Introduce test for invalid @CrossOrigin.allowCredentials()

This commit is contained in:
Sam Brannen
2015-05-31 18:16:49 +02:00
parent 891d41c005
commit 72b44af862
2 changed files with 46 additions and 20 deletions

View File

@@ -328,15 +328,17 @@ public class RequestMappingHandlerMapping extends RequestMappingInfoHandlerMappi
for (String header : annotation.exposedHeaders()) {
config.addExposedHeader(header);
}
if (annotation.allowCredentials().equalsIgnoreCase("true")) {
String allowCredentials = annotation.allowCredentials();
if ("true".equalsIgnoreCase(allowCredentials)) {
config.setAllowCredentials(true);
}
else if (annotation.allowCredentials().equalsIgnoreCase("false")) {
else if ("false".equalsIgnoreCase(allowCredentials)) {
config.setAllowCredentials(false);
}
else if (!annotation.allowCredentials().isEmpty()) {
throw new IllegalStateException("AllowCredentials value must be \"true\", \"false\" " +
"or \"\" (empty string), current value is " + annotation.allowCredentials());
else if (!allowCredentials.isEmpty()) {
throw new IllegalStateException("@CrossOrigin's allowCredentials value must be \"true\", \"false\", "
+ "or an empty string (\"\"); current value is [" + allowCredentials + "].");
}
if (annotation.maxAge() != -1 && config.getMaxAge() == null) {
config.setMaxAge(annotation.maxAge());