cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject svn commit: r1484490 - in /cxf/branches/2.6.x-fixes: ./ rt/rs/security/cors/src/main/java/org/apache/cxf/rs/security/cors/CrossOriginResourceSharingFilter.java systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/cors/CrossOriginSimpleTest.java
Date Mon, 20 May 2013 14:40:28 GMT
Author: sergeyb
Date: Mon May 20 14:40:27 2013
New Revision: 1484490

URL: http://svn.apache.org/r1484490
Log:
Merged revisions 1484489 via svnmerge from 
https://svn.apache.org/repos/asf/cxf/branches/2.7.x-fixes

................
  r1484489 | sergeyb | 2013-05-20 15:36:28 +0100 (Mon, 20 May 2013) | 9 lines
  
  Merged revisions 1484488 via svnmerge from 
  https://svn.apache.org/repos/asf/cxf/trunk
  
  ........
    r1484488 | sergeyb | 2013-05-20 15:34:43 +0100 (Mon, 20 May 2013) | 1 line
    
    [CXF-5017] Splitting CORS headers using a comma pattern only
  ........
................

Modified:
    cxf/branches/2.6.x-fixes/   (props changed)
    cxf/branches/2.6.x-fixes/rt/rs/security/cors/src/main/java/org/apache/cxf/rs/security/cors/CrossOriginResourceSharingFilter.java
    cxf/branches/2.6.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/cors/CrossOriginSimpleTest.java

Propchange: cxf/branches/2.6.x-fixes/
------------------------------------------------------------------------------
--- svn:mergeinfo (added)
+++ svn:mergeinfo Mon May 20 14:40:27 2013
@@ -0,0 +1,2 @@
+/cxf/branches/2.7.x-fixes:1484489
+/cxf/trunk:1484488

Propchange: cxf/branches/2.6.x-fixes/
------------------------------------------------------------------------------
Binary property 'svnmerge-integrated' - no diff available.

Modified: cxf/branches/2.6.x-fixes/rt/rs/security/cors/src/main/java/org/apache/cxf/rs/security/cors/CrossOriginResourceSharingFilter.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/rs/security/cors/src/main/java/org/apache/cxf/rs/security/cors/CrossOriginResourceSharingFilter.java?rev=1484490&r1=1484489&r2=1484490&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/rs/security/cors/src/main/java/org/apache/cxf/rs/security/cors/CrossOriginResourceSharingFilter.java
(original)
+++ cxf/branches/2.6.x-fixes/rt/rs/security/cors/src/main/java/org/apache/cxf/rs/security/cors/CrossOriginResourceSharingFilter.java
Mon May 20 14:40:27 2013
@@ -64,7 +64,7 @@ import org.apache.cxf.service.Service;
  */
 public class CrossOriginResourceSharingFilter implements RequestHandler, ResponseHandler
{
     private static final Pattern SPACE_PATTERN = Pattern.compile(" ");
-    private static final Pattern FIELD_COMMA_PATTERN = Pattern.compile(",\\w*");
+    private static final Pattern FIELD_COMMA_PATTERN = Pattern.compile(",");
     
     private static final String LOCAL_PREFLIGHT = "local_preflight";
     private static final String LOCAL_PREFLIGHT_ORIGIN = "local_preflight.origin";

Modified: cxf/branches/2.6.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/cors/CrossOriginSimpleTest.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/cors/CrossOriginSimpleTest.java?rev=1484490&r1=1484489&r2=1484490&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/cors/CrossOriginSimpleTest.java
(original)
+++ cxf/branches/2.6.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/cors/CrossOriginSimpleTest.java
Mon May 20 14:40:27 2013
@@ -151,7 +151,7 @@ public class CrossOriginSimpleTest exten
     }
     
