def test_allow_credential_wildcard(self, make_cors_client):
client = make_cors_client(falcon.CORSMiddleware(allow_credentials='*'))
client.app.add_route('/', CORSHeaderResource())
res = client.simulate_get(headers={'Origin': 'localhost'})
assert res.headers['Access-Control-Allow-Origin'] == 'localhost'
assert res.headers['Access-Control-Allow-Credentials'] == 'true'
def test_allow_credential_existing_origin(self, make_cors_client):
client = make_cors_client(falcon.CORSMiddleware(allow_credentials='*'))
client.app.add_route('/', CORSHeaderResource())
res = client.simulate_delete(headers={'Origin': 'something'})
assert res.headers['Access-Control-Allow-Origin'] == 'example.com'
h = dict(res.headers.lower_items()).keys()
assert 'Access-Control-Allow-Credentials'.lower() not in h
def test_expose_headers(self, make_cors_client, attr, exp):
client = make_cors_client(
falcon.CORSMiddleware(expose_headers=attr, allow_credentials=None))
client.app.add_route('/', CORSHeaderResource())
res = client.simulate_get(headers={'Origin': 'something'})
assert res.headers['Access-Control-Allow-Origin'] == '*'
assert res.headers['Access-Control-Expose-Headers'] == exp
h = dict(res.headers.lower_items()).keys()
assert 'Access-Control-Allow-Credentials'.lower() not in h
def create_app(
is_dev_mode: bool,
allow_origins: Union[str, Tuple[str, ...]],
task: services.TaskService,
) -> App:
if is_dev_mode:
cors_middleware = falcon.CORSMiddleware(allow_origins='*')
else:
cors_middleware = falcon.CORSMiddleware(allow_origins=allow_origins)
middleware = [cors_middleware]
app = App(middleware=middleware, prefix='/api')
app.register(
controller=controllers.TaskController(task=task),
url='',
)
return app
def test_allow_origin_allow_credential(self, make_cors_client):
client = make_cors_client(
falcon.CORSMiddleware(allow_origins='test', allow_credentials='*'))
client.app.add_route('/', CORSHeaderResource())
for origin in ['foo', 'TEST']:
res = client.simulate_get(headers={'Origin': origin})
h = dict(res.headers.lower_items()).keys()
assert 'Access-Control-Allow-Origin'.lower() not in h
assert 'Access-Control-Allow-Credentials'.lower() not in h
assert 'Access-Control-Expose-Headers'.lower() not in h
res = client.simulate_get(headers={'Origin': 'test'})
assert res.headers['Access-Control-Allow-Origin'] == 'test'
assert res.headers['Access-Control-Allow-Credentials'] == 'true'
h = dict(res.headers.lower_items()).keys()
assert 'Access-Control-Expose-Headers'.lower() not in h
def test_allow_credential_list_or_str(self, make_cors_client, allow, successOrigin):
client = make_cors_client(falcon.CORSMiddleware(allow_credentials=allow))
client.app.add_route('/', CORSHeaderResource())
for origin in ('foo, bar', 'foobar', 'foo,bar', 'Foo', 'BAR'):
res = client.simulate_get(headers={'Origin': origin})
assert res.headers['Access-Control-Allow-Origin'] == '*'
h = dict(res.headers.lower_items()).keys()
assert 'Access-Control-Allow-Credentials'.lower() not in h
assert 'Access-Control-Expose-Headers'.lower() not in h
for origin in successOrigin:
res = client.simulate_get(headers={'Origin': origin})
assert res.headers['Access-Control-Allow-Origin'] == origin
assert res.headers['Access-Control-Allow-Credentials'] == 'true'
h = dict(res.headers.lower_items()).keys()
assert 'Access-Control-Expose-Headers'.lower() not in h
def test_allow_origin(self, make_cors_client, allow, fail_origins, success_origins):
client = make_cors_client(falcon.CORSMiddleware(allow_origins=allow))
client.app.add_route('/', CORSHeaderResource())
for origin in fail_origins:
h = {'Origin': origin} if origin is not None else {}
res = client.simulate_get(headers=h)
h = dict(res.headers.lower_items()).keys()
assert 'Access-Control-Allow-Origin'.lower() not in h
assert 'Access-Control-Allow-Credentials'.lower() not in h
assert 'Access-Control-Expose-Headers'.lower() not in h
for origin in success_origins:
res = client.simulate_get(headers={'Origin': origin})
assert res.headers['Access-Control-Allow-Origin'] == '*' if allow == '*' else origin
h = dict(res.headers.lower_items()).keys()
assert 'Access-Control-Allow-Credentials'.lower() not in h
assert 'Access-Control-Expose-Headers'.lower() not in h
def test_raises(self):
with pytest.raises(ValueError, match='passed to allow_origins'):
falcon.CORSMiddleware(allow_origins=['*'])
with pytest.raises(ValueError, match='passed to allow_credentials'):
falcon.CORSMiddleware(allow_credentials=['*'])
import falcon
from json import dumps
from src import WeirdText
class EncodeText:
def on_post(self, req, resp):
result = req.media
encoded_text, original_words = WeirdText.encode(result["text"])
resp.text = dumps({
"encoded_text": encoded_text,
"original_words": original_words
})
class DecodeText:
def on_post(self, req, resp):
result = req.media
decoded_text = WeirdText.decode(result["text"],
result["original_words"])
resp.text = dumps({"decoded_text": decoded_text})
app = falcon.App(middleware=falcon.CORSMiddleware(
allow_origins='https://gracious-mcclintock-76e52c.netlify.app',
allow_credentials='*'))
app.add_route('/v1/encode', EncodeText())
app.add_route('/v1/decode', DecodeText())
json_handler = falcon.media.JSONHandler(
loads=ujson.loads, dumps=partial(ujson.dumps, ensure_ascii=False)
)
extra_handlers = {
"application/json": json_handler,
}
app = falcon.App(cors_enable=True)
app.req_options.media_handlers.update(extra_handlers)
app.resp_options.media_handlers.update(extra_handlers)
app.req_options.auto_parse_form_urlencoded = True
app = falcon.App(
middleware=falcon.CORSMiddleware(
allow_origins=_utils.ALLOWED_ORIGINS, allow_credentials=_utils.ALLOWED_ORIGINS
)
)
infer_api = Infer()
res_api = Res()
metrics_api = Metrics()
meta_api = Meta()
health_api = Health()
app.add_route("/infer", infer_api)
app.add_route("/result", res_api)
app.add_route("/metrics", metrics_api)
app.add_route("/meta", meta_api)
app.add_route("/health", health_api)
