diff --git a/spring-websocket/src/test/java/org/springframework/web/socket/server/support/OriginHandshakeInterceptorTests.java b/spring-websocket/src/test/java/org/springframework/web/socket/server/support/OriginHandshakeInterceptorTests.java index 94930edf75..5cf1bdc768 100644 --- a/spring-websocket/src/test/java/org/springframework/web/socket/server/support/OriginHandshakeInterceptorTests.java +++ b/spring-websocket/src/test/java/org/springframework/web/socket/server/support/OriginHandshakeInterceptorTests.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2016 the original author or authors. + * Copyright 2002-2019 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -61,7 +61,7 @@ public class OriginHandshakeInterceptorTests extends AbstractHttpRequestTests { Map attributes = new HashMap<>(); WebSocketHandler wsHandler = Mockito.mock(WebSocketHandler.class); this.servletRequest.addHeader(HttpHeaders.ORIGIN, "https://mydomain1.com"); - List allowed = Collections.singletonList("/QTifZ/"); + List allowed = Collections.singletonList("https://mydomain2.com"); OriginHandshakeInterceptor interceptor = new OriginHandshakeInterceptor(allowed); assertFalse(interceptor.beforeHandshake(request, response, wsHandler, attributes)); assertEquals(servletResponse.getStatus(), HttpStatus.FORBIDDEN.value()); @@ -71,8 +71,8 @@ public class OriginHandshakeInterceptorTests extends AbstractHttpRequestTests { public void originListMatch() throws Exception { Map attributes = new HashMap<>(); WebSocketHandler wsHandler = Mockito.mock(WebSocketHandler.class); - this.servletRequest.addHeader(HttpHeaders.ORIGIN, "/QTifZ/"); - List allowed = Arrays.asList("https://mydomain1.com", "/QTifZ/", "http://mydomain3.com"); + this.servletRequest.addHeader(HttpHeaders.ORIGIN, "https://mydomain2.com"); + List allowed = Arrays.asList("https://mydomain1.com", "https://mydomain2.com", "http://mydomain3.com"); OriginHandshakeInterceptor interceptor = new OriginHandshakeInterceptor(allowed); assertTrue(interceptor.beforeHandshake(request, response, wsHandler, attributes)); assertNotEquals(servletResponse.getStatus(), HttpStatus.FORBIDDEN.value()); @@ -83,7 +83,7 @@ public class OriginHandshakeInterceptorTests extends AbstractHttpRequestTests { Map attributes = new HashMap<>(); WebSocketHandler wsHandler = Mockito.mock(WebSocketHandler.class); this.servletRequest.addHeader(HttpHeaders.ORIGIN, "http://www.mydomain4.com/"); - List allowed = Arrays.asList("https://mydomain1.com", "/QTifZ/", "http://mydomain3.com"); + List allowed = Arrays.asList("https://mydomain1.com", "https://mydomain2.com", "http://mydomain3.com"); OriginHandshakeInterceptor interceptor = new OriginHandshakeInterceptor(allowed); assertFalse(interceptor.beforeHandshake(request, response, wsHandler, attributes)); assertEquals(servletResponse.getStatus(), HttpStatus.FORBIDDEN.value());