projects
/
arvados.git
/ blobdiff
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Merge remote-tracking branch 'origin/master' into 14645-fuse-operations-reporting
[arvados.git]
/
services
/
api
/
test
/
integration
/
cross_origin_test.rb
diff --git
a/services/api/test/integration/cross_origin_test.rb
b/services/api/test/integration/cross_origin_test.rb
index ebe7ce7a6705b0d99d2e4b439b9339c7061a6531..5109ea46a642a0853528d40986c2314610f050a1 100644
(file)
--- a/
services/api/test/integration/cross_origin_test.rb
+++ b/
services/api/test/integration/cross_origin_test.rb
@@
-1,3
+1,7
@@
+# Copyright (C) The Arvados Authors. All rights reserved.
+#
+# SPDX-License-Identifier: AGPL-3.0
+
require 'test_helper'
class CrossOriginTest < ActionDispatch::IntegrationTest
require 'test_helper'
class CrossOriginTest < ActionDispatch::IntegrationTest
@@
-32,11
+36,11
@@
class CrossOriginTest < ActionDispatch::IntegrationTest
['/arvados/v1/collections',
'/arvados/v1/users',
'/arvados/v1/api_client_authorizations'].each do |path|
['/arvados/v1/collections',
'/arvados/v1/users',
'/arvados/v1/api_client_authorizations'].each do |path|
- test "CORS headers are set and body is
stub
at OPTIONS #{path}" do
+ test "CORS headers are set and body is
empty
at OPTIONS #{path}" do
options path, {}, {}
assert_response :success
assert_cors_headers
options path, {}, {}
assert_response :success
assert_cors_headers
- assert_equal '
-
', response.body
+ assert_equal '', response.body
end
test "CORS headers are set at authenticated GET #{path}" do
end
test "CORS headers are set at authenticated GET #{path}" do
@@
-65,12
+69,12
@@
class CrossOriginTest < ActionDispatch::IntegrationTest
%w(GET HEAD POST PUT DELETE).each do |m|
assert_includes allowed, m, "A-C-A-Methods should include #{m}"
end
%w(GET HEAD POST PUT DELETE).each do |m|
assert_includes allowed, m, "A-C-A-Methods should include #{m}"
end
- assert_equal 'Authorization', response.headers['Access-Control-Allow-Headers']
+ assert_equal 'Authorization
, Content-Type
', response.headers['Access-Control-Allow-Headers']
end
def assert_no_cors_headers
response.headers.keys.each do |h|
end
def assert_no_cors_headers
response.headers.keys.each do |h|
- assert_no_match
/^Access-Control-/i, h
+ assert_no_match
(/^Access-Control-/i, h)
end
end
end
end
end
end