorization").unwrap(),
); ]);
let request_headers = Header::from(request_headers); let request_headers = Header::from(request_headers);
let req = client let req = client
.options("/") .options("/")
@ -236,9 +231,8 @@ fn cors_options_bad_request_method() {
fn cors_options_bad_request_header() { fn cors_options_bad_request_header() {
let client = Client::new(rocket()).unwrap(); let client = Client::new(rocket()).unwrap();
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.acme.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
);
let method_header = Header::from(hyper::header::AccessControlRequestMethod( let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get, hyper::method::Method::Get,
)); ));
@ -265,9 +259,8 @@ fn cors_options_bad_request_header() {
fn cors_get_bad_origin() { fn cors_get_bad_origin() {
let client = Client::new(rocket()).unwrap(); let client = Client::new(rocket()).unwrap();
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.bad-origin.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.bad-origin.com").unwrap());
);
let authorization = Header::new("Authorization", "let me in"); let authorization = Header::new("Authorization", "let me in");
let req = client.get("/").header(origin_header).header(authorization); let req = client.get("/").header(origin_header).header(authorization);
@ -288,15 +281,14 @@ fn cors_get_bad_origin() {
fn routes_failing_checks_are_not_executed() { fn routes_failing_checks_are_not_executed() {
let client = Client::new(rocket()).unwrap(); let client = Client::new(rocket()).unwrap();
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.bad-origin.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.bad-origin.com").unwrap());
);
let method_header = Header::from(hyper::header::AccessControlRequestMethod( let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get, hyper::method::Method::Get,
)); ));
let request_headers = hyper::header::AccessControlRequestHeaders( let request_headers = hyper::header::AccessControlRequestHeaders(vec![
vec![FromStr::from_str("Authorization").unwrap()], FromStr::from_str("Authorization").unwrap(),
); ]);
let request_headers = Header::from(request_headers); let request_headers = Header::from(request_headers);
let req = client let req = client
.options("/panic") .options("/panic")

105
tests/guard.rs
View File

@ -89,15 +89,14 @@ fn smoke_test() {
let client = Client::new(rocket).unwrap(); let client = Client::new(rocket).unwrap();
// `Options` pre-flight checks // `Options` pre-flight checks
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.acme.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
);
let method_header = Header::from(hyper::header::AccessControlRequestMethod( let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get, hyper::method::Method::Get,
)); ));
let request_headers = hyper::header::AccessControlRequestHeaders( let request_headers = hyper::header::AccessControlRequestHeaders(vec![
vec![FromStr::from_str("Authorization").unwrap()], FromStr::from_str("Authorization").unwrap(),
); ]);
let request_headers = Header::from(request_headers); let request_headers = Header::from(request_headers);
let req = client let req = client
.options("/") .options("/")
@ -109,9 +108,8 @@ fn smoke_test() {
assert!(response.status().class().is_success()); assert!(response.status().class().is_success());
// "Actual" request // "Actual" request
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.acme.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
);
let authorization = Header::new("Authorization", "let me in"); let authorization = Header::new("Authorization", "let me in");
let req = client.get("/").header(origin_header).header(authorization); let req = client.get("/").header(origin_header).header(authorization);
@ -133,15 +131,14 @@ fn cors_options_catch_all_check() {
let rocket = make_rocket(); let rocket = make_rocket();
let client = Client::new(rocket).unwrap(); let client = Client::new(rocket).unwrap();
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.acme.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
);
let method_header = Header::from(hyper::header::AccessControlRequestMethod( let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get, hyper::method::Method::Get,
)); ));
let request_headers = hyper::header::AccessControlRequestHeaders( let request_headers = hyper::header::AccessControlRequestHeaders(vec![
vec![FromStr::from_str("Authorization").unwrap()], FromStr::from_str("Authorization").unwrap(),
); ]);
let request_headers = Header::from(request_headers); let request_headers = Header::from(request_headers);
