zydronium/internetee-registry
1
0
Fork 0
mirror of https://github.com/internetee/registry.git synced 2025-06-10 22:54:47 +02:00
Code Issues Projects Releases Packages Wiki Activity

Add handling of OPTIONS request to /api namespace

Browse source 
* It allows access from anywhere via wildcard origin
* It sets the timeout to an hour
* It allows all standard HTTP verbs + OPTIONS
This commit is contained in:
Maciej Szlosarczyk 2018-10-16 09:32:49 +03:00
parent c148c7e0c0
commit 58c928226d
No known key found for this signature in database
GPG key ID: 41D62D42D3B0D765
4 changed files with 51 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

21
test/integration/api/registrant/registrant_api_cors_headers_test.rb Normal file
View file

@ -0,0 +1,21 @@
require 'test_helper'
class RegistrantApiCorsHeadersTest < ApplicationIntegrationTest
def test_returns_200_response_code_for_options_request
options '/api/v1/registrant/auth/eid', {}
assert_equal('200', response.code)
end
def test_returns_expected_headers_for_options_requests
options '/api/v1/registrant/auth/eid', {}, { 'Origin' => 'https://example.com' }
assert_equal('*', response.headers['Access-Control-Allow-Origin'])
assert_equal('POST, GET, PUT, PATCH, DELETE, OPTIONS',
response.headers['Access-Control-Allow-Methods'])
assert_equal('Origin, Content-Type, Accept, Authorization, Token, Auth-Token, Email, ' \
'X-User-Token, X-User-Email',
response.headers['Access-Control-Allow-Headers'])
assert_equal('3600', response.headers['Access-Control-Max-Age'])
end
end