Mirrors/shlink
1
0
Fork 0
mirror of https://github.com/shlinkio/shlink.git synced 2026-02-28 04:03:12 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fixed CrossDomainMiddleware not inferring proper allowed methods

Browse Source
This commit is contained in:
Alejandro Celaya
2021-01-24 13:49:57 +01:00
parent ef54caab85
commit f585cfe02e
3 changed files with 32 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
module/Rest/test/Middleware/CrossDomainMiddlewareTest.php
View File

@@ -6,8 +6,6 @@ namespace ShlinkioTest\Shlink\Rest\Middleware;
use Laminas\Diactoros\Response;
use Laminas\Diactoros\ServerRequest;
use Mezzio\Router\Route;
use Mezzio\Router\RouteResult;
use PHPUnit\Framework\TestCase;
use Prophecy\Argument;
use Prophecy\PhpUnit\ProphecyTrait;
@@ -15,8 +13,6 @@ use Prophecy\Prophecy\ObjectProphecy;
use Psr\Http\Server\RequestHandlerInterface;
use Shlinkio\Shlink\Rest\Middleware\CrossDomainMiddleware;
use function Laminas\Stratigility\middleware;
class CrossDomainMiddlewareTest extends TestCase
{
use ProphecyTrait;
@@ -94,13 +90,15 @@ class CrossDomainMiddlewareTest extends TestCase
* @dataProvider provideRouteResults
*/
public function optionsRequestParsesRouteMatchToDetermineAllowedMethods(
?RouteResult $result,
?string $allowHeader,
string $expectedAllowedMethods
): void {
$originalResponse = new Response();
$request = (new ServerRequest())->withAttribute(RouteResult::class, $result)
->withMethod('OPTIONS')
->withHeader('Origin', 'local');
if ($allowHeader !== null) {
$originalResponse = $originalResponse->withHeader('Allow', $allowHeader);
}
$request = (new ServerRequest())->withHeader('Origin', 'local')
->withMethod('OPTIONS');
$this->handler->handle(Argument::any())->willReturn($originalResponse)->shouldBeCalledOnce();
$response = $this->middleware->process($request, $this->handler->reveal());
@@ -111,15 +109,9 @@ class CrossDomainMiddlewareTest extends TestCase
public function provideRouteResults(): iterable
{
yield 'with no route result' => [null, 'GET,POST,PUT,PATCH,DELETE,OPTIONS'];
yield 'with failed route result' => [RouteResult::fromRouteFailure(['POST', 'GET']), 'POST,GET'];
yield 'with success route result' => [
RouteResult::fromRoute(
new Route('/', middleware(function (): void {
}), ['DELETE', 'PATCH', 'PUT']),
),
'DELETE,PATCH,PUT',
];
yield 'no allow header in response' => [null, 'GET,POST,PUT,PATCH,DELETE'];
yield 'allow header in response' => ['POST,GET', 'POST,GET'];
yield 'also allow header in response' => ['DELETE,PATCH,PUT', 'DELETE,PATCH,PUT'];
}
/**