Skip to content

Commit

Permalink
fix: let framework known app has custom origin handler or not (#28) (#29
Browse files Browse the repository at this point in the history
)

auto set config.cors.hasCustomOriginHandler

pick from #28
  • Loading branch information
fengmk2 authored Apr 25, 2024
1 parent 770bda9 commit b446a98
Show file tree
Hide file tree
Showing 7 changed files with 27 additions and 26 deletions.
24 changes: 0 additions & 24 deletions .github/PULL_REQUEST_TEMPLATE.md

This file was deleted.

1 change: 1 addition & 0 deletions app.js
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ module.exports = app => {
app.config.coreMiddlewares.unshift('cors');

// if security plugin enabled, and origin config is not provided, will only allow safe domains support CORS.
app.config.cors.hasCustomOriginHandler = !!app.config.cors.origin;
app.config.cors.origin = app.config.cors.origin || function corsOrigin(ctx) {
// origin is {protocol}{hostname}{port}...
const origin = ctx.get('origin');
Expand Down
2 changes: 0 additions & 2 deletions config/config.default.js
Original file line number Diff line number Diff line change
@@ -1,5 +1,3 @@
'use strict';

/**
* cors default config
* @member Config#cors
Expand Down
7 changes: 7 additions & 0 deletions test/cors.default-config.test.js
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,13 @@ describe('test/cors.default-config.test.js', () => {
.expect(200);
});

it('should hasCustomOriginHandler set to false', () => {
return app.httpRequest()
.get('/config')
.expect({ hasCustomOriginHandler: false })
.expect(200);
});

it('should not set `Access-Control-Allow-Origin` to request origin header', () => {
app.httpRequest()
.get('/')
Expand Down
7 changes: 7 additions & 0 deletions test/cors.origin-function.test.js
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,13 @@ describe('test/cors.origin-function.test.js', () => {
.expect(200);
});

it('should hasCustomOriginHandler set to true', () => {
return app.httpRequest()
.get('/config')
.expect({ hasCustomOriginHandler: true })
.expect(200);
});

it('should set `Access-Control-Allow-Origin` to request origin header', () => {
return app.httpRequest()
.get('/')
Expand Down
6 changes: 6 additions & 0 deletions test/fixtures/apps/cors-default-config/app/router.js
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,12 @@ module.exports = app => {
};
});

app.get('/config', async ctx => {
ctx.body = {
hasCustomOriginHandler: ctx.app.config.cors.hasCustomOriginHandler,
};
});

app.post('/', async ctx => {
ctx.body = {
foo: 'bar',
Expand Down
6 changes: 6 additions & 0 deletions test/fixtures/apps/cors.origin-function/app/router.js
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,12 @@ module.exports = app => {
};
});

app.get('/config', async ctx => {
ctx.body = {
hasCustomOriginHandler: ctx.app.config.cors.hasCustomOriginHandler,
};
});

app.post('/', async ctx => {
ctx.body = {
foo: 'bar',
Expand Down

0 comments on commit b446a98

Please sign in to comment.