let req = client let req = client
.options("/") .options("/")
@ -159,22 +156,20 @@ fn cors_options_catch_all_check() {
assert_eq!("https://www.acme.com", origin_header); assert_eq!("https://www.acme.com", origin_header);
} }
/// Check the "catch all" OPTIONS route works for other routes /// Check the "catch all" OPTIONS route works for other routes
#[test] #[test]
fn cors_options_catch_all_check_other_routes() { fn cors_options_catch_all_check_other_routes() {
let rocket = make_rocket(); let rocket = make_rocket();
let client = Client::new(rocket).unwrap(); let client = Client::new(rocket).unwrap();
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.acme.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
);
let method_header = Header::from(hyper::header::AccessControlRequestMethod( let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get, hyper::method::Method::Get,
)); ));
let request_headers = hyper::header::AccessControlRequestHeaders( let request_headers = hyper::header::AccessControlRequestHeaders(vec![
vec![FromStr::from_str("Authorization").unwrap()], FromStr::from_str("Authorization").unwrap(),
); ]);
let request_headers = Header::from(request_headers); let request_headers = Header::from(request_headers);
let req = client let req = client
.options("/response/unit") .options("/response/unit")
@ -197,9 +192,8 @@ fn cors_get_check() {
let rocket = make_rocket(); let rocket = make_rocket();
let client = Client::new(rocket).unwrap(); let client = Client::new(rocket).unwrap();
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.acme.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
);
let authorization = Header::new("Authorization", "let me in"); let authorization = Header::new("Authorization", "let me in");
let req = client.get("/").header(origin_header).header(authorization); let req = client.get("/").header(origin_header).header(authorization);
@ -241,15 +235,14 @@ fn cors_options_bad_origin() {
let rocket = make_rocket(); let rocket = make_rocket();
let client = Client::new(rocket).unwrap(); let client = Client::new(rocket).unwrap();
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.bad-origin.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.bad-origin.com").unwrap());
);
let method_header = Header::from(hyper::header::AccessControlRequestMethod( let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get, hyper::method::Method::Get,
)); ));
let request_headers = hyper::header::AccessControlRequestHeaders( let request_headers = hyper::header::AccessControlRequestHeaders(vec![
vec![FromStr::from_str("Authorization").unwrap()], FromStr::from_str("Authorization").unwrap(),
); ]);
let request_headers = Header::from(request_headers); let request_headers = Header::from(request_headers);
let req = client let req = client
.options("/") .options("/")
@ -275,13 +268,14 @@ fn cors_options_missing_origin() {
let method_header = Header::from(hyper::header::AccessControlRequestMethod( let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get, hyper::method::Method::Get,
)); ));
let request_headers = hyper::header::AccessControlRequestHeaders( let request_headers = hyper::header::AccessControlRequestHeaders(vec![
vec![FromStr::from_str("Authorization").unwrap()], FromStr::from_str("Authorization").unwrap(),
); ]);
let request_headers = Header::from(request_headers); let request_headers = Header::from(request_headers);
let req = client.options("/").header(method_header).header( let req = client
request_headers, .options("/")
); .header(method_header)
.header(request_headers);
let response = req.dispatch(); let response = req.dispatch();
assert!(response.status().class().is_success()); assert!(response.status().class().is_success());
@ -298,15 +292,14 @@ fn cors_options_bad_request_method() {
let rocket = make_rocket(); let rocket = make_rocket();
let client = Client::new(rocket).unwrap(); let client = Client::new(rocket).unwrap();
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.acme.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
);
let method_header = Header::from(hyper::header::AccessControlRequestMethod( let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Post, hyper::method::Method::Post,
)); ));
let request_headers = hyper::header::AccessControlRequestHeaders( let request_headers = hyper::header::AccessControlRequestHeaders(vec![
vec![FromStr::from_str("Authorization").unwrap()], FromStr::from_str("Authorization").unwrap(),
); ]);
let request_headers = Header::from(request_headers); let request_headers = Header::from(request_headers);
let req = client let req = client
.options("/") .options("/")
