github.com/defanghe/fabric@v2.1.1+incompatible/internal/configtxlator/integration/cors_test.go (about)

     1  /*
     2  Copyright IBM Corp. All Rights Reserved.
     3  
     4  SPDX-License-Identifier: Apache-2.0
     5  */
     6  
     7  package integration_test
     8  
     9  import (
    10  	"fmt"
    11  	"io"
    12  	"net/http"
    13  	"os/exec"
    14  	"regexp"
    15  	"syscall"
    16  
    17  	. "github.com/onsi/ginkgo"
    18  	. "github.com/onsi/gomega"
    19  	"github.com/onsi/gomega/gbytes"
    20  	"github.com/onsi/gomega/gexec"
    21  )
    22  
    23  var _ = Describe("CORS", func() {
    24  
    25  	var (
    26  		sess *gexec.Session
    27  		req  *http.Request
    28  
    29  		// runServer starts the server on an ephemeral port, then creates a CORS request
    30  		// targeting that same server (but does not send it), it must be invoked inside
    31  		// the BeforeEach of each test
    32  		runServer func(args ...string)
    33  	)
    34  
    35  	BeforeEach(func() {
    36  		runServer = func(args ...string) {
    37  			cmd := exec.Command(configtxlatorPath, args...)
    38  			var err error
    39  			errBuffer := gbytes.NewBuffer()
    40  			sess, err = gexec.Start(cmd, GinkgoWriter, io.MultiWriter(errBuffer, GinkgoWriter))
    41  			Expect(err).NotTo(HaveOccurred())
    42  			Consistently(sess.Exited).ShouldNot(BeClosed())
    43  			Eventually(errBuffer).Should(gbytes.Say("Serving HTTP requests on 127.0.0.1:"))
    44  			address := regexp.MustCompile("127.0.0.1:[0-9]+").FindString(string(errBuffer.Contents()))
    45  			Expect(address).NotTo(BeEmpty())
    46  
    47  			req, err = http.NewRequest("OPTIONS", fmt.Sprintf("http://%s/protolator/encode/common.Block", address), nil)
    48  			Expect(err).NotTo(HaveOccurred())
    49  			req.Header.Add("Origin", "http://foo.com")
    50  			req.Header.Add("Access-Control-Request-Method", "POST")
    51  			req.Header.Add("Access-Control-Request-Headers", "Content-Type")
    52  		}
    53  	})
    54  
    55  	AfterEach(func() {
    56  		sess.Signal(syscall.SIGKILL)
    57  		Eventually(sess.Exited).Should(BeClosed())
    58  		Expect(sess.ExitCode()).To(Equal(137))
    59  	})
    60  
    61  	Context("when CORS options are not provided", func() {
    62  		BeforeEach(func() {
    63  			runServer("start", "--hostname", "127.0.0.1", "--port", "0")
    64  		})
    65  
    66  		It("rejects CORS OPTIONS requests", func() {
    67  			resp, err := http.DefaultClient.Do(req)
    68  			Expect(err).NotTo(HaveOccurred())
    69  			Expect(resp.StatusCode).To(Equal(http.StatusMethodNotAllowed))
    70  		})
    71  	})
    72  
    73  	Context("when the CORS wildcard is provided", func() {
    74  		BeforeEach(func() {
    75  			runServer("start", "--hostname", "127.0.0.1", "--port", "0", "--CORS", "*")
    76  		})
    77  
    78  		It("it allows CORS requests from any domain", func() {
    79  			resp, err := http.DefaultClient.Do(req)
    80  			Expect(err).NotTo(HaveOccurred())
    81  			Expect(resp.Header.Get("Access-Control-Allow-Origin")).To(Equal("*"))
    82  			Expect(resp.Header.Get("Access-Control-Allow-Headers")).To(Equal("Content-Type"))
    83  			Expect(resp.StatusCode).To(Equal(http.StatusOK))
    84  		})
    85  	})
    86  
    87  	Context("when multiple CORS options are provided", func() {
    88  		BeforeEach(func() {
    89  			runServer("start", "--hostname", "127.0.0.1", "--port", "0", "--CORS", "http://foo.com", "--CORS", "http://bar.com")
    90  		})
    91  
    92  		It("it allows CORS requests from any of them", func() {
    93  			resp, err := http.DefaultClient.Do(req)
    94  			Expect(err).NotTo(HaveOccurred())
    95  			Expect(resp.Header.Get("Access-Control-Allow-Origin")).To(Equal("http://foo.com"))
    96  			Expect(resp.Header.Get("Access-Control-Allow-Headers")).To(Equal("Content-Type"))
    97  			Expect(resp.StatusCode).To(Equal(http.StatusOK))
    98  		})
    99  	})
   100  })