2016-07-19 11:19:05 -05:00
|
|
|
<?php
|
|
|
|
namespace ShlinkioTest\Shlink\Rest\Middleware;
|
|
|
|
|
|
|
|
use PHPUnit_Framework_TestCase as TestCase;
|
|
|
|
use Shlinkio\Shlink\Rest\Middleware\CrossDomainMiddleware;
|
|
|
|
use Zend\Diactoros\Response;
|
|
|
|
use Zend\Diactoros\ServerRequestFactory;
|
|
|
|
|
|
|
|
class CrossDomainMiddlewareTest extends TestCase
|
|
|
|
{
|
|
|
|
/**
|
|
|
|
* @var CrossDomainMiddleware
|
|
|
|
*/
|
|
|
|
protected $middleware;
|
|
|
|
|
|
|
|
public function setUp()
|
|
|
|
{
|
|
|
|
$this->middleware = new CrossDomainMiddleware();
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
2016-07-19 13:20:18 -05:00
|
|
|
public function nonCrossDomainRequestsAreNotAffected()
|
2016-07-19 11:19:05 -05:00
|
|
|
{
|
2016-07-19 13:20:18 -05:00
|
|
|
$originalResponse = new Response();
|
2016-07-19 11:19:05 -05:00
|
|
|
$response = $this->middleware->__invoke(
|
|
|
|
ServerRequestFactory::fromGlobals(),
|
2016-07-19 13:20:18 -05:00
|
|
|
$originalResponse,
|
|
|
|
function ($req, $resp) {
|
|
|
|
return $resp;
|
|
|
|
}
|
|
|
|
);
|
|
|
|
$this->assertSame($originalResponse, $response);
|
|
|
|
|
|
|
|
$headers = $response->getHeaders();
|
|
|
|
$this->assertArrayNotHasKey('Access-Control-Allow-Origin', $headers);
|
|
|
|
$this->assertArrayNotHasKey('Access-Control-Allow-Headers', $headers);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
|
|
|
public function anyRequestIncludesTheAllowAccessHeader()
|
|
|
|
{
|
|
|
|
$originalResponse = new Response();
|
|
|
|
$response = $this->middleware->__invoke(
|
|
|
|
ServerRequestFactory::fromGlobals()->withHeader('Origin', 'local'),
|
|
|
|
$originalResponse,
|
2016-07-19 11:19:05 -05:00
|
|
|
function ($req, $resp) {
|
|
|
|
return $resp;
|
|
|
|
}
|
|
|
|
);
|
2016-07-19 13:20:18 -05:00
|
|
|
$this->assertNotSame($originalResponse, $response);
|
2016-07-19 11:19:05 -05:00
|
|
|
|
|
|
|
$headers = $response->getHeaders();
|
|
|
|
$this->assertArrayHasKey('Access-Control-Allow-Origin', $headers);
|
|
|
|
$this->assertArrayNotHasKey('Access-Control-Allow-Headers', $headers);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @test
|
|
|
|
*/
|
|
|
|
public function optionsRequestIncludesMoreHeaders()
|
|
|
|
{
|
2016-07-19 13:20:18 -05:00
|
|
|
$originalResponse = new Response();
|
|
|
|
$request = ServerRequestFactory::fromGlobals(['REQUEST_METHOD' => 'OPTIONS'])->withHeader('Origin', 'local');
|
2016-07-19 11:19:05 -05:00
|
|
|
|
2016-07-19 13:20:18 -05:00
|
|
|
$response = $this->middleware->__invoke($request, $originalResponse, function ($req, $resp) {
|
2016-07-19 11:19:05 -05:00
|
|
|
return $resp;
|
|
|
|
});
|
2016-07-19 13:20:18 -05:00
|
|
|
$this->assertNotSame($originalResponse, $response);
|
2016-07-19 11:19:05 -05:00
|
|
|
|
|
|
|
$headers = $response->getHeaders();
|
|
|
|
$this->assertArrayHasKey('Access-Control-Allow-Origin', $headers);
|
|
|
|
$this->assertArrayHasKey('Access-Control-Allow-Headers', $headers);
|
|
|
|
}
|
|
|
|
}
|