diff --git a/package.json b/package.json index 83fe263..76fd6ee 100644 --- a/package.json +++ b/package.json @@ -36,13 +36,13 @@ "@typescript-eslint/eslint-plugin": "^1.12.0", "@typescript-eslint/parser": "^1.12.0", "cors": "^2.8.5", - "fastify": "^2.0.0", + "fastify": "^2.8.0", "standard": "^14.0.2", "tap": "^12.6.5", "typescript": "^3.5.3" }, "dependencies": { - "fastify-plugin": "^1.5.0", + "fastify-plugin": "^1.6.0", "vary": "^1.1.2" }, "greenkeeper": { diff --git a/test/cors.test.js b/test/cors.test.js index 60611d9..0ba2db2 100644 --- a/test/cors.test.js +++ b/test/cors.test.js @@ -22,13 +22,12 @@ test('Should shortcircuits preflight requests', t => { delete res.headers.date t.strictEqual(res.statusCode, 204) t.strictEqual(res.payload, '') - t.deepEqual({ + t.match(res.headers, { 'access-control-allow-origin': '*', 'access-control-allow-methods': 'GET,HEAD,PUT,PATCH,POST,DELETE', vary: 'Access-Control-Request-Headers', - 'content-length': '0', - connection: 'keep-alive' - }, res.headers) + 'content-length': '0' + }) }) }) @@ -50,13 +49,12 @@ test('Should shortcircuits preflight requests with custom status code', t => { delete res.headers.date t.strictEqual(res.statusCode, 200) t.strictEqual(res.payload, '') - t.deepEqual({ + t.match(res.headers, { 'access-control-allow-origin': '*', 'access-control-allow-methods': 'GET,HEAD,PUT,PATCH,POST,DELETE', vary: 'Access-Control-Request-Headers', - 'content-length': '0', - connection: 'keep-alive' - }, res.headers) + 'content-length': '0' + }) }) }) @@ -78,14 +76,11 @@ test('Should not shortcircuits preflight requests with preflightContinue', t => delete res.headers.date t.strictEqual(res.statusCode, 200) t.strictEqual(res.payload, 'ok') - t.deepEqual({ + t.match(res.headers, { 'access-control-allow-origin': '*', 'access-control-allow-methods': 'GET,HEAD,PUT,PATCH,POST,DELETE', - vary: 'Access-Control-Request-Headers', - 'content-length': '2', - 'content-type': 'text/plain; charset=utf-8', - connection: 'keep-alive' - }, res.headers) + vary: 'Access-Control-Request-Headers' + }) }) }) @@ -103,13 +98,12 @@ test('Should create a options wildcard', t => { delete res.headers.date t.strictEqual(res.statusCode, 204) t.strictEqual(res.payload, '') - t.deepEqual({ + t.match(res.headers, { 'access-control-allow-origin': '*', 'access-control-allow-methods': 'GET,HEAD,PUT,PATCH,POST,DELETE', vary: 'Access-Control-Request-Headers', - 'content-length': '0', - connection: 'keep-alive' - }, res.headers) + 'content-length': '0' + }) }) }) @@ -138,13 +132,12 @@ test('Should create a options wildcard (with prefix)', t => { delete res.headers.date t.strictEqual(res.statusCode, 204) t.strictEqual(res.payload, '') - t.deepEqual({ + t.match(res.headers, { 'access-control-allow-origin': '*', 'access-control-allow-methods': 'GET,HEAD,PUT,PATCH,POST,DELETE', vary: 'Access-Control-Request-Headers', - 'content-length': '0', - connection: 'keep-alive' - }, res.headers) + 'content-length': '0' + }) }) }) @@ -166,12 +159,9 @@ test('Should add cors headers', t => { delete res.headers.date t.strictEqual(res.statusCode, 200) t.strictEqual(res.payload, 'ok') - t.deepEqual({ - 'access-control-allow-origin': '*', - 'content-length': '2', - 'content-type': 'text/plain; charset=utf-8', - connection: 'keep-alive' - }, res.headers) + t.match(res.headers, { + 'access-control-allow-origin': '*' + }) }) }) @@ -200,7 +190,7 @@ test('Should add cors headers (custom values)', t => { delete res.headers.date t.strictEqual(res.statusCode, 204) t.strictEqual(res.payload, '') - t.deepEqual({ + t.match(res.headers, { 'access-control-allow-origin': 'example.com', vary: 'Origin', 'access-control-allow-credentials': 'true', @@ -208,9 +198,8 @@ test('Should add cors headers (custom values)', t => { 'access-control-allow-methods': 'GET', 'access-control-allow-headers': 'baz, woo', 'access-control-max-age': '123', - 'content-length': '0', - connection: 'keep-alive' - }, res.headers) + 