Skip to content

Commit

Permalink
Merge pull request #748 from http-party/cors-fix
Browse files Browse the repository at this point in the history
Fix CORS option detection
  • Loading branch information
thornjad authored Oct 13, 2021
2 parents df8c736 + 964725e commit 96aa6e9
Show file tree
Hide file tree
Showing 2 changed files with 119 additions and 1 deletion.
2 changes: 1 addition & 1 deletion lib/core/opts.js
Original file line number Diff line number Diff line change
Expand Up @@ -118,7 +118,7 @@ module.exports = (opts) => {
});

aliases.cors.forEach((k) => {
if (isDeclared(k) && k) {
if (isDeclared(k) && opts[k]) {
handleOptionsMethod = true;
headers['Access-Control-Allow-Origin'] = '*';
headers['Access-Control-Allow-Headers'] = 'Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since';
Expand Down
118 changes: 118 additions & 0 deletions test/cors.test.js
Original file line number Diff line number Diff line change
@@ -0,0 +1,118 @@
'use strict';

const test = require('tap').test;
const server = require('../lib/core');
const http = require('http');
const path = require('path');
const request = require('request');

const root = path.join(__dirname, 'public');

test('cors defaults to false', (t) => {
t.plan(4);

const httpServer = http.createServer(
server({
root,
autoIndex: true,
defaultExt: 'html',
})
);

httpServer.listen(() => {
const port = httpServer.address().port;
const uri = `http://localhost:${port}/subdir/index.html`;

request.get({ uri }, (err, res) => {
t.ifError(err);
t.equal(res.statusCode, 200);
t.type(res.headers['access-control-allow-origin'], 'undefined');
t.type(res.headers['access-control-allow-headers'], 'undefined');
});
});
t.once('end', () => {
httpServer.close();
});
});

test('cors set to false', (t) => {
t.plan(4);

const httpServer = http.createServer(
server({
root,
cors: false,
autoIndex: true,
defaultExt: 'html',
})
);

httpServer.listen(() => {
const port = httpServer.address().port;
const uri = `http://localhost:${port}/subdir/index.html`;

request.get({ uri }, (err, res) => {
t.ifError(err);
t.equal(res.statusCode, 200);
t.type(res.headers['access-control-allow-origin'], 'undefined');
t.type(res.headers['access-control-allow-headers'], 'undefined');
});
});
t.once('end', () => {
httpServer.close();
});
});

test('cors set to true', (t) => {
t.plan(4);

const httpServer = http.createServer(
server({
root,
cors: true,
autoIndex: true,
defaultExt: 'html',
})
);

httpServer.listen(() => {
const port = httpServer.address().port;
const uri = `http://localhost:${port}/subdir/index.html`;
request.get({ uri }, (err, res) => {
t.ifError(err);
t.equal(res.statusCode, 200);
t.equal(res.headers['access-control-allow-origin'], '*');
t.equal(res.headers['access-control-allow-headers'], 'Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since');
});
});
t.once('end', () => {
httpServer.close();
});
});

test('CORS set to true', (t) => {
t.plan(4);

const httpServer = http.createServer(
server({
root,
CORS: true,
autoIndex: true,
defaultExt: 'html',
})
);

httpServer.listen(() => {
const port = httpServer.address().port;
const uri = `http://localhost:${port}/subdir/index.html`;
request.get({ uri }, (err, res) => {
t.ifError(err);
t.equal(res.statusCode, 200);
t.equal(res.headers['access-control-allow-origin'], '*');
t.equal(res.headers['access-control-allow-headers'], 'Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since');
});
});
t.once('end', () => {
httpServer.close();
});
});

0 comments on commit 96aa6e9

Please sign in to comment.