-
-
Notifications
You must be signed in to change notification settings - Fork 3k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Implements #2232 (comment) - Separate test suite: - we don't want to pollute other gateway tests with CORS headers - (as of now) changing headers requires daemon restart anyway License: MIT Signed-off-by: Marcin Rataj <[email protected]>
- Loading branch information
Showing
1 changed file
with
78 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,78 @@ | ||
| #!/bin/sh | ||
| # | ||
| # Copyright (c) 2016 Marcin Rataj | ||
| # MIT Licensed; see the LICENSE file in this repository. | ||
| # | ||
|
|
||
| test_description="Test HTTP Gateway CORS Support" | ||
|
|
||
| test_config_ipfs_cors_headers() { | ||
| ipfs config --json Gateway.HTTPHeaders.Access-Control-Allow-Origin '["*"]' | ||
| ipfs config --json Gateway.HTTPHeaders.Access-Control-Allow-Methods '["PUT", "GET", "POST"]' | ||
| ipfs config --json Gateway.HTTPHeaders.Access-Control-Allow-Headers '["X-Requested-With"]' | ||
|
|
||
| ipfs config --json API.HTTPHeaders.Access-Control-Allow-Origin '["*"]' | ||
| ipfs config --json API.HTTPHeaders.Access-Control-Allow-Methods '["PUT", "GET", "POST"]' | ||
| ipfs config --json API.HTTPHeaders.Access-Control-Allow-Headers '["X-Requested-With"]' | ||
| } | ||
|
|
||
| . lib/test-lib.sh | ||
|
|
||
| test_init_ipfs | ||
| test_config_ipfs_gateway_readonly $ADDR_GWAY | ||
| test_config_ipfs_cors_headers | ||
| test_launch_ipfs_daemon | ||
|
|
||
| gwport=$PORT_GWAY | ||
| apiport=$PORT_API | ||
| thash='QmUNLLsPACCz1vLxQVkXqqLX5R1X345qqfHbsf67hvA3Nn' | ||
|
|
||
| # Gateway | ||
|
|
||
| # HTTP GET Request | ||
| test_expect_success "GET to Gateway succeeds" ' | ||
| curl -svX GET "http://127.0.0.1:$gwport/ipfs/$thash" 2>curl_output | ||
| ' | ||
| # GET Response from Gateway should contain CORS headers | ||
| test_expect_success "GET response for Gateway resource looks good" ' | ||
| grep "Access-Control-Allow-Origin:" curl_output && | ||
| grep "Access-Control-Allow-Methods:" curl_output && | ||
| grep "Access-Control-Allow-Headers:" curl_output | ||
| ' | ||
|
|
||
| # HTTP OPTIONS Request | ||
| test_expect_success "OPTIONS to Gateway succeeds" ' | ||
| curl -svX OPTIONS "http://127.0.0.1:$gwport/ipfs/$thash" 2>curl_output | ||
| ' | ||
| # OPTION Response from Gateway should contain CORS headers | ||
| test_expect_success "OPTIONS response for Gateway resource looks good" ' | ||
| grep "Access-Control-Allow-Origin:" curl_output && | ||
| grep "Access-Control-Allow-Methods:" curl_output && | ||
| grep "Access-Control-Allow-Headers:" curl_output | ||
| ' | ||
|
|
||
| # Read-Only API (at the Gateway Port) | ||
|
|
||
| # HTTP GET Request | ||
| test_expect_success "GET to API succeeds" ' | ||
| curl -svX GET "http://127.0.0.1:$gwport/api/v0/cat?arg=$thash" 2>curl_output | ||
| ' | ||
| # GET Response from the API should NOT contain CORS headers | ||
| # Blacklisting: https://git.io/vzaj2 | ||
| # Rationale: https://git.io/vzajX | ||
| test_expect_success "OPTIONS response for API looks good" ' | ||
| grep -q "Access-Control-Allow-" curl_output && false || true | ||
| ' | ||
|
|
||
| # HTTP OPTIONS Request | ||
| test_expect_success "OPTIONS to API succeeds" ' | ||
| curl -svX OPTIONS "http://127.0.0.1:$gwport/api/v0/cat?arg=$thash" 2>curl_output | ||
| ' | ||
| # OPTIONS Response from the API should NOT contain CORS headers | ||
| test_expect_success "OPTIONS response for API looks good" ' | ||
| grep -q "Access-Control-Allow-" curl_output && false || true | ||
| ' | ||
|
|
||
| test_kill_ipfs_daemon | ||
|
|
||
| test_done |