@ -329,9 +322,8 @@ fn cors_options_bad_request_header() {
let rocket = make_rocket(); let rocket = make_rocket();
let client = Client::new(rocket).unwrap(); let client = Client::new(rocket).unwrap();
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.acme.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
);
let method_header = Header::from(hyper::header::AccessControlRequestMethod( let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get, hyper::method::Method::Get,
)); ));
@ -359,9 +351,8 @@ fn cors_get_bad_origin() {
let rocket = make_rocket(); let rocket = make_rocket();
let client = Client::new(rocket).unwrap(); let client = Client::new(rocket).unwrap();
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.bad-origin.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.bad-origin.com").unwrap());
);
let authorization = Header::new("Authorization", "let me in"); let authorization = Header::new("Authorization", "let me in");
let req = client.get("/").header(origin_header).header(authorization); let req = client.get("/").header(origin_header).header(authorization);
@ -383,9 +374,8 @@ fn routes_failing_checks_are_not_executed() {
let rocket = make_rocket(); let rocket = make_rocket();
let client = Client::new(rocket).unwrap(); let client = Client::new(rocket).unwrap();
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.bad-origin.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.bad-origin.com").unwrap());
);
let authorization = Header::new("Authorization", "let me in"); let authorization = Header::new("Authorization", "let me in");
let req = client.get("/").header(origin_header).header(authorization); let req = client.get("/").header(origin_header).header(authorization);
@ -406,15 +396,14 @@ fn overridden_options_routes_are_used() {
let rocket = make_rocket(); let rocket = make_rocket();
let client = Client::new(rocket).unwrap(); let client = Client::new(rocket).unwrap();
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.acme.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
);
let method_header = Header::from(hyper::header::AccessControlRequestMethod( let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get, hyper::method::Method::Get,
)); ));
let request_headers = hyper::header::AccessControlRequestHeaders( let request_headers = hyper::header::AccessControlRequestHeaders(vec![
vec![FromStr::from_str("Authorization").unwrap()], FromStr::from_str("Authorization").unwrap(),
); ]);
let request_headers = Header::from(request_headers); let request_headers = Header::from(request_headers);
let req = client let req = client
.options("/manual") .options("/manual")

12
tests/headers.rs
View File

@ -34,9 +34,8 @@ fn request_headers_round_trip_smoke_test() {
let rocket = rocket::ignite().mount("/", routes![request_headers]); let rocket = rocket::ignite().mount("/", routes![request_headers]);
let client = Client::new(rocket).expect("A valid Rocket client"); let client = Client::new(rocket).expect("A valid Rocket client");
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://foo.bar.xyz").unwrap(), Header::from(hyper::header::Origin::from_str("https://foo.bar.xyz").unwrap());
);
let method_header = Header::from(hyper::header::AccessControlRequestMethod( let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get, hyper::method::Method::Get,
)); ));
@ -53,9 +52,10 @@ fn request_headers_round_trip_smoke_test() {
let mut response = req.dispatch(); let mut response = req.dispatch();
assert!(response.status().class().is_success()); assert!(response.status().class().is_success());
let body_str = response.body().and_then(|body| body.into_string()).expect( let body_str = response
"Non-empty body", .body()
); .and_then(|body| body.into_string())
.expect("Non-empty body");
let expected_body = r#"https://foo.bar.xyz/ let expected_body = r#"https://foo.bar.xyz/
GET GET
X-Ping, accept-language"#; X-Ping, accept-language"#;

123
tests/manual.rs
View File

@ -18,9 +18,9 @@ use rocket_cors::*;
/// Using a borrowed `Cors` /// Using a borrowed `Cors`
#[get("/")] #[get("/")]
fn cors<'r>(options: State<'r, Cors>) -> impl Responder<'r> { fn cors<'r>(options: State<'r, Cors>) -> impl Responder<'r> {
options.inner().respond_borrowed( options
|guard| guard.responder("Hello CORS"), .inner()
) .respond_borrowed(|guard| guard.responder("Hello CORS"))
} }
#[get("/panic")] #[get("/panic")]
@ -52,9 +52,9 @@ fn owned<'r>() -> impl Responder<'r> {
#[allow(unmounted_route)] #[allow(unmounted_route)]
#[get("/")] #[get("/")]
fn responder_string<'r>(options: State<'r, Cors>) -> impl Responder<'r> { fn responder_string<'r>(options: State<'r, Cors>) -> impl Responder<'r> {
