1
0
mirror of https://github.com/actix/actix-extras.git synced 2024-11-23 23:51:06 +01:00

Fix allow_any_header setter (#121)

This commit is contained in:
Guarabot 2020-11-05 19:38:27 +01:00 committed by GitHub
parent 76429602c6
commit 0b2eff9384
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 23 additions and 3 deletions

View File

@ -1,7 +1,7 @@
# Changes
## Unreleased - 2020-xx-xx
* Fix `allow_any_header` method, now set the correct field
## 0.5.0 - 2020-10-19
* Disallow `*` in `Cors::allowed_origin`. [#114].

View File

@ -234,12 +234,12 @@ impl Cors {
self
}
/// Resets allowed request header list to a state where any origin is accepted.
/// Resets allowed request header list to a state where any header is accepted.
///
/// See [`Cors::allowed_headers`] for more info on allowed request headers.
pub fn allow_any_header(mut self) -> Cors {
if let Some(cors) = cors(&mut self.inner, &self.error) {
cors.allowed_origins = AllOrSome::All;
cors.allowed_headers = AllOrSome::All;
}
self

View File

@ -386,3 +386,23 @@ async fn validate_origin_allows_all_origins() {
let resp = test::call_service(&mut cors, req).await;
assert_eq!(resp.status(), StatusCode::OK);
}
#[actix_rt::test]
async fn test_allow_any_origin_any_method_any_header() {
let mut cors = Cors::default()
.allow_any_origin()
.allow_any_method()
.allow_any_header()
.new_transform(test::ok_service())
.await
.unwrap();
let req = TestRequest::with_header(header::ACCESS_CONTROL_REQUEST_METHOD, "POST")
.header(header::ACCESS_CONTROL_REQUEST_HEADERS, "content-type")
.header(header::ORIGIN, "https://www.example.com")
.method(Method::OPTIONS)
.to_srv_request();
let resp = test::call_service(&mut cors, req).await;
assert_eq!(resp.status(), StatusCode::OK);
}