This repository has been archived by the owner on Apr 26, 2019. It is now read-only.
-
-
Notifications
You must be signed in to change notification settings - Fork 11
/
Copy pathindex.js
100 lines (97 loc) · 3.18 KB
/
index.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
var test = require('tap').test
var corsHeaders = require('../index')
test('request.headers.origin is undefined', function (t) {
var request = {
headers: {}
}
var continueCalled = false
var reply = {
continue: function () {
continueCalled = true
}
}
corsHeaders(request, reply)
t.deepEqual(Object.keys(request.headers), [], 'sets no headers')
t.equal(continueCalled, true, 'reply.continue called')
t.end()
})
test('request is boom error', function (t) {
var request = {
headers: {
origin: 'example.com'
},
response: {
isBoom: true,
output: {
headers: {},
statusCode: 500
}
}
}
var continueCalled = false
var reply = {
continue: function () {
continueCalled = true
}
}
corsHeaders(request, reply)
t.equal(request.response.output.headers['access-control-allow-origin'], 'example.com', 'sets access-control-allow-origin')
t.equal(request.response.output.headers['access-control-allow-credentials'], 'true', 'sets access-control-allow-credentials')
t.equal(request.response.output.statusCode, 500, 'passes statusCode')
t.equal(continueCalled, true, 'reply.continue called')
t.end()
})
test('options request without acces-control-request headers', function (t) {
var request = {
method: 'options',
headers: {
origin: 'example.com'
},
response: {
headers: {},
statusCode: 500
}
}
var continueCalled = false
var reply = {
continue: function () {
continueCalled = true
}
}
corsHeaders(request, reply)
t.equal(request.response.headers['access-control-allow-origin'], 'example.com', 'sets access-control-allow-origin')
t.equal(request.response.headers['access-control-allow-credentials'], 'true', 'sets access-control-allow-credentials')
t.equal('access-control-allow-headers' in request.response.headers, false, 'does not set access-control-allow-headers')
t.equal('access-control-allow-methods' in request.response.headers, false, 'does not set access-control-allow-methods')
t.equal(request.response.statusCode, 200, 'sets statusCode to 200')
t.equal(continueCalled, true, 'reply.continue called')
t.end()
})
test('options request', function (t) {
var request = {
method: 'options',
headers: {
origin: 'example.com',
'access-control-request-headers': 'x-header',
'access-control-request-method': 'GET'
},
response: {
headers: {},
statusCode: 500
}
}
var continueCalled = false
var reply = {
continue: function () {
continueCalled = true
}
}
corsHeaders(request, reply)
t.equal(request.response.headers['access-control-allow-origin'], 'example.com', 'sets access-control-allow-origin')
t.equal(request.response.headers['access-control-allow-credentials'], 'true', 'sets access-control-allow-credentials')
t.equal(request.response.headers['access-control-allow-headers'], 'x-header', 'sets access-control-allow-headers')
t.equal(request.response.headers['access-control-allow-methods'], 'GET', 'sets access-control-allow-methods')
t.equal(request.response.statusCode, 200, 'sets statusCode to 200')
t.equal(continueCalled, true, 'reply.continue called')
t.end()
})