(t *testing.T)
| 295 | } |
| 296 | |
| 297 | func Test_allowOriginScheme(t *testing.T) { |
| 298 | tests := []struct { |
| 299 | domain, pattern string |
| 300 | expected bool |
| 301 | }{ |
| 302 | { |
| 303 | domain: "http://example.com", |
| 304 | pattern: "http://example.com", |
| 305 | expected: true, |
| 306 | }, |
| 307 | { |
| 308 | domain: "https://example.com", |
| 309 | pattern: "https://example.com", |
| 310 | expected: true, |
| 311 | }, |
| 312 | { |
| 313 | domain: "http://example.com", |
| 314 | pattern: "https://example.com", |
| 315 | expected: false, |
| 316 | }, |
| 317 | { |
| 318 | domain: "https://example.com", |
| 319 | pattern: "http://example.com", |
| 320 | expected: false, |
| 321 | }, |
| 322 | } |
| 323 | |
| 324 | e := echo.New() |
| 325 | for _, tt := range tests { |
| 326 | req := httptest.NewRequest(http.MethodOptions, "/", nil) |
| 327 | rec := httptest.NewRecorder() |
| 328 | c := e.NewContext(req, rec) |
| 329 | req.Header.Set(echo.HeaderOrigin, tt.domain) |
| 330 | cors := CORSWithConfig(CORSConfig{ |
| 331 | AllowOrigins: []string{tt.pattern}, |
| 332 | }) |
| 333 | h := cors(func(c *echo.Context) error { return echo.ErrNotFound }) |
| 334 | h(c) |
| 335 | |
| 336 | if tt.expected { |
| 337 | assert.Equal(t, tt.domain, rec.Header().Get(echo.HeaderAccessControlAllowOrigin)) |
| 338 | } else { |
| 339 | assert.NotContains(t, rec.Header(), echo.HeaderAccessControlAllowOrigin) |
| 340 | } |
| 341 | } |
| 342 | } |
| 343 | |
| 344 | func TestCORSWithConfig_AllowMethods(t *testing.T) { |
| 345 | var testCases = []struct { |
nothing calls this directly
no test coverage detected
searching dependent graphs…