couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Benoit Chesneau <bchesn...@gmail.com>
Subject Re: [2/3] git commit: add test case: auth with wildcard should fail
Date Tue, 04 Dec 2012 21:07:01 GMT
still not sure why you are sending basic headers. Maybe we should test on
OPTIONS to make sure we aren't returning the credential flags?


- benoît


On Tue, Dec 4, 2012 at 9:55 PM, Jan Lehnardt <jan@apache.org> wrote:

> Bah, bad commit. I fix it in [1/3]:
>
> -test_auth_with_wildcard() ->
> +test_credentials_with_wildcard() ->
>     Headers = [{"Origin", "http://example.com"},
>                {"Access-Control-Request-Method", "GET"}],
>     case ibrowse:send_req(server(), Headers, get, [], [{basic_auth,
> {"test", "test"}}]) of
>     {ok, _, RespHeaders, _}  ->
>         % I would either expect the current origin or a wildcard to be
> returned
> -        etap:is(proplists:get_value("Access-Control-Allow-Origin",
> RespHeaders),
> +        etap:is(proplists:get_value("Access-Control-Allow-Credentials",
> RespHeaders),
>             undefined,
> -            "auth with wildcard should fail");
> +            "credentials with wildcard should fail");
>     _ ->
>         etap:is(false, true, "ibrowse failed")
>     end.
>
> that should have been the original commit, not sure how I mixed this one
> up.
>
> Sorry!
> Jan
> --
>
> On Dec 4, 2012, at 21:44 , Benoit Chesneau <bchesneau@gmail.com> wrote:
>
> > This test is not appropriate imo.
> >
> > That's not that auth should fails, CORS is nothing about authorizations
> > What the spec says is that we should omit credentials flags for wildcards
> > origin.
> >
> >
> > - Benoît
> >
> >
> >
> >
> >
> >
> >
> > On Tue, Dec 4, 2012 at 9:33 PM, <jan@apache.org> wrote:
> >
> >> add test case: auth with wildcard should fail
> >>
> >>
> >> Project: http://git-wip-us.apache.org/repos/asf/couchdb/repo
> >> Commit: http://git-wip-us.apache.org/repos/asf/couchdb/commit/95b15e41
> >> Tree: http://git-wip-us.apache.org/repos/asf/couchdb/tree/95b15e41
> >> Diff: http://git-wip-us.apache.org/repos/asf/couchdb/diff/95b15e41
> >>
> >> Branch: refs/heads/431-feature-cors
> >> Commit: 95b15e41aec707bdddf3f7ada92b3c8432d3293c
> >> Parents: b48284c
> >> Author: Jan Lehnardt <jan@apache.org>
> >> Authored: Tue Dec 4 21:06:28 2012 +0100
> >> Committer: Jan Lehnardt <jan@apache.org>
> >> Committed: Tue Dec 4 21:06:28 2012 +0100
> >>
> >> ----------------------------------------------------------------------
> >> test/etap/231-cors.t |   22 ++++++++++++++++++----
> >> 1 files changed, 18 insertions(+), 4 deletions(-)
> >> ----------------------------------------------------------------------
> >>
> >>
> >>
> >>
> http://git-wip-us.apache.org/repos/asf/couchdb/blob/95b15e41/test/etap/231-cors.t
> >> ----------------------------------------------------------------------
> >> diff --git a/test/etap/231-cors.t b/test/etap/231-cors.t
> >> index 9dc9fff..b5180d2 100644
> >> --- a/test/etap/231-cors.t
> >> +++ b/test/etap/231-cors.t
> >> @@ -32,7 +32,7 @@ server() ->
> >> main(_) ->
> >>     test_util:init_code_path(),
> >>
> >> -    etap:plan(17),
> >> +    etap:plan(18),
> >>     case (catch test()) of
> >>         ok ->
> >>             etap:end_tests();
> >> @@ -102,14 +102,14 @@ test() ->
> >>
> >>     ok = couch_config:set("cors", "origins", "*", false),
> >>     test_preflight_with_wildcard(),
> >> +    test_auth_with_wildcard(),
> >>
> >>     ok = couch_config:set("cors", "origins", "http://example.com",
> >> false),
> >>
> >>
> >> -    % TBD
> >> -    % case-sensitive mismatch of allowed origins should fail
> >>     test_case_sensitive_mismatch_of_allowed_origins(),
> >> -    % auth with * Origin should fail
> >> +
> >> +    % TBD
> >>     % test all cors with vhosts
> >>     % test multiple per-host configuration
> >>
> >> @@ -268,6 +268,20 @@ test_preflight_with_wildcard() ->
> >>         etap:is(false, true, "ibrowse failed")
> >>     end.
> >>
> >> +test_auth_with_wildcard() ->
> >> +    Headers = [{"Origin", "http://example.com"},
> >> +               {"Access-Control-Request-Method", "GET"}],
> >> +    case ibrowse:send_req(server(), Headers, get, [], [{basic_auth,
> >> {"test", "test"}}]) of
> >> +    {ok, _, RespHeaders, _}  ->
> >> +        % I would either expect the current origin or a wildcard to be
> >> returned
> >> +        etap:is(proplists:get_value("Access-Control-Allow-Origin",
> >> RespHeaders),
> >> +            undefined,
> >> +            "auth with wildcard should fail");
> >> +    _ ->
> >> +        etap:is(false, true, "ibrowse failed")
> >> +    end.
> >> +
> >> +
> >> test_preflight_with_port1() ->
> >>     Headers = [{"Origin", "http://example.com:5984"},
> >>                {"Access-Control-Request-Method", "GET"}],
> >>
> >>
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message