Polish URL Cleanup
This commit is contained in:
@@ -225,7 +225,7 @@ public class HandlersBeanDefinitionParserTests {
|
||||
assertThat(interceptors, contains(instanceOf(OriginHandshakeInterceptor.class)));
|
||||
assertTrue(transportService.shouldSuppressCors());
|
||||
assertTrue(transportService.getAllowedOrigins().contains("https://mydomain1.com"));
|
||||
assertTrue(transportService.getAllowedOrigins().contains("/QTifZ/"));
|
||||
assertTrue(transportService.getAllowedOrigins().contains("https://mydomain2.com"));
|
||||
}
|
||||
|
||||
|
||||
|
||||
@@ -184,8 +184,8 @@ public class MessageBrokerBeanDefinitionParserTests {
|
||||
interceptors = defaultSockJsService.getHandshakeInterceptors();
|
||||
assertThat(interceptors, contains(instanceOf(FooTestInterceptor.class),
|
||||
instanceOf(BarTestInterceptor.class), instanceOf(OriginHandshakeInterceptor.class)));
|
||||
assertTrue(defaultSockJsService.getAllowedOrigins().contains("http://mydomain3.com"));
|
||||
assertTrue(defaultSockJsService.getAllowedOrigins().contains("http://www.mydomain4.com/"));
|
||||
assertTrue(defaultSockJsService.getAllowedOrigins().contains("https://mydomain3.com"));
|
||||
assertTrue(defaultSockJsService.getAllowedOrigins().contains("https://mydomain4.com"));
|
||||
|
||||
SimpUserRegistry userRegistry = this.appContext.getBean(SimpUserRegistry.class);
|
||||
assertNotNull(userRegistry);
|
||||
|
||||
@@ -117,7 +117,7 @@ public class OriginHandshakeInterceptorTests extends AbstractHttpRequestTests {
|
||||
public void sameOriginMatchWithEmptyAllowedOrigins() throws Exception {
|
||||
Map<String, Object> attributes = new HashMap<>();
|
||||
WebSocketHandler wsHandler = Mockito.mock(WebSocketHandler.class);
|
||||
this.servletRequest.addHeader(HttpHeaders.ORIGIN, "/QTifZ/");
|
||||
this.servletRequest.addHeader(HttpHeaders.ORIGIN, "http://mydomain2.com");
|
||||
this.servletRequest.setServerName("mydomain2.com");
|
||||
OriginHandshakeInterceptor interceptor = new OriginHandshakeInterceptor(Collections.emptyList());
|
||||
assertTrue(interceptor.beforeHandshake(request, response, wsHandler, attributes));
|
||||
@@ -128,9 +128,9 @@ public class OriginHandshakeInterceptorTests extends AbstractHttpRequestTests {
|
||||
public void sameOriginMatchWithAllowedOrigins() throws Exception {
|
||||
Map<String, Object> attributes = new HashMap<>();
|
||||
WebSocketHandler wsHandler = Mockito.mock(WebSocketHandler.class);
|
||||
this.servletRequest.addHeader(HttpHeaders.ORIGIN, "/QTifZ/");
|
||||
this.servletRequest.addHeader(HttpHeaders.ORIGIN, "http://mydomain2.com");
|
||||
this.servletRequest.setServerName("mydomain2.com");
|
||||
OriginHandshakeInterceptor interceptor = new OriginHandshakeInterceptor(Arrays.asList("https://mydomain1.com"));
|
||||
OriginHandshakeInterceptor interceptor = new OriginHandshakeInterceptor(Arrays.asList("http://mydomain1.com"));
|
||||
assertTrue(interceptor.beforeHandshake(request, response, wsHandler, attributes));
|
||||
assertNotEquals(servletResponse.getStatus(), HttpStatus.FORBIDDEN.value());
|
||||
}
|
||||
|
||||
@@ -114,7 +114,7 @@ public class SockJsServiceTests extends AbstractHttpRequestTests {
|
||||
@Test // SPR-12226 and SPR-12660
|
||||
public void handleInfoGetWithOrigin() throws IOException {
|
||||
this.servletRequest.setServerName("mydomain2.com");
|
||||
this.servletRequest.addHeader(HttpHeaders.ORIGIN, "/QTifZ/");
|
||||
this.servletRequest.addHeader(HttpHeaders.ORIGIN, "http://mydomain2.com");
|
||||
resetResponseAndHandleRequest("GET", "/echo/info", HttpStatus.OK);
|
||||
|
||||
assertEquals("application/json;charset=UTF-8", this.servletResponse.getContentType());
|
||||
@@ -125,17 +125,17 @@ public class SockJsServiceTests extends AbstractHttpRequestTests {
|
||||
assertEquals(",\"origins\":[\"*:*\"],\"cookie_needed\":true,\"websocket\":true}",
