class TestCORS(amo.tests.TestCase):
def setUp(self):
self.mware = CORSMiddleware()
self.req = RequestFactory().get('/')
def test_not_cors(self):
res = self.mware.process_response(self.req, HttpResponse())
assert not res.has_header('Access-Control-Allow-Methods')
def test_cors(self):
self.req.CORS = ['get']
res = self.mware.process_response(self.req, HttpResponse())
eq_(res['Access-Control-Allow-Origin'], '*')
eq_(res['Access-Control-Allow-Methods'], 'GET, OPTIONS')
def test_post(self):
self.req.CORS = ['get', 'post']
res = self.mware.process_response(self.req, HttpResponse())
eq_(res['Access-Control-Allow-Methods'], 'GET, POST, OPTIONS')
eq_(res['Access-Control-Allow-Headers'],
'X-HTTP-Method-Override, Content-Type')
@mock.patch.object(settings, 'FIREPLACE_URL', fireplace_url)
def test_from_fireplace(self):
self.req.CORS = ['get']
self.req.META['HTTP_ORIGIN'] = fireplace_url
res = self.mware.process_response(self.req, HttpResponse())
eq_(res['Access-Control-Allow-Origin'], fireplace_url)
eq_(res['Access-Control-Allow-Methods'], 'GET, OPTIONS')
eq_(res['Access-Control-Allow-Credentials'], 'true')
class TestCORS(amo.tests.TestCase):
def setUp(self):
self.mware = CORSMiddleware()
self.req = RequestFactory().get('/')
def test_not_cors(self):
res = self.mware.process_response(self.req, HttpResponse())
assert not res.has_header('Access-Control-Allow-Methods')
def test_cors(self):
self.req.CORS = ['get']
res = self.mware.process_response(self.req, HttpResponse())
eq_(res['Access-Control-Allow-Origin'], '*')
eq_(res['Access-Control-Allow-Methods'], 'GET, OPTIONS')
def test_post(self):
self.req.CORS = ['get', 'post']
res = self.mware.process_response(self.req, HttpResponse())
eq_(res['Access-Control-Allow-Methods'], 'GET, POST, OPTIONS')
eq_(res['Access-Control-Allow-Headers'],
'X-HTTP-Method-Override, Content-Type')
@mock.patch.object(settings, 'FIREPLACE_URL', fireplace_url)
def test_from_fireplace(self):
self.req.CORS = ['get']
self.req.META['HTTP_ORIGIN'] = fireplace_url
res = self.mware.process_response(self.req, HttpResponse())
eq_(res['Access-Control-Allow-Origin'], fireplace_url)
eq_(res['Access-Control-Allow-Methods'], 'GET, OPTIONS')
eq_(res['Access-Control-Allow-Credentials'], 'true')
class TestCORS(amo.tests.TestCase):
def setUp(self):
self.mware = CORSMiddleware()
self.req = RequestFactory().get("/")
def test_not_cors(self):
res = self.mware.process_response(self.req, HttpResponse())
assert not res.has_header("Access-Control-Allow-Methods")
def test_cors(self):
self.req.CORS = ["get"]
res = self.mware.process_response(self.req, HttpResponse())
eq_(res["Access-Control-Allow-Origin"], "*")
eq_(res["Access-Control-Allow-Methods"], "GET, OPTIONS")
def test_post(self):
self.req.CORS = ["get", "post"]
res = self.mware.process_response(self.req, HttpResponse())
eq_(res["Access-Control-Allow-Methods"], "GET, POST, OPTIONS")
eq_(res["Access-Control-Allow-Headers"], "X-HTTP-Method-Override, Content-Type")
@mock.patch.object(settings, "FIREPLACE_URL", fireplace_url)
def test_from_fireplace(self):
self.req.CORS = ["get"]
self.req.META["HTTP_ORIGIN"] = fireplace_url
res = self.mware.process_response(self.req, HttpResponse())
eq_(res["Access-Control-Allow-Origin"], fireplace_url)
eq_(res["Access-Control-Allow-Methods"], "GET, OPTIONS")
eq_(res["Access-Control-Allow-Credentials"], "true")
class TestCORS(amo.tests.TestCase):
def setUp(self):
self.mware = CORSMiddleware()
self.req = RequestFactory().get('/')
def test_not_cors(self):
res = self.mware.process_response(self.req, HttpResponse())
assert not res.has_header('Access-Control-Allow-Methods')
def test_cors(self):
self.req.CORS = ['get']
res = self.mware.process_response(self.req, HttpResponse())
eq_(res['Access-Control-Allow-Origin'], '*')
eq_(res['Access-Control-Allow-Methods'], 'GET, OPTIONS')
def test_post(self):
self.req.CORS = ['get', 'post']
res = self.mware.process_response(self.req, HttpResponse())
