publics
/
gin-contrib__cors


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151
							package cors

import (
	"net/http"
	"net/http/httptest"
	"testing"

	"github.com/gin-gonic/gin"
	"github.com/stretchr/testify/assert"
)

func init() {
	gin.SetMode(gin.TestMode)
}

func performRequest(r http.Handler, method, path string) *httptest.ResponseRecorder {
	req, _ := http.NewRequest(method, path, nil)
	w := httptest.NewRecorder()
	r.ServeHTTP(w, req)
	return w
}

func TestBadConfig(t *testing.T) {
	assert.Panics(t, func() { New(Config{}) })
	assert.Panics(t, func() {
		New(Config{
			AllowAllOrigins: true,
			AllowedOrigins:  []string{"http://google.com"},
		})
	})
	assert.Panics(t, func() {
		New(Config{
			AllowAllOrigins: true,
			AllowOriginFunc: func(origin string) bool { return false },
		})
	})
	assert.Panics(t, func() {
		New(Config{
			AllowedOrigins:  []string{"http://google.com"},
			AllowOriginFunc: func(origin string) bool { return false },
		})
	})
	assert.Panics(t, func() {
		New(Config{
			AllowedOrigins: []string{"google.com"},
		})
	})
}

func TestNormalize(t *testing.T) {
	values := normalize([]string{
		"http-access ", "post", "POST", " poSt  ",
		"HTTP-Access", "",
	})
	assert.Equal(t, values, []string{"Http-Access", "Post", ""})

	values = normalize(nil)
	assert.Nil(t, values)

	values = normalize([]string{})
	assert.Equal(t, values, []string{})
}

func TestGenerateNormalHeaders(t *testing.T) {
	header := generateNormalHeaders(Config{
		AllowAllOrigins: false,
	})
	assert.Contains(t, header.Get("Access-Control-Allow-Origin"), "")
	assert.Contains(t, header.Get("Vary"), "Origin")

	header = generateNormalHeaders(Config{
		AllowAllOrigins: true,
	})
	assert.Contains(t, header.Get("Access-Control-Allow-Origin"), "*")
	assert.Contains(t, header.Get("Vary"), "")

	header = generateNormalHeaders(Config{
		AllowCredentials: true,
	})
	assert.Contains(t, header.Get("Access-Control-Allow-Credentials"), "true")

	header = generateNormalHeaders(Config{
		AllowCredentials: false,
	})
	assert.Contains(t, header.Get("Access-Control-Allow-Credentials"), "")

	header = generateNormalHeaders(Config{
		ExposedHeaders: []string{"x-user", "xpassword"},
	})
	assert.Contains(t, header.Get("Access-Control-Expose-Headers"), "x-user, xpassword")
}

//
// func TestDeny0(t *testing.T) {
// 	called := false
//
// 	router := gin.New()
// 	router.Use(New(Config{
// 		AllowedOrigins: []string{"http://example.com"},
// 	}))
// 	router.GET("/", func(c *gin.Context) {
// 		called = true
// 	})
// 	w := httptest.NewRecorder()
// 	req, _ := http.NewRequest("GET", "/", nil)
// 	req.Header.Set("Origin", "https://example.com")
// 	router.ServeHTTP(w, req)
//
// 	assert.True(t, called)
// 	assert.NotContains(t, w.Header(), "Access-Control")
// }
//
// func TestDenyAbortOnError(t *testing.T) {
// 	called := false
//
// 	router := gin.New()
// 	router.Use(New(Config{
// 		AbortOnError:   true,
// 		AllowedOrigins: []string{"http://example.com"},
// 	}))
// 	router.GET("/", func(c *gin.Context) {
// 		called = true
// 	})
//
// 	w := httptest.NewRecorder()
// 	req, _ := http.NewRequest("GET", "/", nil)
// 	req.Header.Set("Origin", "https://example.com")
// 	router.ServeHTTP(w, req)
//
// 	assert.False(t, called)
// 	assert.NotContains(t, w.Header(), "Access-Control")
// }
//
// func TestDeny2(t *testing.T) {
//
// }
// func TestDeny3(t *testing.T) {
//
// }
//
// func TestPasses0(t *testing.T) {
//
// }
//
// func TestPasses1(t *testing.T) {
//
// }
//
// func TestPasses2(t *testing.T) {
//
// }