|
||||
body.substring(body.indexOf(',')));
|
||||
|
||||
this.service.setAllowedOrigins(Collections.singletonList("https://mydomain1.com"));
|
||||
this.service.setAllowedOrigins(Collections.singletonList("http://mydomain1.com"));
|
||||
resetResponseAndHandleRequest("GET", "/echo/info", HttpStatus.OK);
|
||||
|
||||
this.service.setAllowedOrigins(Arrays.asList("https://mydomain1.com", "/QTifZ/", "http://mydomain3.com"));
|
||||
this.service.setAllowedOrigins(Arrays.asList("http://mydomain1.com", "http://mydomain2.com", "http://mydomain3.com"));
|
||||
resetResponseAndHandleRequest("GET", "/echo/info", HttpStatus.OK);
|
||||
|
||||
this.service.setAllowedOrigins(Collections.singletonList("*"));
|
||||
resetResponseAndHandleRequest("GET", "/echo/info", HttpStatus.OK);
|
||||
|
||||
this.servletRequest.setServerName("mydomain3.com");
|
||||
this.service.setAllowedOrigins(Collections.singletonList("https://mydomain1.com"));
|
||||
this.service.setAllowedOrigins(Collections.singletonList("http://mydomain1.com"));
|
||||
resetResponseAndHandleRequest("GET", "/echo/info", HttpStatus.FORBIDDEN);
|
||||
}
|
||||
|
||||
@@ -176,17 +176,17 @@ public class SockJsServiceTests extends AbstractHttpRequestTests {
|
||||
@Test // SPR-12226 and SPR-12660
|
||||
public void handleInfoOptionsWithAllowedOrigin() {
|
||||
this.servletRequest.setServerName("mydomain2.com");
|
||||
this.servletRequest.addHeader(HttpHeaders.ORIGIN, "/QTifZ/");
|
||||
this.servletRequest.addHeader(HttpHeaders.ORIGIN, "http://mydomain2.com");
|
||||
this.servletRequest.addHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_METHOD, "GET");
|
||||
this.servletRequest.addHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_HEADERS, "Last-Modified");
|
||||
resetResponseAndHandleRequest("OPTIONS", "/echo/info", HttpStatus.NO_CONTENT);
|
||||
assertNotNull(this.service.getCorsConfiguration(this.servletRequest));
|
||||
|
||||
this.service.setAllowedOrigins(Collections.singletonList("https://mydomain1.com"));
|
||||
this.service.setAllowedOrigins(Collections.singletonList("http://mydomain1.com"));
|
||||
resetResponseAndHandleRequest("OPTIONS", "/echo/info", HttpStatus.NO_CONTENT);
|
||||
assertNotNull(this.service.getCorsConfiguration(this.servletRequest));
|
||||
|
||||
this.service.setAllowedOrigins(Arrays.asList("https://mydomain1.com", "/QTifZ/", "http://mydomain3.com"));
|
||||
this.service.setAllowedOrigins(Arrays.asList("http://mydomain1.com", "http://mydomain2.com", "http://mydomain3.com"));
|
||||
resetResponseAndHandleRequest("OPTIONS", "/echo/info", HttpStatus.NO_CONTENT);
|
||||
assertNotNull(this.service.getCorsConfiguration(this.servletRequest));
|
||||
|
||||
@@ -198,7 +198,7 @@ public class SockJsServiceTests extends AbstractHttpRequestTests {
|
||||
@Test // SPR-16304
|
||||
public void handleInfoOptionsWithForbiddenOrigin() {
|
||||
this.servletRequest.setServerName("mydomain3.com");
|
||||
this.servletRequest.addHeader(HttpHeaders.ORIGIN, "/QTifZ/");
|
||||
this.servletRequest.addHeader(HttpHeaders.ORIGIN, "https://mydomain2.com");
|
||||
this.servletRequest.addHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_METHOD, "GET");
|
||||
this.servletRequest.addHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_HEADERS, "Last-Modified");
|
||||
resetResponseAndHandleRequest("OPTIONS", "/echo/info", HttpStatus.FORBIDDEN);
|
||||
@@ -213,7 +213,7 @@ public class SockJsServiceTests extends AbstractHttpRequestTests {
|
||||
|
||||
@Test // SPR-12283
|
||||
public void handleInfoOptionsWithOriginAndCorsHeadersDisabled() {
|
||||
this.servletRequest.addHeader(HttpHeaders.ORIGIN, "/QTifZ/");
|
||||
this.servletRequest.addHeader(HttpHeaders.ORIGIN, "https://mydomain2.com");
|
||||
this.service.setAllowedOrigins(Collections.singletonList("*"));
|
||||
