Skip to main content
aboutsummaryrefslogtreecommitdiffstats
path: root/jetty-servlets/src/test/java/org/eclipse/jetty/servlets/CrossOriginFilterTest.java
diff options
context:
space:
mode:
Diffstat (limited to 'jetty-servlets/src/test/java/org/eclipse/jetty/servlets/CrossOriginFilterTest.java')
-rw-r--r--jetty-servlets/src/test/java/org/eclipse/jetty/servlets/CrossOriginFilterTest.java60
1 files changed, 58 insertions, 2 deletions
diff --git a/jetty-servlets/src/test/java/org/eclipse/jetty/servlets/CrossOriginFilterTest.java b/jetty-servlets/src/test/java/org/eclipse/jetty/servlets/CrossOriginFilterTest.java
index f607a98a32..85e45b3545 100644
--- a/jetty-servlets/src/test/java/org/eclipse/jetty/servlets/CrossOriginFilterTest.java
+++ b/jetty-servlets/src/test/java/org/eclipse/jetty/servlets/CrossOriginFilterTest.java
@@ -173,7 +173,7 @@ public class CrossOriginFilterTest
}
@Test
- public void testSimpleRequestWithMatchingOrigin() throws Exception
+ public void testSimpleRequestWithMatchingOriginAndWithoutTimingOrigin() throws Exception
{
FilterHolder filterHolder = new FilterHolder(new CrossOriginFilter());
String origin = "http://localhost";
@@ -193,11 +193,67 @@ public class CrossOriginFilterTest
Assert.assertTrue(response.contains("HTTP/1.1 200"));
Assert.assertTrue(response.contains(CrossOriginFilter.ACCESS_CONTROL_ALLOW_ORIGIN_HEADER));
Assert.assertTrue(response.contains(CrossOriginFilter.ACCESS_CONTROL_ALLOW_CREDENTIALS_HEADER));
+ Assert.assertFalse(response.contains(CrossOriginFilter.TIMING_ALLOW_ORIGIN_HEADER));
Assert.assertTrue(response.contains("Vary"));
Assert.assertTrue(latch.await(1, TimeUnit.SECONDS));
}
@Test
+ public void testSimpleRequestWithMatchingOriginAndNonMatchingTimingOrigin() throws Exception
+ {
+ FilterHolder filterHolder = new FilterHolder(new CrossOriginFilter());
+ String origin = "http://localhost";
+ String timingOrigin = "http://127.0.0.1";
+ filterHolder.setInitParameter(CrossOriginFilter.ALLOWED_ORIGINS_PARAM, origin);
+ filterHolder.setInitParameter(CrossOriginFilter.ALLOWED_TIMING_ORIGINS_PARAM, timingOrigin);
+ tester.getContext().addFilter(filterHolder, "/*", EnumSet.of(DispatcherType.REQUEST));
+
+ CountDownLatch latch = new CountDownLatch(1);
+ tester.getContext().addServlet(new ServletHolder(new ResourceServlet(latch)), "/*");
+
+ String request = "" +
+ "GET / HTTP/1.1\r\n" +
+ "Host: localhost\r\n" +
+ "Connection: close\r\n" +
+ "Origin: " + origin + "\r\n" +
+ "\r\n";
+ String response = tester.getResponses(request);
+ Assert.assertTrue(response.contains("HTTP/1.1 200"));
+ Assert.assertTrue(response.contains(CrossOriginFilter.ACCESS_CONTROL_ALLOW_ORIGIN_HEADER));
+ Assert.assertTrue(response.contains(CrossOriginFilter.ACCESS_CONTROL_ALLOW_CREDENTIALS_HEADER));
+ Assert.assertFalse(response.contains(CrossOriginFilter.TIMING_ALLOW_ORIGIN_HEADER));
+ Assert.assertTrue(response.contains("Vary"));
+ Assert.assertTrue(latch.await(1, TimeUnit.SECONDS));
+ }
+
+ @Test
+ public void testSimpleRequestWithMatchingOriginAndMatchingTimingOrigin() throws Exception
+ {
+ FilterHolder filterHolder = new FilterHolder(new CrossOriginFilter());
+ String origin = "http://localhost";
+ filterHolder.setInitParameter(CrossOriginFilter.ALLOWED_ORIGINS_PARAM, origin);
+ filterHolder.setInitParameter(CrossOriginFilter.ALLOWED_TIMING_ORIGINS_PARAM, origin);
+ tester.getContext().addFilter(filterHolder, "/*", EnumSet.of(DispatcherType.REQUEST));
+
+ CountDownLatch latch = new CountDownLatch(1);
+ tester.getContext().addServlet(new ServletHolder(new ResourceServlet(latch)), "/*");
+
+ String request = "" +
+ "GET / HTTP/1.1\r\n" +
+ "Host: localhost\r\n" +
+ "Connection: close\r\n" +
+ "Origin: " + origin + "\r\n" +
+ "\r\n";
+ String response = tester.getResponses(request);
+ Assert.assertTrue(response.contains("HTTP/1.1 200"));
+ Assert.assertTrue(response.contains(CrossOriginFilter.ACCESS_CONTROL_ALLOW_ORIGIN_HEADER));
+ Assert.assertTrue(response.contains(CrossOriginFilter.ACCESS_CONTROL_ALLOW_CREDENTIALS_HEADER));
+ Assert.assertTrue(response.contains(CrossOriginFilter.TIMING_ALLOW_ORIGIN_HEADER));
+ Assert.assertTrue(response.contains("Vary"));
+ Assert.assertTrue(latch.await(1, TimeUnit.SECONDS));
+ }
+
+ @Test
public void testSimpleRequestWithMatchingMultipleOrigins() throws Exception
{
FilterHolder filterHolder = new FilterHolder(new CrossOriginFilter());
@@ -455,7 +511,7 @@ public class CrossOriginFilterTest
"Upgrade: WebSocket\r\n" +
"Origin: http://localhost\r\n" +
"\r\n";
- String response = tester.getResponses(request);
+ String response = tester.getResponses(request,1,TimeUnit.SECONDS);
Assert.assertTrue(response.contains("HTTP/1.1 200"));
Assert.assertFalse(response.contains(CrossOriginFilter.ACCESS_CONTROL_ALLOW_ORIGIN_HEADER));
Assert.assertFalse(response.contains(CrossOriginFilter.ACCESS_CONTROL_ALLOW_CREDENTIALS_HEADER));

Back to the top