def test_allow_credential_wildcard(self, make_cors_client): client = make_cors_client(falcon.CORSMiddleware(allow_credentials='*')) client.app.add_route('/', CORSHeaderResource()) res = client.simulate_get(headers={'Origin': 'localhost'}) assert res.headers['Access-Control-Allow-Origin'] == 'localhost' assert res.headers['Access-Control-Allow-Credentials'] == 'true'
def test_allow_credential_existing_origin(self, make_cors_client): client = make_cors_client(falcon.CORSMiddleware(allow_credentials='*')) client.app.add_route('/', CORSHeaderResource()) res = client.simulate_delete(headers={'Origin': 'something'}) assert res.headers['Access-Control-Allow-Origin'] == 'example.com' h = dict(res.headers.lower_items()).keys() assert 'Access-Control-Allow-Credentials'.lower() not in h
def test_expose_headers(self, make_cors_client, attr, exp): client = make_cors_client( falcon.CORSMiddleware(expose_headers=attr, allow_credentials=None)) client.app.add_route('/', CORSHeaderResource()) res = client.simulate_get(headers={'Origin': 'something'}) assert res.headers['Access-Control-Allow-Origin'] == '*' assert res.headers['Access-Control-Expose-Headers'] == exp h = dict(res.headers.lower_items()).keys() assert 'Access-Control-Allow-Credentials'.lower() not in h
def create_app( is_dev_mode: bool, allow_origins: Union[str, Tuple[str, ...]], task: services.TaskService, ) -> App: if is_dev_mode: cors_middleware = falcon.CORSMiddleware(allow_origins='*') else: cors_middleware = falcon.CORSMiddleware(allow_origins=allow_origins) middleware = [cors_middleware] app = App(middleware=middleware, prefix='/api') app.register( controller=controllers.TaskController(task=task), url='', ) return app
def test_allow_origin_allow_credential(self, make_cors_client): client = make_cors_client( falcon.CORSMiddleware(allow_origins='test', allow_credentials='*')) client.app.add_route('/', CORSHeaderResource()) for origin in ['foo', 'TEST']: res = client.simulate_get(headers={'Origin': origin}) h = dict(res.headers.lower_items()).keys() assert 'Access-Control-Allow-Origin'.lower() not in h assert 'Access-Control-Allow-Credentials'.lower() not in h assert 'Access-Control-Expose-Headers'.lower() not in h res = client.simulate_get(headers={'Origin': 'test'}) assert res.headers['Access-Control-Allow-Origin'] == 'test' assert res.headers['Access-Control-Allow-Credentials'] == 'true' h = dict(res.headers.lower_items()).keys() assert 'Access-Control-Expose-Headers'.lower() not in h
def test_allow_credential_list_or_str(self, make_cors_client, allow, successOrigin): client = make_cors_client(falcon.CORSMiddleware(allow_credentials=allow)) client.app.add_route('/', CORSHeaderResource()) for origin in ('foo, bar', 'foobar', 'foo,bar', 'Foo', 'BAR'): res = client.simulate_get(headers={'Origin': origin}) assert res.headers['Access-Control-Allow-Origin'] == '*' h = dict(res.headers.lower_items()).keys() assert 'Access-Control-Allow-Credentials'.lower() not in h assert 'Access-Control-Expose-Headers'.lower() not in h for origin in successOrigin: res = client.simulate_get(headers={'Origin': origin}) assert res.headers['Access-Control-Allow-Origin'] == origin assert res.headers['Access-Control-Allow-Credentials'] == 'true' h = dict(res.headers.lower_items()).keys() assert 'Access-Control-Expose-Headers'.lower() not in h
def test_allow_origin(self, make_cors_client, allow, fail_origins, success_origins): client = make_cors_client(falcon.CORSMiddleware(allow_origins=allow)) client.app.add_route('/', CORSHeaderResource()) for origin in fail_origins: h = {'Origin': origin} if origin is not None else {} res = client.simulate_get(headers=h) h = dict(res.headers.lower_items()).keys() assert 'Access-Control-Allow-Origin'.lower() not in h assert 'Access-Control-Allow-Credentials'.lower() not in h assert 'Access-Control-Expose-Headers'.lower() not in h for origin in success_origins: res = client.simulate_get(headers={'Origin': origin}) assert res.headers['Access-Control-Allow-Origin'] == '*' if allow == '*' else origin h = dict(res.headers.lower_items()).keys() assert 'Access-Control-Allow-Credentials'.lower() not in h assert 'Access-Control-Expose-Headers'.lower() not in h
def test_raises(self): with pytest.raises(ValueError, match='passed to allow_origins'): falcon.CORSMiddleware(allow_origins=['*']) with pytest.raises(ValueError, match='passed to allow_credentials'): falcon.CORSMiddleware(allow_credentials=['*'])
import falcon from json import dumps from src import WeirdText class EncodeText: def on_post(self, req, resp): result = req.media encoded_text, original_words = WeirdText.encode(result["text"]) resp.text = dumps({ "encoded_text": encoded_text, "original_words": original_words }) class DecodeText: def on_post(self, req, resp): result = req.media decoded_text = WeirdText.decode(result["text"], result["original_words"]) resp.text = dumps({"decoded_text": decoded_text}) app = falcon.App(middleware=falcon.CORSMiddleware( allow_origins='https://gracious-mcclintock-76e52c.netlify.app', allow_credentials='*')) app.add_route('/v1/encode', EncodeText()) app.add_route('/v1/decode', DecodeText())
json_handler = falcon.media.JSONHandler( loads=ujson.loads, dumps=partial(ujson.dumps, ensure_ascii=False) ) extra_handlers = { "application/json": json_handler, } app = falcon.App(cors_enable=True) app.req_options.media_handlers.update(extra_handlers) app.resp_options.media_handlers.update(extra_handlers) app.req_options.auto_parse_form_urlencoded = True app = falcon.App( middleware=falcon.CORSMiddleware( allow_origins=_utils.ALLOWED_ORIGINS, allow_credentials=_utils.ALLOWED_ORIGINS ) ) infer_api = Infer() res_api = Res() metrics_api = Metrics() meta_api = Meta() health_api = Health() app.add_route("/infer", infer_api) app.add_route("/result", res_api) app.add_route("/metrics", metrics_api) app.add_route("/meta", meta_api) app.add_route("/health", health_api)