def test_allow_credentials_setup_valid(): p = Policy( name='policy1', allow_credentials=True, allow_origin=[OriginRule(rule='website.com')], ) assert p
def test_preflight_headers_disallow_credentials_no_request(): policy = Policy( name='policy1', allow_credentials=True, allow_origin=[OriginRule(rule='http://website.com')], ) rv = policy.preflight_response_headers('http://website.com') assert Policy.ACCESS_CONTROL_ALLOW_CREDENTIALS not in rv
def test_preflight_headers_no_max_age(): policy = Policy(name='policy1') rv = policy.preflight_response_headers('http://website.com') assert Policy.ACCESS_CONTROL_MAX_AGE not in rv def test_preflight_headers_max_age(): max_age = 60 * 60 policy = Policy(name='policy1', max_age=max_age) rv = policy.preflight_response_headers('http://website.com') assert rv[Policy.ACCESS_CONTROL_MAX_AGE] == max_age @pytest.mark.parametrize('rule', [ OriginRule(rule='http://my.website.com'), OriginRule(rule='http://??.website.com', kind=RuleKind.PATH), OriginRule(rule=r'^http://\S{2}\.website\.com$', kind=RuleKind.REGEX) ], ids=['str', 'path', 'regex']) def test_preflight_headers_allow_credentials(rule): policy = Policy(name='policy1', allow_credentials=True, allow_origin=[rule]) rv = policy.preflight_response_headers('http://my.website.com', request_credentials=True) assert rv[Policy.ACCESS_CONTROL_ALLOW_CREDENTIALS] == 'true' def test_preflight_headers_disallow_credentials_no_request(): policy = Policy(
def test_regex_disallow_singlechar(test): domain = 'website.com' r = OriginRule(rule=r'^test\S\.website\.com$', kind=RuleKind.REGEX) req_allow = f'{test}.{domain}' assert r.allow_origin(req_allow) is None
def test_null_str_allowed(): r = OriginRule(rule='null', kind=RuleKind.STR) req_allow = 'null' assert r.allow_origin(req_allow) == req_allow
def test_path_allow_range_incl(test): domain = 'website.com' r = OriginRule(rule=f'http://test[1y].{domain}', kind=RuleKind.PATH) req_allow = f'http://{test}.{domain}' assert r.allow_origin(req_allow) == req_allow
def test_path_disallow_range_excl(test): domain = 'website.com' r = OriginRule(rule=f'http://test[!1y].{domain}', kind=RuleKind.PATH) req_allow = f'{test}.{domain}' assert r.allow_origin(req_allow) is None
def test_path_disallow_singlechar(test): domain = 'website.com' r = OriginRule(rule=f'http://test?.{domain}', kind=RuleKind.PATH) req_allow = f'http://{test}.{domain}' assert r.allow_origin(req_allow) is None
def test_default_create(): r = OriginRule(rule='*') assert r.kind == RuleKind.STR
def test_invalid_path_rule_open_ended(rule): with pytest.raises(InsecureRule, match='open ended') as e: OriginRule(rule=rule, kind=RuleKind.PATH) assert e.value.rule == rule
def test_path_disallow_star(test): r = OriginRule(rule='http://*.website.com', kind=RuleKind.PATH) assert r.allow_origin(test) is None
def test_invalid_regex_rule_too_broad(rule): with pytest.raises(InsecureRule, match='too broad') as e: OriginRule(rule=rule, kind=RuleKind.REGEX) assert e.value.rule == rule
def test_invalid_regex_rule_partial_regex(rule): with pytest.raises(InsecureRule, match='partial match regex') as e: OriginRule(rule=rule, kind=RuleKind.REGEX) assert e.value.rule == rule
def test_str(allow): r = OriginRule(rule=allow) assert r.allow_origin('dummy.net') == r.rule
def test_null_regex_not_allowed(): r = OriginRule(rule='^null$', kind=RuleKind.REGEX) req_allow = 'null' assert r.allow_origin(req_allow) is None
def test_null_path_not_allowed(): r = OriginRule(rule='null', kind=RuleKind.PATH) req_allow = 'null' assert r.allow_origin(req_allow) is None