['/arvados/v1/collections',
'/arvados/v1/users',
'/arvados/v1/api_client_authorizations'].each do |path|
- test "CORS headers are set and body is stub at OPTIONS #{path}" do
+ test "CORS headers are set and body is empty at OPTIONS #{path}" do
options path, {}, {}
assert_response :success
assert_cors_headers
- assert_equal '-', response.body
+ assert_equal '', response.body
end
test "CORS headers are set at authenticated GET #{path}" do
%w(GET HEAD POST PUT DELETE).each do |m|
assert_includes allowed, m, "A-C-A-Methods should include #{m}"
end
- assert_equal 'Authorization', response.headers['Access-Control-Allow-Headers']
+ assert_equal 'Authorization, Content-Type', response.headers['Access-Control-Allow-Headers']
end
def assert_no_cors_headers