this.service.setSuppressCors(true);
|
||||
|
||||
@@ -225,7 +225,7 @@ public class SockJsServiceTests extends AbstractHttpRequestTests {
|
||||
resetResponseAndHandleRequest("OPTIONS", "/echo/info", HttpStatus.FORBIDDEN);
|
||||
assertNull(this.service.getCorsConfiguration(this.servletRequest));
|
||||
|
||||
this.service.setAllowedOrigins(Arrays.asList("https://mydomain1.com", "/QTifZ/", "http://mydomain3.com"));
|
||||
this.service.setAllowedOrigins(Arrays.asList("https://mydomain1.com", "https://mydomain2.com", "http://mydomain3.com"));
|
||||
resetResponseAndHandleRequest("OPTIONS", "/echo/info", HttpStatus.NO_CONTENT);
|
||||
assertNull(this.service.getCorsConfiguration(this.servletRequest));
|
||||
}
|
||||
|
||||
@@ -149,7 +149,7 @@ public class DefaultSockJsServiceTests extends AbstractHttpRequestTests {
|
||||
public void handleTransportRequestXhrAllowedOriginsMatch() throws Exception {
|
||||
String sockJsPath = sessionUrlPrefix + "xhr";
|
||||
setRequest("POST", sockJsPrefix + sockJsPath);
|
||||
this.service.setAllowedOrigins(Arrays.asList("https://mydomain1.com", "/QTifZ/"));
|
||||
this.service.setAllowedOrigins(Arrays.asList("https://mydomain1.com", "https://mydomain2.com"));
|
||||
this.servletRequest.addHeader(HttpHeaders.ORIGIN, "https://mydomain1.com");
|
||||
this.service.handleRequest(this.request, this.response, sockJsPath, this.wsHandler);
|
||||
|
||||
@@ -160,7 +160,7 @@ public class DefaultSockJsServiceTests extends AbstractHttpRequestTests {
|
||||
public void handleTransportRequestXhrAllowedOriginsNoMatch() throws Exception {
|
||||
String sockJsPath = sessionUrlPrefix + "xhr";
|
||||
setRequest("POST", sockJsPrefix + sockJsPath);
|
||||
this.service.setAllowedOrigins(Arrays.asList("https://mydomain1.com", "/QTifZ/"));
|
||||
this.service.setAllowedOrigins(Arrays.asList("https://mydomain1.com", "https://mydomain2.com"));
|
||||
this.servletRequest.addHeader(HttpHeaders.ORIGIN, "http://mydomain3.com");
|
||||
this.service.handleRequest(this.request, this.response, sockJsPath, this.wsHandler);
|
||||
|
||||
@@ -172,7 +172,7 @@ public class DefaultSockJsServiceTests extends AbstractHttpRequestTests {
|
||||
String sockJsPath = sessionUrlPrefix + "xhr";
|
||||
setRequest("POST", sockJsPrefix + sockJsPath);
|
||||
this.service.setAllowedOrigins(Arrays.asList("https://mydomain1.com"));
|
||||
this.servletRequest.addHeader(HttpHeaders.ORIGIN, "/QTifZ/");
|
||||
this.servletRequest.addHeader(HttpHeaders.ORIGIN, "https://mydomain1.com");
|
||||
this.servletRequest.setServerName("mydomain2.com");
|
||||
this.service.handleRequest(this.request, this.response, sockJsPath, this.wsHandler);
|
||||
|
||||
@@ -184,7 +184,7 @@ public class DefaultSockJsServiceTests extends AbstractHttpRequestTests {
|
||||
String sockJsPath = sessionUrlPrefix + "invalid";
|
||||
setRequest("POST", sockJsPrefix + sockJsPath);
|
||||
this.service.setAllowedOrigins(Arrays.asList("https://mydomain1.com"));
|
||||
this.servletRequest.addHeader(HttpHeaders.ORIGIN, "/QTifZ/");
|
||||
this.servletRequest.addHeader(HttpHeaders.ORIGIN, "https://mydomain2.com");
|
||||
this.servletRequest.setServerName("mydomain2.com");
|
||||
this.service.handleRequest(this.request, this.response, sockJsPath, this.wsHandler);
|
||||
|
||||
@@ -280,7 +280,7 @@ public class DefaultSockJsServiceTests extends AbstractHttpRequestTests {
|
||||
|
||||
resetRequestAndResponse();
|
||||
setRequest("GET", sockJsPrefix + sockJsPath);
|
||||
this.servletRequest.addHeader(HttpHeaders.ORIGIN, "/QTifZ/");
|
||||
this.servletRequest.addHeader(HttpHeaders.ORIGIN, "https://mydomain2.com");
|
||||
wsService.handleRequest(this.request, this.response, sockJsPath, this.wsHandler);
|
||||
assertEquals(403, this.servletResponse.getStatus());
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user