UNPKG

@furystack/rest-service

Version:

Repository implementation for FuryStack

github.com/furystack/furystack

furystack/furystack

97 lines 4.12 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
import { describe, expect, it, vi } from 'vitest'; import { addCorsHeaders } from './add-cors-header.js'; describe('AddCorsHeaders', () => { it('Should NOT add headers for non-cross-site requests', () => { const req = { headers: { origin: 'http://localhost/', host: 'http://localhost' }, }; const resp = { setHeader: vi.fn(), }; addCorsHeaders({ origins: ['https://google.com'], credentials: true, headers: ['my-custom-header', 'header-2'], }, req, resp); expect(resp.setHeader).not.toBeCalled(); }); it('Should NOT add headers for not-enabled hosts', () => { const req = { headers: { origin: 'http://localhost/', host: 'http://google.com' }, }; const resp = { setHeader: vi.fn(), }; addCorsHeaders({ origins: ['https://github.com'], credentials: true, headers: ['my-custom-header', 'header-2'], }, req, resp); expect(resp.setHeader).not.toBeCalled(); }); it('Should add allow-origin header for enabled hosts', () => { const req = { headers: { origin: 'http://localhost/', host: 'http://github.com' }, }; const resp = { setHeader: vi.fn(), }; addCorsHeaders({ origins: ['http://localhost/'], }, req, resp); expect(resp.setHeader).toBeCalledTimes(1); expect(resp.setHeader).toBeCalledWith('Access-Control-Allow-Origin', 'http://localhost/'); }); it('Should add allow-credentials header if enabled', () => { const req = { headers: { origin: 'http://localhost/', host: 'http://github.com' }, }; const resp = { setHeader: vi.fn(), }; addCorsHeaders({ origins: ['http://localhost/'], credentials: true, // headers: ['my-custom-header', 'header-2'], // methods: ['DELETE', 'GET', 'POST', 'PUT', 'PATCH'], }, req, resp); expect(resp.setHeader).toBeCalledTimes(2); expect(resp.setHeader).toBeCalledWith('Access-Control-Allow-Origin', 'http://localhost/'); expect(resp.setHeader).toBeCalledWith('Access-Control-Allow-Credentials', 'true'); // expect(resp.setHeader).toBeCalledWith('Access-Control-Allow-Headers', 'my-custom-header, header-2') // expect(resp.setHeader).toBeCalledWith('Access-Control-Allow-Methods', 'DELETE, GET, POST, PUT, PATCH') }); it('Should add allow-headers header if enabled', () => { const req = { headers: { origin: 'http://localhost/', host: 'http://github.com' }, }; const resp = { setHeader: vi.fn(), }; addCorsHeaders({ origins: ['http://localhost/'], headers: ['my-custom-header', 'header-2'], // methods: ['DELETE', 'GET', 'POST', 'PUT', 'PATCH'], }, req, resp); expect(resp.setHeader).toBeCalledTimes(2); expect(resp.setHeader).toBeCalledWith('Access-Control-Allow-Origin', 'http://localhost/'); expect(resp.setHeader).toBeCalledWith('Access-Control-Allow-Headers', 'my-custom-header, header-2'); // expect(resp.setHeader).toBeCalledWith('Access-Control-Allow-Methods', 'DELETE, GET, POST, PUT, PATCH') }); it('Should add allow-methods header if enabled', () => { const req = { headers: { origin: 'http://localhost/', host: 'http://github.com' }, }; const resp = { setHeader: vi.fn(), }; addCorsHeaders({ origins: ['http://localhost/'], methods: ['DELETE', 'GET', 'POST', 'PUT', 'PATCH'], }, req, resp); expect(resp.setHeader).toBeCalledTimes(2); expect(resp.setHeader).toBeCalledWith('Access-Control-Allow-Origin', 'http://localhost/'); expect(resp.setHeader).toBeCalledWith('Access-Control-Allow-Methods', 'DELETE, GET, POST, PUT, PATCH'); }); }); //# sourceMappingURL=add-cors-header.spec.js.map