Consolidate CORS/OPTIONS request mapping
The CORS pre-flight request matching logic for all request conditions was added (in 4.2) to RequestMappingInfo. However the logic for default handling of all HTTP OPTIONS requests for 4.3 unintentionally overrode some of the pre-flight request handling thus causing issues. This commit moves CORS pre-flight matching logic into each respective RequestMethodCondition implementations so each has to consider in one place what happens for pre-flight and for all other requests. Issue: SPR-13130
This commit is contained in:
@@ -22,6 +22,7 @@ import javax.servlet.http.HttpServletRequest;
|
||||
|
||||
import org.junit.Test;
|
||||
|
||||
import org.springframework.http.HttpHeaders;
|
||||
import org.springframework.mock.web.test.MockHttpServletRequest;
|
||||
import org.springframework.web.bind.annotation.RequestMethod;
|
||||
|
||||
@@ -29,10 +30,12 @@ import static org.junit.Assert.assertEquals;
|
||||
import static org.junit.Assert.assertNotNull;
|
||||
import static org.junit.Assert.assertNull;
|
||||
import static org.junit.Assert.assertTrue;
|
||||
import static org.springframework.web.bind.annotation.RequestMethod.DELETE;
|
||||
import static org.springframework.web.bind.annotation.RequestMethod.GET;
|
||||
import static org.springframework.web.bind.annotation.RequestMethod.HEAD;
|
||||
import static org.springframework.web.bind.annotation.RequestMethod.OPTIONS;
|
||||
import static org.springframework.web.bind.annotation.RequestMethod.POST;
|
||||
import static org.springframework.web.bind.annotation.RequestMethod.PUT;
|
||||
|
||||
/**
|
||||
* @author Arjen Poutsma
|
||||
@@ -73,6 +76,17 @@ public class RequestMethodsRequestConditionTests {
|
||||
assertNull(new RequestMethodsRequestCondition(GET, POST).getMatchingCondition(request));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void getMatchingConditionWithCorsPreFlight() throws Exception {
|
||||
MockHttpServletRequest request = new MockHttpServletRequest("OPTIONS", "");
|
||||
request.addHeader("Origin", "http://example.com");
|
||||
request.addHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_METHOD, "PUT");
|
||||
|
||||
assertNotNull(new RequestMethodsRequestCondition().getMatchingCondition(request));
|
||||
assertNotNull(new RequestMethodsRequestCondition(PUT).getMatchingCondition(request));
|
||||
assertNull(new RequestMethodsRequestCondition(DELETE).getMatchingCondition(request));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void compareTo() {
|
||||
RequestMethodsRequestCondition c1 = new RequestMethodsRequestCondition(GET, HEAD);
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2002-2015 the original author or authors.
|
||||
* Copyright 2002-2016 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -332,7 +332,7 @@ public class RequestMappingInfoTests {
|
||||
new PatternsRequestCondition("/foo"), new RequestMethodsRequestCondition(RequestMethod.OPTIONS), null,
|
||||
null, null, null, null);
|
||||
match = info.getMatchingCondition(request);
|
||||
assertNotNull(match);
|
||||
assertNull("Pre-flight should match the ACCESS_CONTROL_REQUEST_METHOD", match);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user