Esempio n. 1
0
func TestPreflightRequest(t *testing.T) {
	req, _ := http.NewRequest("OPTIONS", "/", nil)
	w := httptest.NewRecorder()

	req.Header.Set(OriginKey, "http://files.testing.com")
	req.Header.Set(RequestMethodKey, "GET")
	req.Header.Set(RequestHeadersKey, "Content-Type")
	req.Header.Set(RequestHeadersKey, "accept")

	router := gin.New()

	router.Use(Middleware(config))

	router.ServeHTTP(w, req)

	if w.Header().Get(AllowMethodsKey) != "GET, POST" {
		t.Fatal("Mismatch of methods.")
	}

	if w.Header().Get(AllowHeadersKey) != "Authorization, Content-Type, Accept" {
		t.Fatal("Mismatch of headers.")
	}

	if w.Header().Get(MaxAgeKey) != "60" {
		t.Fatal("Incorrect max age.")
	}

	if w.Header().Get(AllowOriginKey) != "http://files.testing.com" {
		t.Fatal("Incorrect origin.")
	}

	if w.Header().Get(AllowCredentialsKey) != "true" {
		t.Fatal("Incorrect credentials value")
	}
}
Esempio n. 2
0
func TestForceOrigin(t *testing.T) {
	req, _ := http.NewRequest("GET", "/", nil)
	w := httptest.NewRecorder()

	req.Header.Set("Origin", "http://localhost")

	router := gin.New()
	router.Use(Middleware(config))
	router.ServeHTTP(w, req)

	if w.Header().Get(AllowOriginKey) == "" {
		t.Fatal("Origin always matches, this header should be set.")
	}
}
Esempio n. 3
0
func TestNoOrigin(t *testing.T) {
	req, _ := http.NewRequest("GET", "/", nil)
	w := httptest.NewRecorder()

	router := gin.New()

	router.Use(Middleware(Config{
		Origins: "http://testing.com",
	}))

	router.ServeHTTP(w, req)

	if w.Header().Get(AllowOriginKey) != "" {
		t.Fatal("This should not match.")
	}
}
Esempio n. 4
0
func TestMatchOrigin(t *testing.T) {
	req, _ := http.NewRequest("GET", "/", nil)
	w := httptest.NewRecorder()

	req.Header.Set("Origin", "http://files.testing.com")

	router := gin.New()
	router.Use(Middleware(Config{
		Origins: "http://files.testing.com",
	}))
	router.ServeHTTP(w, req)

	if w.Header().Get(AllowOriginKey) == "" {
		t.Fatal("Origin matches, this header should be set.")
	}
}
Esempio n. 5
0
func TestPreflightMethodMismatch(t *testing.T) {
	req, _ := http.NewRequest("OPTIONS", "/", nil)
	w := httptest.NewRecorder()

	req.Header.Set(OriginKey, "http://files.testing.com")
	req.Header.Set(RequestMethodKey, "PUT")

	router := gin.New()

	router.Use(Middleware(config))

	router.ServeHTTP(w, req)

	if w.Header().Get(AllowOriginKey) != "" {
		t.Fatal("Cors headers should not be set.")
	}
}
Esempio n. 6
0
func ExampleMiddleware() {
	// Initialize the gin-gonic router
	router := gin.New()

	// Set up CORS middleware options
	config := cors.Config{
		Origins:         "*",
		RequestHeaders:  "Authorization",
		Methods:         "GET, POST, PUT",
		Credentials:     true,
		ValidateHeaders: false,
		MaxAge:          1 * time.Minute,
	}

	// Apply the middleware to the router (works on groups too)
	router.Use(cors.Middleware(config))
}
Esempio n. 7
0
func TestGzipPNG(t *testing.T) {
	req, _ := http.NewRequest("GET", "/image.png", nil)
	req.Header.Add("Accept-Encoding", "gzip")

	router := gin.New()
	router.Use(Gzip(DefaultCompression))
	router.GET("/image.png", func(c *gin.Context) {
		c.String(200, "this is a PNG!")
	})

	w := httptest.NewRecorder()
	router.ServeHTTP(w, req)

	assert.Equal(t, w.Code, 200)
	assert.Equal(t, w.Header().Get("Content-Encoding"), "")
	assert.Equal(t, w.Header().Get("Vary"), "")
	assert.Equal(t, w.Body.String(), "this is a PNG!")
}
Esempio n. 8
0
func TestForceOriginCredentails(t *testing.T) {
	req, _ := http.NewRequest("GET", "/", nil)
	w := httptest.NewRecorder()

	req.Header.Set("Origin", "http://localhost")

	router := gin.New()
	router.Use(Middleware(Config{
		Origins:         "http://localhost",
		ValidateHeaders: true,
		Credentials:     false,
		RequestHeaders:  "Authorization, Content-Type, Accept",
		ExposedHeaders:  "Authorization",
		Methods:         "GET, POST",
		MaxAge:          1 * time.Minute,
	}))
	router.ServeHTTP(w, req)

	if w.Header().Get(AllowOriginKey) != "http://localhost" {
		t.Fatal("Improper Origin is set.")
	}
}