eq_(res['Access-Control-Allow-Methods'], 'GET, POST, OPTIONS')
eq_(res['Access-Control-Allow-Headers'], 'Content-Type')
class TestCORS(mkt.site.tests.TestCase):
def setUp(self):
self.mware = CORSMiddleware()
self.req = RequestFactory().get('/')
self.req.API = True
def test_not_cors(self):
res = self.mware.process_response(self.req, HttpResponse())
assert not res.has_header('Access-Control-Allow-Methods')
def test_cors(self):
self.req.CORS = ['get']
res = self.mware.process_response(self.req, HttpResponse())
eq_(res['Access-Control-Allow-Origin'], '*')
eq_(res['Access-Control-Allow-Methods'], 'GET, OPTIONS')
def test_post(self):
self.req.CORS = ['get', 'post']
res = self.mware.process_response(self.req, HttpResponse())
eq_(res['Access-Control-Allow-Methods'], 'GET, POST, OPTIONS')
eq_(res['Access-Control-Allow-Headers'],
'X-HTTP-Method-Override, Content-Type')
def test_custom_request_headers(self):
self.req.CORS_HEADERS = ['X-Something-Weird', 'Content-Type']
res = self.mware.process_response(self.req, HttpResponse())
eq_(res['Access-Control-Allow-Headers'],
'X-Something-Weird, Content-Type')
def test_403_get(self):
resp = HttpResponse()
resp.status_code = 403
res = self.mware.process_response(self.req, resp)
eq_(res['Access-Control-Allow-Origin'], '*')
eq_(res['Access-Control-Allow-Methods'], 'GET, OPTIONS')
def test_500_options(self):
req = RequestFactory().options('/')
req.API = True
resp = HttpResponse()
resp.status_code = 500
res = self.mware.process_response(req, resp)
eq_(res['Access-Control-Allow-Origin'], '*')
eq_(res['Access-Control-Allow-Methods'], 'OPTIONS')
def test_redirect_madness(self):
# Because this test is dependent upon the order of middleware in the
# settings file, this does a full request.
res = self.client.get('/api/v1/apps/category')
eq_(res.status_code, 301)
eq_(res['Access-Control-Allow-Origin'], '*')
eq_(res['Access-Control-Allow-Methods'], 'GET, OPTIONS')
class TestCORS(mkt.site.tests.TestCase):
def setUp(self):
self.mware = CORSMiddleware()
self.req = RequestFactory().get('/')
self.req.API = True
def test_not_cors(self):
res = self.mware.process_response(self.req, HttpResponse())
assert not res.has_header('Access-Control-Allow-Methods')
def test_cors(self):
self.req.CORS = ['get']
res = self.mware.process_response(self.req, HttpResponse())
eq_(res['Access-Control-Allow-Origin'], '*')
eq_(res['Access-Control-Allow-Methods'], 'GET, OPTIONS')
def test_post(self):
self.req.CORS = ['get', 'post']
res = self.mware.process_response(self.req, HttpResponse())
eq_(res['Access-Control-Allow-Methods'], 'GET, POST, OPTIONS')
eq_(res['Access-Control-Allow-Headers'],
'X-HTTP-Method-Override, Content-Type')
def test_custom_request_headers(self):
self.req.CORS_HEADERS = ['X-Something-Weird', 'Content-Type']
res = self.mware.process_response(self.req, HttpResponse())
eq_(res['Access-Control-Allow-Headers'],
'X-Something-Weird, Content-Type')
def test_403_get(self):
resp = HttpResponse()
resp.status_code = 403
res = self.mware.process_response(self.req, resp)
eq_(res['Access-Control-Allow-Origin'], '*')
eq_(res['Access-Control-Allow-Methods'], 'GET, OPTIONS')
def test_500_options(self):
req = RequestFactory().options('/')
req.API = True
resp = HttpResponse()
resp.status_code = 500
res = self.mware.process_response(req, resp)
eq_(res['Access-Control-Allow-Origin'], '*')
eq_(res['Access-Control-Allow-Methods'], 'OPTIONS')
def test_redirect_madness(self):
# Because this test is dependent upon the order of middleware in the
# settings file, this does a full request.
res = self.client.get('/api/v1/apps/category')
eq_(res.status_code, 301)
eq_(res['Access-Control-Allow-Origin'], '*')
eq_(res['Access-Control-Allow-Methods'], 'GET, OPTIONS')
def setUp(self):
self.mware = CORSMiddleware()
self.req = RequestFactory().get('/')
def setUp(self):
self.mware = CORSMiddleware()
self.req = RequestFactory().get('/')