     @Test
-    public void preflightPostClassAnnotation() throws ClientProtocolException, IOException
{
+    public void preflightPostClassAnnotationFail() throws ClientProtocolException, IOException
{
         HttpClient httpclient = new DefaultHttpClient();
         HttpOptions httpoptions = new HttpOptions("http://localhost:" + PORT + "/antest/unannotatedPost");
         httpoptions.addHeader("Origin", "http://in.org");
@@ -161,6 +161,67 @@ public class CrossOriginSimpleTest exten
         httpoptions.addHeader(CorsHeaderConstants.HEADER_AC_REQUEST_HEADERS, "X-custom-1");
         HttpResponse response = httpclient.execute(httpoptions);
         assertEquals(200, response.getStatusLine().getStatusCode());
+        assertEquals(0, response.getHeaders(CorsHeaderConstants.HEADER_AC_ALLOW_ORIGIN).length);
+        assertEquals(0, response.getHeaders(CorsHeaderConstants.HEADER_AC_ALLOW_HEADERS).length);
+        assertEquals(0, response.getHeaders(CorsHeaderConstants.HEADER_AC_ALLOW_METHODS).length);
+    }
+    
+    @Test
+    public void preflightPostClassAnnotationFail2() throws ClientProtocolException, IOException
{
+        HttpClient httpclient = new DefaultHttpClient();
+        HttpOptions httpoptions = new HttpOptions("http://localhost:" + PORT + "/antest/unannotatedPost");
+        httpoptions.addHeader("Origin", "http://area51.mil:31415");
+        httpoptions.addHeader("Content-Type", "application/json");
+        httpoptions.addHeader(CorsHeaderConstants.HEADER_AC_REQUEST_METHOD, "POST");
+        httpoptions.addHeader(CorsHeaderConstants.HEADER_AC_REQUEST_HEADERS, "X-custom-3");
+        HttpResponse response = httpclient.execute(httpoptions);
+        assertEquals(200, response.getStatusLine().getStatusCode());
+        assertEquals(0, response.getHeaders(CorsHeaderConstants.HEADER_AC_ALLOW_ORIGIN).length);
+        assertEquals(0, response.getHeaders(CorsHeaderConstants.HEADER_AC_ALLOW_HEADERS).length);
+        assertEquals(0, response.getHeaders(CorsHeaderConstants.HEADER_AC_ALLOW_METHODS).length);
+    }
+    
+    @Test
+    public void preflightPostClassAnnotationPass() throws ClientProtocolException, IOException
{
+        HttpClient httpclient = new DefaultHttpClient();
+        HttpOptions httpoptions = new HttpOptions("http://localhost:" + PORT + "/antest/unannotatedPost");
+        httpoptions.addHeader("Origin", "http://area51.mil:31415");
+        httpoptions.addHeader("Content-Type", "application/json");
+        httpoptions.addHeader(CorsHeaderConstants.HEADER_AC_REQUEST_METHOD, "POST");
+        httpoptions.addHeader(CorsHeaderConstants.HEADER_AC_REQUEST_HEADERS, "X-custom-1");
+        HttpResponse response = httpclient.execute(httpoptions);
+        assertEquals(200, response.getStatusLine().getStatusCode());
+        Header[] origin = response.getHeaders(CorsHeaderConstants.HEADER_AC_ALLOW_ORIGIN);
+        assertEquals(1, origin.length);
+        assertEquals("http://area51.mil:31415", origin[0].getValue());
+        Header[] method = response.getHeaders(CorsHeaderConstants.HEADER_AC_ALLOW_METHODS);
+        assertEquals(1, method.length);
+        assertEquals("POST", method[0].getValue());
+        Header[] requestHeaders = response.getHeaders(CorsHeaderConstants.HEADER_AC_ALLOW_HEADERS);
+        assertEquals(1, requestHeaders.length);
+        assertEquals("X-custom-1", requestHeaders[0].getValue());
+    }
+    
+    @Test
+    public void preflightPostClassAnnotationPass2() throws ClientProtocolException, IOException
{
+        HttpClient httpclient = new DefaultHttpClient();
+        HttpOptions httpoptions = new HttpOptions("http://localhost:" + PORT + "/antest/unannotatedPost");
+        httpoptions.addHeader("Origin", "http://area51.mil:31415");
+        httpoptions.addHeader("Content-Type", "application/json");
+        httpoptions.addHeader(CorsHeaderConstants.HEADER_AC_REQUEST_METHOD, "POST");
+        httpoptions.addHeader(CorsHeaderConstants.HEADER_AC_REQUEST_HEADERS, "X-custom-1,
X-custom-2");
+        HttpResponse response = httpclient.execute(httpoptions);
+        assertEquals(200, response.getStatusLine().getStatusCode());
+        Header[] origin = response.getHeaders(CorsHeaderConstants.HEADER_AC_ALLOW_ORIGIN);
+        assertEquals(1, origin.length);
+        assertEquals("http://area51.mil:31415", origin[0].getValue());
+        Header[] method = response.getHeaders(CorsHeaderConstants.HEADER_AC_ALLOW_METHODS);
+        assertEquals(1, method.length);
+        assertEquals("POST", method[0].getValue());
+        Header[] requestHeaders = response.getHeaders(CorsHeaderConstants.HEADER_AC_ALLOW_HEADERS);
+        assertEquals(1, requestHeaders.length);
+        assertTrue(requestHeaders[0].getValue().contains("X-custom-1"));
+        assertTrue(requestHeaders[0].getValue().contains("X-custom-2"));
     }
     
     @Test



Mime
View raw message