options.inner().respond_borrowed(|guard| { options
guard.responder("Hello CORS".to_string()) .inner()
}) .respond_borrowed(|guard| guard.responder("Hello CORS".to_string()))
} }
struct TestState; struct TestState;
@ -108,15 +108,14 @@ fn smoke_test() {
let client = Client::new(rocket()).unwrap(); let client = Client::new(rocket()).unwrap();
// `Options` pre-flight checks // `Options` pre-flight checks
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.acme.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
);
let method_header = Header::from(hyper::header::AccessControlRequestMethod( let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get, hyper::method::Method::Get,
)); ));
let request_headers = hyper::header::AccessControlRequestHeaders( let request_headers = hyper::header::AccessControlRequestHeaders(vec![
vec![FromStr::from_str("Authorization").unwrap()], FromStr::from_str("Authorization").unwrap(),
); ]);
let request_headers = Header::from(request_headers); let request_headers = Header::from(request_headers);
let req = client let req = client
.options("/") .options("/")
@ -128,9 +127,8 @@ fn smoke_test() {
assert!(response.status().class().is_success()); assert!(response.status().class().is_success());
// "Actual" request // "Actual" request
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.acme.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
);
let authorization = Header::new("Authorization", "let me in"); let authorization = Header::new("Authorization", "let me in");
let req = client.get("/").header(origin_header).header(authorization); let req = client.get("/").header(origin_header).header(authorization);
@ -150,15 +148,14 @@ fn smoke_test() {
fn cors_options_borrowed_check() { fn cors_options_borrowed_check() {
let client = Client::new(rocket()).unwrap(); let client = Client::new(rocket()).unwrap();
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.acme.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
);
let method_header = Header::from(hyper::header::AccessControlRequestMethod( let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get, hyper::method::Method::Get,
)); ));
let request_headers = hyper::header::AccessControlRequestHeaders( let request_headers = hyper::header::AccessControlRequestHeaders(vec![
vec![FromStr::from_str("Authorization").unwrap()], FromStr::from_str("Authorization").unwrap(),
); ]);
let request_headers = Header::from(request_headers); let request_headers = Header::from(request_headers);
let req = client let req = client
.options("/") .options("/")
@ -180,9 +177,8 @@ fn cors_options_borrowed_check() {
fn cors_get_borrowed_check() { fn cors_get_borrowed_check() {
let client = Client::new(rocket()).unwrap(); let client = Client::new(rocket()).unwrap();
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.acme.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
);
let authorization = Header::new("Authorization", "let me in"); let authorization = Header::new("Authorization", "let me in");
let req = client.get("/").header(origin_header).header(authorization); let req = client.get("/").header(origin_header).header(authorization);
@ -216,15 +212,14 @@ fn cors_get_no_origin() {
fn cors_options_bad_origin() { fn cors_options_bad_origin() {
let client = Client::new(rocket()).unwrap(); let client = Client::new(rocket()).unwrap();
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.bad-origin.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.bad-origin.com").unwrap());
);
let method_header = Header::from(hyper::header::AccessControlRequestMethod( let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get, hyper::method::Method::Get,
)); ));
let request_headers = hyper::header::AccessControlRequestHeaders( let request_headers = hyper::header::AccessControlRequestHeaders(vec![
vec![FromStr::from_str("Authorization").unwrap()], FromStr::from_str("Authorization").unwrap(),
); ]);
let request_headers = Header::from(request_headers); let request_headers = Header::from(request_headers);
let req = client let req = client
.options("/") .options("/")
@ -243,13 +238,14 @@ fn cors_options_missing_origin() {
let method_header = Header::from(hyper::header::AccessControlRequestMethod( let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get, hyper::method::Method::Get,
)); ));
let request_headers = hyper::header::AccessControlRequestHeaders( let request_headers = hyper::header::AccessControlRequestHeaders(vec![
vec![FromStr::from_str("Authorization").unwrap()], FromStr::from_str("Authorization").unwrap(),
); ]);
