def test_response_access_control() -> None:
updated = False
def on_update(_: HeaderSet) -> None:
nonlocal updated
updated = True
access_control = ResponseAccessControl.from_headers(
'true',
'Cookie, X-Special',
'GET, POST',
'*',
'Set-Cookie',
'5',
on_update,
)
assert access_control.allow_credentials
assert access_control.allow_headers == {'Cookie', 'X-Special'}
assert access_control.allow_methods == {'GET', 'POST'}
assert access_control.allow_origin == {'*'}
assert access_control.expose_headers == {'Set-Cookie'}
assert access_control.max_age == 5
access_control.allow_methods.add('DELETE')
access_control.allow_origin = HeaderSet(['https://quart.com'])
assert updated
assert access_control.allow_methods == {'GET', 'POST', 'DELETE'}
assert access_control.allow_origin == {'https://quart.com'}
def test_response_access_control() -> None:
updated = False
def on_update(_: HeaderSet) -> None:
nonlocal updated
updated = True
access_control = ResponseAccessControl.from_headers(
"true", "Cookie, X-Special", "GET, POST", "*", "Set-Cookie", "5",
on_update)
assert access_control.allow_credentials
assert access_control.allow_headers == {"Cookie", "X-Special"}
assert access_control.allow_methods == {"GET", "POST"}
assert access_control.allow_origin == {"*"}
assert access_control.expose_headers == {"Set-Cookie"}
assert access_control.max_age == 5.0
access_control.allow_methods.add("DELETE")
access_control.allow_origin = HeaderSet(["https://quart.com"])
assert updated
assert access_control.allow_methods == {"GET", "POST", "DELETE"}
assert access_control.allow_origin == {"https://quart.com"}