Add single csv values so that there is a single response header added per value.

This commit is contained in:
Harsh Gupta 2015-06-23 15:57:09 -07:00
parent 88fa7fb51a
commit b1ade8f2cf
2 changed files with 44 additions and 31 deletions

View File

@ -137,7 +137,9 @@ namespace Microsoft.AspNet.Cors.Core
if (nonSimpleAllowMethods.Length > 0) if (nonSimpleAllowMethods.Length > 0)
{ {
headers.Add(CorsConstants.AccessControlAllowMethods, nonSimpleAllowMethods); headers.SetCommaSeparatedValues(
CorsConstants.AccessControlAllowMethods,
nonSimpleAllowMethods);
} }
} }
@ -151,7 +153,9 @@ namespace Microsoft.AspNet.Cors.Core
if (nonSimpleAllowRequestHeaders.Length > 0) if (nonSimpleAllowRequestHeaders.Length > 0)
{ {
headers.Add(CorsConstants.AccessControlAllowHeaders, nonSimpleAllowRequestHeaders); headers.SetCommaSeparatedValues(
CorsConstants.AccessControlAllowHeaders,
nonSimpleAllowRequestHeaders);
} }
} }
@ -162,9 +166,12 @@ namespace Microsoft.AspNet.Cors.Core
.Where(header => .Where(header =>
!CorsConstants.SimpleResponseHeaders.Contains(header, StringComparer.OrdinalIgnoreCase)) !CorsConstants.SimpleResponseHeaders.Contains(header, StringComparer.OrdinalIgnoreCase))
.ToArray(); .ToArray();
if (nonSimpleAllowResponseHeaders.Length > 0) if (nonSimpleAllowResponseHeaders.Length > 0)
{ {
headers.Add(CorsConstants.AccessControlExposeHeaders, nonSimpleAllowResponseHeaders.ToArray()); headers.SetCommaSeparatedValues(
CorsConstants.AccessControlExposeHeaders,
nonSimpleAllowResponseHeaders);
} }
} }

View File

@ -643,6 +643,8 @@ namespace Microsoft.AspNet.Cors.Core.Test
// Assert // Assert
Assert.Contains("Access-Control-Allow-Methods", httpContext.Response.Headers.Keys); Assert.Contains("Access-Control-Allow-Methods", httpContext.Response.Headers.Keys);
var value = Assert.Single(httpContext.Response.Headers.Values);
Assert.Equal(new[] { "PUT,DELETE" }, value);
var methods = httpContext.Response.Headers["Access-Control-Allow-Methods"].Split(','); var methods = httpContext.Response.Headers["Access-Control-Allow-Methods"].Split(',');
Assert.Equal(2, methods.Length); Assert.Equal(2, methods.Length);
Assert.Contains("PUT", methods); Assert.Contains("PUT", methods);
@ -721,6 +723,8 @@ namespace Microsoft.AspNet.Cors.Core.Test
// Assert // Assert
Assert.Contains("Access-Control-Allow-Headers", httpContext.Response.Headers.Keys); Assert.Contains("Access-Control-Allow-Headers", httpContext.Response.Headers.Keys);
var value = Assert.Single(httpContext.Response.Headers.Values);
Assert.Equal(new[] { "foo,bar,baz" }, value);
string[] headerValues = httpContext.Response.Headers["Access-Control-Allow-Headers"].Split(','); string[] headerValues = httpContext.Response.Headers["Access-Control-Allow-Headers"].Split(',');
Assert.Equal(3, headerValues.Length); Assert.Equal(3, headerValues.Length);
Assert.Contains("foo", headerValues); Assert.Contains("foo", headerValues);
@ -824,6 +828,8 @@ namespace Microsoft.AspNet.Cors.Core.Test
// Assert // Assert
Assert.Contains("Access-Control-Expose-Headers", httpContext.Response.Headers.Keys); Assert.Contains("Access-Control-Expose-Headers", httpContext.Response.Headers.Keys);
var value = Assert.Single(httpContext.Response.Headers.Values);
Assert.Equal(new[] { "foo,bar,baz" }, value);
string[] exposedHeaderValues = httpContext.Response.Headers["Access-Control-Expose-Headers"].Split(','); string[] exposedHeaderValues = httpContext.Response.Headers["Access-Control-Expose-Headers"].Split(',');
Assert.Equal(3, exposedHeaderValues.Length); Assert.Equal(3, exposedHeaderValues.Length);
Assert.Contains("foo", exposedHeaderValues); Assert.Contains("foo", exposedHeaderValues);