mirror of
https://github.com/scratchfoundation/restify-cors-middleware.git
synced 2024-12-18 20:02:22 -05:00
add test for checking for duplicate allow headers
This commit is contained in:
parent
397d6f7279
commit
0217b82729
1 changed files with 20 additions and 0 deletions
|
@ -125,4 +125,24 @@ describe('CORS: preflight requests', function () {
|
|||
.expect(204)
|
||||
.end(done)
|
||||
})
|
||||
|
||||
it('[Not in spec] The Allow-Headers should not contain duplicates', function (done) {
|
||||
var server = test.corsServer({
|
||||
origins: ['http://api.myapp.com', 'http://www.myapp.com']
|
||||
})
|
||||
request(server)
|
||||
.options('/test')
|
||||
.set('Origin', 'http://api.myapp.com')
|
||||
.set('Access-Control-Request-Method', 'GET')
|
||||
.expect(204)
|
||||
.then(function (request) {
|
||||
var allowHeaders = request.headers['access-control-allow-headers'].split(', ')
|
||||
|
||||
if (((new Set(allowHeaders)).size !== allowHeaders.length)) {
|
||||
return done(new Error('duplicate header detected'))
|
||||
}
|
||||
|
||||
done(null)
|
||||
})
|
||||
})
|
||||
})
|
||||
|
|
Loading…
Reference in a new issue