Merge remote-tracking branch 'origin/release/2.2' into feature/w-m
This commit is contained in:
commit
e742ce79aa
|
|
@ -139,13 +139,14 @@ namespace Microsoft.AspNetCore.Cors.Infrastructure
|
||||||
// https://fetch.spec.whatwg.org/#http-new-header-syntax
|
// https://fetch.spec.whatwg.org/#http-new-header-syntax
|
||||||
AddHeaderValues(result.AllowedExposedHeaders, policy.ExposedHeaders);
|
AddHeaderValues(result.AllowedExposedHeaders, policy.ExposedHeaders);
|
||||||
|
|
||||||
var allowedMethods = policy.AllowAnyMethod && policy.SupportsCredentials ?
|
var allowedMethods = policy.AllowAnyMethod ?
|
||||||
new[] { result.IsPreflightRequest ? (string)context.Request.Headers[CorsConstants.AccessControlRequestMethod] : context.Request.Method }
|
new[] { result.IsPreflightRequest ? (string)context.Request.Headers[CorsConstants.AccessControlRequestMethod] : context.Request.Method } :
|
||||||
: policy.Methods;
|
policy.Methods;
|
||||||
AddHeaderValues(result.AllowedMethods, allowedMethods);
|
AddHeaderValues(result.AllowedMethods, allowedMethods);
|
||||||
|
|
||||||
var allowedHeaders = policy.AllowAnyHeader && policy.SupportsCredentials ?
|
var allowedHeaders = policy.AllowAnyHeader ?
|
||||||
context.Request.Headers.GetCommaSeparatedValues(CorsConstants.AccessControlRequestHeaders) : policy.Headers;
|
context.Request.Headers.GetCommaSeparatedValues(CorsConstants.AccessControlRequestHeaders) :
|
||||||
|
policy.Headers;
|
||||||
AddHeaderValues(result.AllowedHeaders, allowedHeaders);
|
AddHeaderValues(result.AllowedHeaders, allowedHeaders);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -433,7 +433,7 @@ namespace Microsoft.AspNetCore.Cors.Infrastructure
|
||||||
var result = corsService.EvaluatePolicy(requestContext, policy);
|
var result = corsService.EvaluatePolicy(requestContext, policy);
|
||||||
|
|
||||||
// Assert
|
// Assert
|
||||||
Assert.Equal(new[] { "*" }, result.AllowedMethods);
|
Assert.Equal(new[] { "GET" }, result.AllowedMethods);
|
||||||
}
|
}
|
||||||
|
|
||||||
[Theory]
|
[Theory]
|
||||||
|
|
@ -474,12 +474,12 @@ namespace Microsoft.AspNetCore.Cors.Infrastructure
|
||||||
var result = corsService.EvaluatePolicy(requestContext, policy);
|
var result = corsService.EvaluatePolicy(requestContext, policy);
|
||||||
|
|
||||||
// Assert
|
// Assert
|
||||||
Assert.Equal(new[] { "*" }, result.AllowedHeaders);
|
Assert.Empty(result.AllowedHeaders);
|
||||||
Assert.Equal(new[] { "*" }, result.AllowedMethods);
|
Assert.Equal(new[] { "PUT" }, result.AllowedMethods);
|
||||||
}
|
}
|
||||||
|
|
||||||
[Fact]
|
[Fact]
|
||||||
public void EvaluatePolicy_PreflightRequest_AllowAllHeaders()
|
public void EvaluatePolicy_PreflightRequest_AllowAllHeaders_ReflectsRequestHeaders()
|
||||||
{
|
{
|
||||||
// Arrange
|
// Arrange
|
||||||
var corsService = GetCorsService();
|
var corsService = GetCorsService();
|
||||||
|
|
@ -497,8 +497,8 @@ namespace Microsoft.AspNetCore.Cors.Infrastructure
|
||||||
var result = corsService.EvaluatePolicy(requestContext, policy);
|
var result = corsService.EvaluatePolicy(requestContext, policy);
|
||||||
|
|
||||||
// Assert
|
// Assert
|
||||||
Assert.Equal(new[] { "*" }, result.AllowedHeaders);
|
Assert.Equal(new[] { "foo", "bar" }, result.AllowedHeaders);
|
||||||
Assert.Equal(new[] { "*" }, result.AllowedMethods);
|
Assert.Equal(new[] { "PUT" }, result.AllowedMethods);
|
||||||
}
|
}
|
||||||
|
|
||||||
[Fact]
|
[Fact]
|
||||||
|
|
@ -522,7 +522,7 @@ namespace Microsoft.AspNetCore.Cors.Infrastructure
|
||||||
|
|
||||||
// Assert
|
// Assert
|
||||||
Assert.Equal(new[] { "match", "foo" }, result.AllowedHeaders);
|
Assert.Equal(new[] { "match", "foo" }, result.AllowedHeaders);
|
||||||
Assert.Equal(new[] { "*" }, result.AllowedMethods);
|
Assert.Equal(new[] { "PUT" }, result.AllowedMethods);
|
||||||
}
|
}
|
||||||
|
|
||||||
[Fact]
|
[Fact]
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue