Make DefaultCorsProcessor Servlet 2.5 compliant
This commit adds CORS related headers to HttpHeaders and update DefaultCorsProcessor implementation to use ServerHttpRequest and ServerHttpResponse instead of HttpServletRequest and HttpServletResponse. Usage of ServerHttpResponse allows to avoid using Servlet 3.0 specific methods in order keep CORS support Servlet 2.5 compliant. Issue: SPR-12885
This commit is contained in:
@@ -66,7 +66,7 @@ public class CorsAbstractHandlerMappingTests {
|
||||
this.request.setMethod(RequestMethod.GET.name());
|
||||
this.request.setRequestURI("/notcors");
|
||||
this.request.addHeader(HttpHeaders.ORIGIN, "http://domain2.com/test.html");
|
||||
this.request.addHeader(CorsUtils.ACCESS_CONTROL_REQUEST_METHOD, "GET");
|
||||
this.request.addHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_METHOD, "GET");
|
||||
HandlerExecutionChain chain = handlerMapping.getHandler(this.request);
|
||||
assertTrue(chain.getHandler() instanceof SimpleHandler);
|
||||
}
|
||||
@@ -76,7 +76,7 @@ public class CorsAbstractHandlerMappingTests {
|
||||
this.request.setMethod(RequestMethod.OPTIONS.name());
|
||||
this.request.setRequestURI("/notcors");
|
||||
this.request.addHeader(HttpHeaders.ORIGIN, "http://domain2.com/test.html");
|
||||
this.request.addHeader(CorsUtils.ACCESS_CONTROL_REQUEST_METHOD, "GET");
|
||||
this.request.addHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_METHOD, "GET");
|
||||
HandlerExecutionChain chain = handlerMapping.getHandler(this.request);
|
||||
assertTrue(chain.getHandler() instanceof SimpleHandler);
|
||||
}
|
||||
@@ -86,7 +86,7 @@ public class CorsAbstractHandlerMappingTests {
|
||||
this.request.setMethod(RequestMethod.GET.name());
|
||||
this.request.setRequestURI("/cors");
|
||||
this.request.addHeader(HttpHeaders.ORIGIN, "http://domain2.com/test.html");
|
||||
this.request.addHeader(CorsUtils.ACCESS_CONTROL_REQUEST_METHOD, "GET");
|
||||
this.request.addHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_METHOD, "GET");
|
||||
HandlerExecutionChain chain = handlerMapping.getHandler(this.request);
|
||||
assertTrue(chain.getHandler() instanceof CorsAwareHandler);
|
||||
CorsConfiguration config = getCorsConfiguration(chain, false);
|
||||
@@ -99,7 +99,7 @@ public class CorsAbstractHandlerMappingTests {
|
||||
this.request.setMethod(RequestMethod.OPTIONS.name());
|
||||
this.request.setRequestURI("/cors");
|
||||
this.request.addHeader(HttpHeaders.ORIGIN, "http://domain2.com/test.html");
|
||||
this.request.addHeader(CorsUtils.ACCESS_CONTROL_REQUEST_METHOD, "GET");
|
||||
this.request.addHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_METHOD, "GET");
|
||||
HandlerExecutionChain chain = handlerMapping.getHandler(this.request);
|
||||
assertNotNull(chain.getHandler());
|
||||
assertTrue(chain.getHandler().getClass().getSimpleName().equals("PreFlightHandler"));
|
||||
|
||||
@@ -25,7 +25,6 @@ import org.junit.Test;
|
||||
import org.springframework.http.HttpHeaders;
|
||||
import org.springframework.mock.web.test.MockHttpServletRequest;
|
||||
import org.springframework.web.bind.annotation.RequestMethod;
|
||||
import org.springframework.web.cors.CorsUtils;
|
||||
import org.springframework.web.servlet.mvc.condition.ConsumesRequestCondition;
|
||||
import org.springframework.web.servlet.mvc.condition.HeadersRequestCondition;
|
||||
import org.springframework.web.servlet.mvc.condition.ParamsRequestCondition;
|
||||
@@ -321,7 +320,7 @@ public class RequestMappingInfoTests {
|
||||
public void preFlightRequest() {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest("OPTIONS", "/foo");
|
||||
request.addHeader(HttpHeaders.ORIGIN, "http://domain.com");
|
||||
request.addHeader(CorsUtils.ACCESS_CONTROL_REQUEST_METHOD, "POST");
|
||||
request.addHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_METHOD, "POST");
|
||||
|
||||
RequestMappingInfo info = new RequestMappingInfo(
|
||||
new PatternsRequestCondition("/foo"), new RequestMethodsRequestCondition(RequestMethod.POST), null,
|
||||
|
||||
@@ -32,7 +32,6 @@ import org.springframework.stereotype.Controller;
|
||||
import org.springframework.web.bind.annotation.CrossOrigin;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMethod;
|
||||
import org.springframework.web.cors.CorsUtils;
|
||||
import org.springframework.web.servlet.HandlerExecutionChain;
|
||||
import org.springframework.web.servlet.HandlerInterceptor;
|
||||
import org.springframework.web.servlet.mvc.condition.ConsumesRequestCondition;
|
||||
@@ -138,7 +137,7 @@ public class CrossOriginTests {
|
||||
public void preFlightRequest() throws Exception {
|
||||
this.handlerMapping.registerHandler(new MethodLevelController());
|
||||
this.request.setMethod("OPTIONS");
|
||||
this.request.addHeader(CorsUtils.ACCESS_CONTROL_REQUEST_METHOD, "GET");
|
||||
this.request.addHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_METHOD, "GET");
|
||||
this.request.setRequestURI("/default");
|
||||
HandlerExecutionChain chain = this.handlerMapping.getHandler(request);
|
||||
CorsConfiguration config = getCorsConfiguration(chain, true);
|
||||
@@ -155,8 +154,8 @@ public class CrossOriginTests {
|
||||
public void ambiguousHeaderPreFlightRequest() throws Exception {
|
||||
this.handlerMapping.registerHandler(new MethodLevelController());
|
||||
this.request.setMethod("OPTIONS");
|
||||
this.request.addHeader(CorsUtils.ACCESS_CONTROL_REQUEST_METHOD, "GET");
|
||||
this.request.addHeader(CorsUtils.ACCESS_CONTROL_REQUEST_HEADERS, "header1");
|
||||
this.request.addHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_METHOD, "GET");
|
||||
this.request.addHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_HEADERS, "header1");
|
||||
this.request.setRequestURI("/ambiguous-header");
|
||||
HandlerExecutionChain chain = this.handlerMapping.getHandler(request);
|
||||
CorsConfiguration config = getCorsConfiguration(chain, true);
|
||||
@@ -173,7 +172,7 @@ public class CrossOriginTests {
|
||||
public void ambiguousProducesPreFlightRequest() throws Exception {
|
||||
this.handlerMapping.registerHandler(new MethodLevelController());
|
||||
this.request.setMethod("OPTIONS");
|
||||
this.request.addHeader(CorsUtils.ACCESS_CONTROL_REQUEST_METHOD, "GET");
|
||||
this.request.addHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_METHOD, "GET");
|
||||
this.request.setRequestURI("/ambiguous-produces");
|
||||
HandlerExecutionChain chain = this.handlerMapping.getHandler(request);
|
||||
CorsConfiguration config = getCorsConfiguration(chain, true);
|
||||
|
||||
Reference in New Issue
Block a user