def test_cors_xml_with_random_element_order(self): """CORS configuration should allow elements in rule in no particular order""" test_xml = """ <CORSConfiguration> <CORSRule> <AllowedHeader>Authorization</AllowedHeader> <AllowedMethod>GET</AllowedMethod> <MaxAgeSeconds>3000</MaxAgeSeconds> <AllowedOrigin>*</AllowedOrigin> </CORSRule> </CORSConfiguration> """ valid, error = validate_xml(test_xml, CORS_XML_RELAXNG_SCHEMA) self.assertEqual(valid, True) self.assertEqual(error, None)
def test_cors_xml_with_namespace(self): test_xml = """ <CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <CORSRule> <AllowedOrigin>*</AllowedOrigin> <AllowedMethod>GET</AllowedMethod> <MaxAgeSeconds>3000</MaxAgeSeconds> <AllowedHeader>Authorization</AllowedHeader> </CORSRule> </CORSConfiguration> """ test_xml = remove_namespace(test_xml) valid, error = validate_xml(test_xml, CORS_XML_RELAXNG_SCHEMA) self.assertEqual(valid, True) self.assertEqual(error, None)
def test_cors_xml_with_missing_allowed_origin_element(self): """CORS configuration requires an AllowedOrigin element""" test_xml = """ <CORSConfiguration> <CORSRule> <AllowedMethod>GET</AllowedMethod> <MaxAgeSeconds>3000</MaxAgeSeconds> <AllowedHeader>Authorization</AllowedHeader> </CORSRule> </CORSConfiguration> """ valid, error = validate_xml(test_xml, CORS_XML_RELAXNG_SCHEMA) expected_error = u'Expecting an element AllowedOrigin, got nothing, line 2' self.assertEqual(valid, False) self.assertEqual(error.message, expected_error)
def test_cors_xml_with_negative_integer_max_age_value(self): """CORS configuration requires the MaxAgeSeconds value to be a non-negative integer""" test_xml = """ <CORSConfiguration> <CORSRule> <AllowedOrigin>*</AllowedOrigin> <AllowedMethod>GET</AllowedMethod> <MaxAgeSeconds>-3000</MaxAgeSeconds> </CORSRule> </CORSConfiguration> """ valid, error = validate_xml(test_xml, CORS_XML_RELAXNG_SCHEMA) expected_error = u"Type nonNegativeInteger doesn't allow value '-3000', line 5" self.assertEqual(valid, False) self.assertEqual(error.message, expected_error)
def test_cors_xml_with_multiple_max_age_elements(self): """CORS configuration should not contain multiple MaxAgeSeconds elements per rule""" test_xml = """ <CORSConfiguration> <CORSRule> <AllowedOrigin>*</AllowedOrigin> <AllowedMethod>GET</AllowedMethod> <MaxAgeSeconds>3000</MaxAgeSeconds> <MaxAgeSeconds>6000</MaxAgeSeconds> <AllowedHeader>Authorization</AllowedHeader> </CORSRule> </CORSConfiguration> """ valid, error = validate_xml(test_xml, CORS_XML_RELAXNG_SCHEMA) expected_error = u'Extra element MaxAgeSeconds in interleave' self.assertEqual(error.message, expected_error)
def test_cors_xml_with_multiple_allowed_method_elements(self): """CORS configuration should allow multiple AllowedMethod elements in a rule""" test_xml = """ <CORSConfiguration> <CORSRule> <AllowedOrigin>*</AllowedOrigin> <AllowedMethod>GET</AllowedMethod> <AllowedMethod>POST</AllowedMethod> <MaxAgeSeconds>3000</MaxAgeSeconds> <AllowedHeader>Authorization</AllowedHeader> </CORSRule> </CORSConfiguration> """ valid, error = validate_xml(test_xml, CORS_XML_RELAXNG_SCHEMA) self.assertEqual(valid, True) self.assertEqual(error, None)
def test_malformed_cors_xml(self): """CORS configuration validation should surface malformed XML errors""" test_xml = """ <CORSConfiguration> <CORSRule> <AllowedOrigin>*</AllowedOrigin> <AllowedMethod>GET</AllowedMethod> <MaxAgeSeconds>3000</MaxAgeSeconds> <AllowedHeader>Authorization</AllowedHeader> </CORSRule> </CORSConfiguration """ test_xml = remove_namespace(test_xml) valid, error = validate_xml(test_xml, CORS_XML_RELAXNG_SCHEMA) self.assertEqual(valid, False) self.assertEqual(isinstance(error, etree.XMLSyntaxError), True)
def test_cors_xml_with_multiple_rules(self): """CORS configuration should allow multiple CORSRule elements""" test_xml = """ <CORSConfiguration> <CORSRule> <AllowedOrigin>http://example1.com</AllowedOrigin> <AllowedMethod>GET</AllowedMethod> <MaxAgeSeconds>3000</MaxAgeSeconds> </CORSRule> <CORSRule> <AllowedOrigin>http://example2.com</AllowedOrigin> <AllowedMethod>GET</AllowedMethod> <MaxAgeSeconds>3000</MaxAgeSeconds> </CORSRule> </CORSConfiguration> """ valid, error = validate_xml(test_xml, CORS_XML_RELAXNG_SCHEMA) self.assertEqual(valid, True) self.assertEqual(error, None)
def test_cors_xml_with_optional_id_element(self): """CORS configuration should allow an optional ID element per CORS rule""" test_xml = """ <CORSConfiguration> <CORSRule> <ID>my-first-rule</ID> <AllowedOrigin>http://example1.com</AllowedOrigin> <AllowedMethod>GET</AllowedMethod> <MaxAgeSeconds>3000</MaxAgeSeconds> </CORSRule> <CORSRule> <ID>my-second-rule</ID> <AllowedOrigin>http://example2.com</AllowedOrigin> <AllowedMethod>GET</AllowedMethod> <MaxAgeSeconds>3000</MaxAgeSeconds> </CORSRule> </CORSConfiguration> """ valid, error = validate_xml(test_xml, CORS_XML_RELAXNG_SCHEMA) self.assertEqual(valid, True) self.assertEqual(error, None)
def test_sample_cors_xml_with_relaxng_schema(self): """The sample CORS configuration provided to the UI should be valid""" valid, error = validate_xml(SAMPLE_CORS_CONFIGURATION, CORS_XML_RELAXNG_SCHEMA) self.assertEqual(valid, True) self.assertEqual(error, None)