let request_headers = Header::from(request_headers); let request_headers = Header::from(request_headers);
let req = client.options("/").header(method_header).header( let req = client
request_headers, .options("/")
); .header(method_header)
.header(request_headers);
let response = req.dispatch(); let response = req.dispatch();
assert!(response.status().class().is_success()); assert!(response.status().class().is_success());
@ -265,15 +261,14 @@ fn cors_options_missing_origin() {
fn cors_options_bad_request_method() { fn cors_options_bad_request_method() {
let client = Client::new(rocket()).unwrap(); let client = Client::new(rocket()).unwrap();
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.acme.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
);
let method_header = Header::from(hyper::header::AccessControlRequestMethod( let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Post, hyper::method::Method::Post,
)); ));
let request_headers = hyper::header::AccessControlRequestHeaders( let request_headers = hyper::header::AccessControlRequestHeaders(vec![
vec![FromStr::from_str("Authorization").unwrap()], FromStr::from_str("Authorization").unwrap(),
); ]);
let request_headers = Header::from(request_headers); let request_headers = Header::from(request_headers);
let req = client let req = client
.options("/") .options("/")
@ -295,9 +290,8 @@ fn cors_options_bad_request_method() {
fn cors_options_bad_request_header() { fn cors_options_bad_request_header() {
let client = Client::new(rocket()).unwrap(); let client = Client::new(rocket()).unwrap();
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.acme.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
);
let method_header = Header::from(hyper::header::AccessControlRequestMethod( let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get, hyper::method::Method::Get,
)); ));
@ -324,9 +318,8 @@ fn cors_options_bad_request_header() {
fn cors_get_bad_origin() { fn cors_get_bad_origin() {
let client = Client::new(rocket()).unwrap(); let client = Client::new(rocket()).unwrap();
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.bad-origin.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.bad-origin.com").unwrap());
);
let authorization = Header::new("Authorization", "let me in"); let authorization = Header::new("Authorization", "let me in");
let req = client.get("/").header(origin_header).header(authorization); let req = client.get("/").header(origin_header).header(authorization);
@ -347,15 +340,14 @@ fn cors_get_bad_origin() {
fn routes_failing_checks_are_not_executed() { fn routes_failing_checks_are_not_executed() {
let client = Client::new(rocket()).unwrap(); let client = Client::new(rocket()).unwrap();
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.bad-origin.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.bad-origin.com").unwrap());
);
let method_header = Header::from(hyper::header::AccessControlRequestMethod( let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get, hyper::method::Method::Get,
)); ));
let request_headers = hyper::header::AccessControlRequestHeaders( let request_headers = hyper::header::AccessControlRequestHeaders(vec![
vec![FromStr::from_str("Authorization").unwrap()], FromStr::from_str("Authorization").unwrap(),
); ]);
let request_headers = Header::from(request_headers); let request_headers = Header::from(request_headers);
let req = client let req = client
.options("/panic") .options("/panic")
@ -379,15 +371,14 @@ fn cors_options_owned_check() {
let rocket = rocket(); let rocket = rocket();
let client = Client::new(rocket).unwrap(); let client = Client::new(rocket).unwrap();
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.example.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.example.com").unwrap());
);
let method_header = Header::from(hyper::header::AccessControlRequestMethod( let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get, hyper::method::Method::Get,
)); ));
let request_headers = hyper::header::AccessControlRequestHeaders( let request_headers = hyper::header::AccessControlRequestHeaders(vec![
vec![FromStr::from_str("Authorization").unwrap()], FromStr::from_str("Authorization").unwrap(),
); ]);
let request_headers = Header::from(request_headers); let request_headers = Header::from(request_headers);
let req = client let req = client
.options("/owned") .options("/owned")
@ -412,13 +403,13 @@ fn cors_options_owned_check() {
fn cors_get_owned_check() { fn cors_get_owned_check() {
let client = Client::new(rocket()).unwrap(); let client = Client::new(rocket()).unwrap();
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.example.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.example.com").unwrap());
