diff options
Diffstat (limited to 'jetty-servlets/src/test/java/org/eclipse/jetty/servlets/CrossOriginFilterTest.java')
-rw-r--r-- | jetty-servlets/src/test/java/org/eclipse/jetty/servlets/CrossOriginFilterTest.java | 60 |
1 files changed, 58 insertions, 2 deletions
diff --git a/jetty-servlets/src/test/java/org/eclipse/jetty/servlets/CrossOriginFilterTest.java b/jetty-servlets/src/test/java/org/eclipse/jetty/servlets/CrossOriginFilterTest.java index f607a98a32..85e45b3545 100644 --- a/jetty-servlets/src/test/java/org/eclipse/jetty/servlets/CrossOriginFilterTest.java +++ b/jetty-servlets/src/test/java/org/eclipse/jetty/servlets/CrossOriginFilterTest.java @@ -173,7 +173,7 @@ public class CrossOriginFilterTest } @Test - public void testSimpleRequestWithMatchingOrigin() throws Exception + public void testSimpleRequestWithMatchingOriginAndWithoutTimingOrigin() throws Exception { FilterHolder filterHolder = new FilterHolder(new CrossOriginFilter()); String origin = "http://localhost"; @@ -193,11 +193,67 @@ public class CrossOriginFilterTest Assert.assertTrue(response.contains("HTTP/1.1 200")); Assert.assertTrue(response.contains(CrossOriginFilter.ACCESS_CONTROL_ALLOW_ORIGIN_HEADER)); Assert.assertTrue(response.contains(CrossOriginFilter.ACCESS_CONTROL_ALLOW_CREDENTIALS_HEADER)); + Assert.assertFalse(response.contains(CrossOriginFilter.TIMING_ALLOW_ORIGIN_HEADER)); Assert.assertTrue(response.contains("Vary")); Assert.assertTrue(latch.await(1, TimeUnit.SECONDS)); } @Test + public void testSimpleRequestWithMatchingOriginAndNonMatchingTimingOrigin() throws Exception + { + FilterHolder filterHolder = new FilterHolder(new CrossOriginFilter()); + String origin = "http://localhost"; + String timingOrigin = "http://127.0.0.1"; + filterHolder.setInitParameter(CrossOriginFilter.ALLOWED_ORIGINS_PARAM, origin); + filterHolder.setInitParameter(CrossOriginFilter.ALLOWED_TIMING_ORIGINS_PARAM, timingOrigin); + tester.getContext().addFilter(filterHolder, "/*", EnumSet.of(DispatcherType.REQUEST)); + + CountDownLatch latch = new CountDownLatch(1); + tester.getContext().addServlet(new ServletHolder(new ResourceServlet(latch)), "/*"); + + String request = "" + + "GET / HTTP/1.1\r\n" + + "Host: localhost\r\n" + + "Connection: close\r\n" + + "Origin: " + origin + "\r\n" + + "\r\n"; + String response = tester.getResponses(request); + Assert.assertTrue(response.contains("HTTP/1.1 200")); + Assert.assertTrue(response.contains(CrossOriginFilter.ACCESS_CONTROL_ALLOW_ORIGIN_HEADER)); + Assert.assertTrue(response.contains(CrossOriginFilter.ACCESS_CONTROL_ALLOW_CREDENTIALS_HEADER)); + Assert.assertFalse(response.contains(CrossOriginFilter.TIMING_ALLOW_ORIGIN_HEADER)); + Assert.assertTrue(response.contains("Vary")); + Assert.assertTrue(latch.await(1, TimeUnit.SECONDS)); + } + + @Test + public void testSimpleRequestWithMatchingOriginAndMatchingTimingOrigin() throws Exception + { + FilterHolder filterHolder = new FilterHolder(new CrossOriginFilter()); + String origin = "http://localhost"; + filterHolder.setInitParameter(CrossOriginFilter.ALLOWED_ORIGINS_PARAM, origin); + filterHolder.setInitParameter(CrossOriginFilter.ALLOWED_TIMING_ORIGINS_PARAM, origin); + tester.getContext().addFilter(filterHolder, "/*", EnumSet.of(DispatcherType.REQUEST)); + + CountDownLatch latch = new CountDownLatch(1); + tester.getContext().addServlet(new ServletHolder(new ResourceServlet(latch)), "/*"); + + String request = "" + + "GET / HTTP/1.1\r\n" + + "Host: localhost\r\n" + + "Connection: close\r\n" + + "Origin: " + origin + "\r\n" + + "\r\n"; + String response = tester.getResponses(request); + Assert.assertTrue(response.contains("HTTP/1.1 200")); + Assert.assertTrue(response.contains(CrossOriginFilter.ACCESS_CONTROL_ALLOW_ORIGIN_HEADER)); + Assert.assertTrue(response.contains(CrossOriginFilter.ACCESS_CONTROL_ALLOW_CREDENTIALS_HEADER)); + Assert.assertTrue(response.contains(CrossOriginFilter.TIMING_ALLOW_ORIGIN_HEADER)); + Assert.assertTrue(response.contains("Vary")); + Assert.assertTrue(latch.await(1, TimeUnit.SECONDS)); + } + + @Test public void testSimpleRequestWithMatchingMultipleOrigins() throws Exception { FilterHolder filterHolder = new FilterHolder(new CrossOriginFilter()); @@ -455,7 +511,7 @@ public class CrossOriginFilterTest "Upgrade: WebSocket\r\n" + "Origin: http://localhost\r\n" + "\r\n"; - String response = tester.getResponses(request); + String response = tester.getResponses(request,1,TimeUnit.SECONDS); Assert.assertTrue(response.contains("HTTP/1.1 200")); Assert.assertFalse(response.contains(CrossOriginFilter.ACCESS_CONTROL_ALLOW_ORIGIN_HEADER)); Assert.assertFalse(response.contains(CrossOriginFilter.ACCESS_CONTROL_ALLOW_CREDENTIALS_HEADER)); |