'content-length': '0' + }) }) fastify.inject({ @@ -221,15 +210,13 @@ test('Should add cors headers (custom values)', t => { delete res.headers.date t.strictEqual(res.statusCode, 200) t.strictEqual(res.payload, 'ok') - t.deepEqual({ + t.match(res.headers, { 'access-control-allow-origin': 'example.com', vary: 'Origin', 'access-control-allow-credentials': 'true', 'access-control-expose-headers': 'foo, bar', - 'content-length': '2', - 'content-type': 'text/plain; charset=utf-8', - connection: 'keep-alive' - }, res.headers) + 'content-length': '2' + }) }) }) @@ -257,13 +244,10 @@ test('Dynamic origin resolution (valid origin)', t => { delete res.headers.date t.strictEqual(res.statusCode, 200) t.strictEqual(res.payload, 'ok') - t.deepEqual({ + t.match(res.headers, { 'access-control-allow-origin': 'example.com', - vary: 'Origin', - 'content-length': '2', - 'content-type': 'text/plain; charset=utf-8', - connection: 'keep-alive' - }, res.headers) + vary: 'Origin' + }) }) }) @@ -290,11 +274,11 @@ test('Dynamic origin resolution (not valid origin)', t => { delete res.headers.date t.strictEqual(res.statusCode, 200) t.strictEqual(res.payload, 'ok') - t.deepEqual({ + t.deepEqual(res.headers, { 'content-length': '2', 'content-type': 'text/plain; charset=utf-8', connection: 'keep-alive' - }, res.headers) + }) }) }) @@ -347,13 +331,10 @@ test('Dynamic origin resolution (valid origin - promises)', t => { delete res.headers.date t.strictEqual(res.statusCode, 200) t.strictEqual(res.payload, 'ok') - t.deepEqual({ + t.match(res.headers, { 'access-control-allow-origin': 'example.com', - vary: 'Origin', - 'content-length': '2', - 'content-type': 'text/plain; charset=utf-8', - connection: 'keep-alive' - }, res.headers) + vary: 'Origin' + }) }) }) @@ -382,11 +363,11 @@ test('Dynamic origin resolution (not valid origin - promises)', t => { delete res.headers.date t.strictEqual(res.statusCode, 200) t.strictEqual(res.payload, 'ok') - t.deepEqual({ + t.deepEqual(res.headers, { 'content-length': '2', 'content-type': 'text/plain; charset=utf-8', connection: 'keep-alive' - }, res.headers) + }) }) }) @@ -441,10 +422,10 @@ test('Should not add cors headers when origin is false', t => { delete res.headers.date t.strictEqual(res.statusCode, 200) t.strictEqual(res.payload, '') - t.deepEqual({ + t.deepEqual(res.headers, { 'content-length': '0', connection: 'keep-alive' - }, res.headers) + }) }) fastify.inject({ @@ -455,11 +436,11 @@ test('Should not add cors headers when origin is false', t => { delete res.headers.date t.strictEqual(res.statusCode, 200) t.strictEqual(res.payload, 'ok') - t.deepEqual({ + t.deepEqual(res.headers, { 'content-length': '2', 'content-type': 'text/plain; charset=utf-8', connection: 'keep-alive' - }, res.headers) + }) }) }) @@ -482,13 +463,10 @@ test('Allow only request from a specifc origin', t => { delete res.headers.date t.strictEqual(res.statusCode, 200) t.strictEqual(res.payload, 'ok') - t.deepEqual({ + t.match(res.headers, { 'access-control-allow-origin': 'other.io', - vary: 'Origin', - 'content-length': '2', - 'content-type': 'text/plain; charset=utf-8', - connection: 'keep-alive' - }, res.headers) + vary: 'Origin' + }) }) }) @@ -509,12 +487,9 @@ test('Disable preflight', t => { t.error(err) delete res.headers.date t.strictEqual(res.statusCode, 404) - t.deepEqual({ - 'access-control-allow-origin': '*', - 'content-length': '60', - 'content-type': 'application/json; charset=utf-8', - connection: 'keep-alive' - }, res.headers) + t.match(res.headers, { + 'access-control-allow-origin': '*' + }) }) fastify.inject({ @@ -525,11 +500,8 @@ test('Disable preflight', t => { delete res.headers.date t.strictEqual(res.statusCode, 200) t.strictEqual(res.payload, 'ok') - t.deepEqual({ - 'access-control-allow-origin': '*', - 'content-length': '2', - 'content-type': 'text/plain; charset=utf-8', - connection: 'keep-alive' - }, res.headers) + t.match(res.headers, { + 'access-control-allow-origin': '*' + }) }) })