);
let authorization = Header::new("Authorization", "let me in"); let authorization = Header::new("Authorization", "let me in");
let req = client.get("/owned").header(origin_header).header( let req = client
authorization, .get("/owned")
); .header(origin_header)
.header(authorization);
let mut response = req.dispatch(); let mut response = req.dispatch();
assert!(response.status().class().is_success()); assert!(response.status().class().is_success());

98
tests/mix.rs
View File

@ -11,11 +11,11 @@ extern crate rocket_cors;
use std::str::FromStr; use std::str::FromStr;
use rocket::http::{Method, Header, Status}; use rocket::http::{Header, Method, Status};
use rocket::local::Client; use rocket::local::Client;
use rocket::response::Responder; use rocket::response::Responder;
use rocket_cors::{Cors, Guard, AllowedOrigins, AllowedHeaders}; use rocket_cors::{AllowedHeaders, AllowedOrigins, Cors, Guard};
/// The "usual" app route /// The "usual" app route
#[get("/")] #[get("/")]
@ -82,15 +82,14 @@ fn smoke_test() {
let client = Client::new(rocket()).unwrap(); let client = Client::new(rocket()).unwrap();
// `Options` pre-flight checks // `Options` pre-flight checks
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.acme.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
);
let method_header = Header::from(hyper::header::AccessControlRequestMethod( let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get, hyper::method::Method::Get,
)); ));
let request_headers = hyper::header::AccessControlRequestHeaders( let request_headers = hyper::header::AccessControlRequestHeaders(vec![
vec![FromStr::from_str("Authorization").unwrap()], FromStr::from_str("Authorization").unwrap(),
); ]);
let request_headers = Header::from(request_headers); let request_headers = Header::from(request_headers);
let req = client let req = client
.options("/") .options("/")
@ -102,9 +101,8 @@ fn smoke_test() {
assert!(response.status().class().is_success()); assert!(response.status().class().is_success());
// "Actual" request // "Actual" request
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.acme.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
);
let authorization = Header::new("Authorization", "let me in"); let authorization = Header::new("Authorization", "let me in");
let req = client.get("/").header(origin_header).header(authorization); let req = client.get("/").header(origin_header).header(authorization);
@ -124,15 +122,14 @@ fn smoke_test() {
fn cors_options_check() { fn cors_options_check() {
let client = Client::new(rocket()).unwrap(); let client = Client::new(rocket()).unwrap();
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.acme.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
);
let method_header = Header::from(hyper::header::AccessControlRequestMethod( let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get, hyper::method::Method::Get,
)); ));
let request_headers = hyper::header::AccessControlRequestHeaders( let request_headers = hyper::header::AccessControlRequestHeaders(vec![
vec![FromStr::from_str("Authorization").unwrap()], FromStr::from_str("Authorization").unwrap(),
); ]);
let request_headers = Header::from(request_headers); let request_headers = Header::from(request_headers);
let req = client let req = client
.options("/") .options("/")
@ -154,9 +151,8 @@ fn cors_options_check() {
fn cors_get_check() { fn cors_get_check() {
let client = Client::new(rocket()).unwrap(); let client = Client::new(rocket()).unwrap();
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.acme.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
);
let authorization = Header::new("Authorization", "let me in"); let authorization = Header::new("Authorization", "let me in");
let req = client.get("/").header(origin_header).header(authorization); let req = client.get("/").header(origin_header).header(authorization);
@ -190,15 +186,14 @@ fn cors_get_no_origin() {
fn cors_options_bad_origin() { fn cors_options_bad_origin() {
let client = Client::new(rocket()).unwrap(); let client = Client::new(rocket()).unwrap();
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.bad-origin.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.bad-origin.com").unwrap());
);
let method_header = Header::from(hyper::header::AccessControlRequestMethod( let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get, hyper::method::Method::Get,
)); ));
let request_headers = hyper::header::AccessControlRequestHeaders( let request_headers = hyper::header::AccessControlRequestHeaders(vec![
