diff --git a/src/Microsoft.AspNet.Cors/CorsPolicyBuilder.cs b/src/Microsoft.AspNet.Cors/CorsPolicyBuilder.cs index 71b500cd48..d018b92a68 100644 --- a/src/Microsoft.AspNet.Cors/CorsPolicyBuilder.cs +++ b/src/Microsoft.AspNet.Cors/CorsPolicyBuilder.cs @@ -180,7 +180,11 @@ namespace Microsoft.AspNet.Cors.Infrastructure WithHeaders(policy.Headers.ToArray()); WithExposedHeaders(policy.ExposedHeaders.ToArray()); WithMethods(policy.Methods.ToArray()); - SetPreflightMaxAge(policy.PreflightMaxAge.Value); + + if (policy.PreflightMaxAge.HasValue) + { + SetPreflightMaxAge(policy.PreflightMaxAge.Value); + } if (policy.SupportsCredentials) { diff --git a/test/Microsoft.AspNet.Cors.Test/CorsPolicyBuilderTests.cs b/test/Microsoft.AspNet.Cors.Test/CorsPolicyBuilderTests.cs index c16a71aee3..5f9f6fe737 100644 --- a/test/Microsoft.AspNet.Cors.Test/CorsPolicyBuilderTests.cs +++ b/test/Microsoft.AspNet.Cors.Test/CorsPolicyBuilderTests.cs @@ -14,16 +14,16 @@ namespace Microsoft.AspNet.Cors.Infrastructure public void Constructor_WithPolicy_AddsTheGivenPolicy() { // Arrange - var policy = new CorsPolicy(); - policy.Origins.Add("http://existing.com"); - policy.Headers.Add("Existing"); - policy.Methods.Add("GET"); - policy.ExposedHeaders.Add("ExistingExposed"); - policy.SupportsCredentials = true; - policy.PreflightMaxAge = TimeSpan.FromSeconds(12); + var originalPolicy = new CorsPolicy(); + originalPolicy.Origins.Add("http://existing.com"); + originalPolicy.Headers.Add("Existing"); + originalPolicy.Methods.Add("GET"); + originalPolicy.ExposedHeaders.Add("ExistingExposed"); + originalPolicy.SupportsCredentials = true; + originalPolicy.PreflightMaxAge = TimeSpan.FromSeconds(12); // Act - var builder = new CorsPolicyBuilder(policy); + var builder = new CorsPolicyBuilder(originalPolicy); // Assert var corsPolicy = builder.Build(); @@ -32,13 +32,41 @@ namespace Microsoft.AspNet.Cors.Infrastructure Assert.False(corsPolicy.AllowAnyMethod); Assert.False(corsPolicy.AllowAnyOrigin); Assert.True(corsPolicy.SupportsCredentials); - Assert.Equal(policy.Headers, corsPolicy.Headers); - Assert.Equal(policy.Methods, corsPolicy.Methods); - Assert.Equal(policy.Origins, corsPolicy.Origins); - Assert.Equal(policy.ExposedHeaders, corsPolicy.ExposedHeaders); + Assert.NotSame(originalPolicy.Headers, corsPolicy.Headers); + Assert.Equal(originalPolicy.Headers, corsPolicy.Headers); + Assert.NotSame(originalPolicy.Methods, corsPolicy.Methods); + Assert.Equal(originalPolicy.Methods, corsPolicy.Methods); + Assert.NotSame(originalPolicy.Origins, corsPolicy.Origins); + Assert.Equal(originalPolicy.Origins, corsPolicy.Origins); + Assert.NotSame(originalPolicy.ExposedHeaders, corsPolicy.ExposedHeaders); + Assert.Equal(originalPolicy.ExposedHeaders, corsPolicy.ExposedHeaders); Assert.Equal(TimeSpan.FromSeconds(12), corsPolicy.PreflightMaxAge); } + [Fact] + public void ConstructorWithPolicy_HavingNullPreflightMaxAge_AddsTheGivenPolicy() + { + // Arrange + var originalPolicy = new CorsPolicy(); + originalPolicy.Origins.Add("http://existing.com"); + + // Act + var builder = new CorsPolicyBuilder(originalPolicy); + + // Assert + var corsPolicy = builder.Build(); + + Assert.Null(corsPolicy.PreflightMaxAge); + Assert.False(corsPolicy.AllowAnyHeader); + Assert.False(corsPolicy.AllowAnyMethod); + Assert.False(corsPolicy.AllowAnyOrigin); + Assert.NotSame(originalPolicy.Origins, corsPolicy.Origins); + Assert.Equal(originalPolicy.Origins, corsPolicy.Origins); + Assert.Empty(corsPolicy.Headers); + Assert.Empty(corsPolicy.Methods); + Assert.Empty(corsPolicy.ExposedHeaders); + } + [Fact] public void Constructor_WithNoOrigin() { @@ -112,7 +140,6 @@ namespace Microsoft.AspNet.Cors.Infrastructure Assert.Equal(new List() { "*" }, corsPolicy.Origins); } - [Fact] public void WithMethods_AddsMethods() {