tile38/tests/proto_test.go

57 lines
1.7 KiB
Go
Raw Normal View History

2024-05-07 07:59:32 +03:00
package tests
import (
"fmt"
"net/http"
)
func subTestProto(g *testGroup) {
g.regSubTest("HTTP CORS", proto_HTTP_CORS_test)
}
func proto_HTTP_CORS_test(mc *mockServer) error {
// Make CORS request for GET /SERVER
morigin := "http://my-test-origin"
url := fmt.Sprintf("http://127.0.0.1:%d/SERVER", mc.port)
req, err := http.NewRequest(http.MethodOptions, url, nil)
if err != nil {
return err
}
req.Header.Add("Origin", morigin)
req.Header.Add("Access-Control-Request-Method", "GET")
req.Header.Add("Access-Control-Request-Headers", "Authorization")
resp, err := http.DefaultClient.Do(req)
// Validate CORS response
if err != nil {
return err
}
if resp.StatusCode != 204 {
return fmt.Errorf("expected http stuats '204', got '%d'", resp.StatusCode)
}
origin := resp.Header.Get("Access-Control-Allow-Origin")
methods := resp.Header.Get("Access-Control-Allow-Methods")
headers := resp.Header.Get("Access-Control-Allow-Headers")
2024-05-07 07:59:32 +03:00
if !(origin == "*" || origin == morigin) {
return fmt.Errorf("expected http access-control-allow-origin value '*', got '%s'", origin)
}
if methods != "POST, GET, OPTIONS" {
return fmt.Errorf("expected http access-control-allow-Methods value 'POST, GET, OPTIONS', got '%s'", methods)
}
if headers != "*, Authorization" {
return fmt.Errorf("expected http access-control-allow-headers value '*, Authorization', got '%s'", headers)
}
2024-05-07 07:59:32 +03:00
// Make the actual request now
resp, err = http.Get(url)
if err != nil {
return err
}
origin = resp.Header.Get("Access-Control-Allow-Origin")
if !(origin == "*" || origin == morigin) {
return fmt.Errorf("expected http access-control-allow-origin value '*', got '%s'", origin)
}
return nil
}