vec![FromStr::from_str("Authorization").unwrap()], FromStr::from_str("Authorization").unwrap(),
); ]);
let request_headers = Header::from(request_headers); let request_headers = Header::from(request_headers);
let req = client let req = client
.options("/") .options("/")
@ -217,13 +212,14 @@ fn cors_options_missing_origin() {
let method_header = Header::from(hyper::header::AccessControlRequestMethod( let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get, hyper::method::Method::Get,
)); ));
let request_headers = hyper::header::AccessControlRequestHeaders( let request_headers = hyper::header::AccessControlRequestHeaders(vec![
vec![FromStr::from_str("Authorization").unwrap()], FromStr::from_str("Authorization").unwrap(),
); ]);
let request_headers = Header::from(request_headers); let request_headers = Header::from(request_headers);
let req = client.options("/").header(method_header).header( let req = client
request_headers, .options("/")
); .header(method_header)
.header(request_headers);
let response = req.dispatch(); let response = req.dispatch();
assert!(response.status().class().is_success()); assert!(response.status().class().is_success());
@ -239,15 +235,14 @@ fn cors_options_missing_origin() {
fn cors_options_bad_request_method() { fn cors_options_bad_request_method() {
let client = Client::new(rocket()).unwrap(); let client = Client::new(rocket()).unwrap();
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.acme.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
);
let method_header = Header::from(hyper::header::AccessControlRequestMethod( let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Post, hyper::method::Method::Post,
)); ));
let request_headers = hyper::header::AccessControlRequestHeaders( let request_headers = hyper::header::AccessControlRequestHeaders(vec![
vec![FromStr::from_str("Authorization").unwrap()], FromStr::from_str("Authorization").unwrap(),
); ]);
let request_headers = Header::from(request_headers); let request_headers = Header::from(request_headers);
let req = client let req = client
.options("/") .options("/")
@ -269,9 +264,8 @@ fn cors_options_bad_request_method() {
fn cors_options_bad_request_header() { fn cors_options_bad_request_header() {
let client = Client::new(rocket()).unwrap(); let client = Client::new(rocket()).unwrap();
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.acme.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.acme.com").unwrap());
);
let method_header = Header::from(hyper::header::AccessControlRequestMethod( let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get, hyper::method::Method::Get,
)); ));
@ -298,9 +292,8 @@ fn cors_options_bad_request_header() {
fn cors_get_bad_origin() { fn cors_get_bad_origin() {
let client = Client::new(rocket()).unwrap(); let client = Client::new(rocket()).unwrap();
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.bad-origin.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.bad-origin.com").unwrap());
);
let authorization = Header::new("Authorization", "let me in"); let authorization = Header::new("Authorization", "let me in");
let req = client.get("/").header(origin_header).header(authorization); let req = client.get("/").header(origin_header).header(authorization);
@ -319,16 +312,16 @@ fn cors_get_bad_origin() {
fn cors_options_ping_check() { fn cors_options_ping_check() {
let client = Client::new(rocket()).unwrap(); let client = Client::new(rocket()).unwrap();
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.example.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.example.com").unwrap());
);
let method_header = Header::from(hyper::header::AccessControlRequestMethod( let method_header = Header::from(hyper::header::AccessControlRequestMethod(
hyper::method::Method::Get, hyper::method::Method::Get,
)); ));
let req = client.options("/ping").header(origin_header).header( let req = client
method_header, .options("/ping")
); .header(origin_header)
.header(method_header);
let response = req.dispatch(); let response = req.dispatch();
assert!(response.status().class().is_success()); assert!(response.status().class().is_success());
@ -345,9 +338,8 @@ fn cors_options_ping_check() {
fn cors_get_ping_check() { fn cors_get_ping_check() {
let client = Client::new(rocket()).unwrap(); let client = Client::new(rocket()).unwrap();
let origin_header = Header::from( let origin_header =
hyper::header::Origin::from_str("https://www.example.com").unwrap(), Header::from(hyper::header::Origin::from_str("https://www.example.com").unwrap());
);
let req = client.get("/ping").header(origin_header); let req = client.get("/ping").header(origin_header);