You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@openwhisk.apache.org by ra...@apache.org on 2017/06/30 17:00:05 UTC
[incubator-openwhisk] branch master updated: Display CORS Headers
for Non-Options Requests (Review) (#2444)
This is an automated email from the ASF dual-hosted git repository.
rabbah pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-openwhisk.git
The following commit(s) were added to refs/heads/master by this push:
new 08bb565 Display CORS Headers for Non-Options Requests (Review) (#2444)
08bb565 is described below
commit 08bb5658fbe7f509a5bece12905b8f3745240dcd
Author: James Dubee <jw...@us.ibm.com>
AuthorDate: Fri Jun 30 13:00:00 2017 -0400
Display CORS Headers for Non-Options Requests (Review) (#2444)
---
.../scala/whisk/core/controller/WebActions.scala | 16 +++++------
tests/dat/actions/corsHeaderMod.js | 5 +++-
.../whisk/core/cli/test/WskWebActionsTests.scala | 33 ++++++++++++++++++++--
.../core/controller/test/WebActionsApiTests.scala | 13 ++++++---
4 files changed, 51 insertions(+), 16 deletions(-)
diff --git a/core/controller/src/main/scala/whisk/core/controller/WebActions.scala b/core/controller/src/main/scala/whisk/core/controller/WebActions.scala
index c05c4c0..a7cefab 100644
--- a/core/controller/src/main/scala/whisk/core/controller/WebActions.scala
+++ b/core/controller/src/main/scala/whisk/core/controller/WebActions.scala
@@ -413,16 +413,16 @@ trait WhiskWebActionsApi
provide(fullyQualifiedActionName(actionName)) { fullActionName =>
onComplete(verifyWebAction(fullActionName, onBehalfOf.isDefined)) {
case Success((actionOwnerIdentity, action)) =>
- context.method match {
- // if options method and action opted into default response, send standard response
- case OPTIONS if !action.annotations.asBool("web-custom-options").exists(identity) =>
- respondWithHeaders(allowOrigin, allowMethods) {
+ if (!action.annotations.asBool("web-custom-options").exists(identity)) {
+ respondWithHeaders(allowOrigin, allowMethods) {
+ if (context.method == OPTIONS) {
complete(OK, HttpEntity.Empty)
+ } else {
+ extractEntityAndProcessRequest(actionOwnerIdentity, action, extension, onBehalfOf, context, e)
}
-
- // otherwise not an options method, or action will respond to options verb
- case _ =>
- extractEntityAndProcessRequest(actionOwnerIdentity, action, extension, onBehalfOf, context, e)
+ }
+ } else {
+ extractEntityAndProcessRequest(actionOwnerIdentity, action, extension, onBehalfOf, context, e)
}
case Failure(t: RejectRequest) =>
diff --git a/tests/dat/actions/corsHeaderMod.js b/tests/dat/actions/corsHeaderMod.js
index b85b4a1..a658160 100644
--- a/tests/dat/actions/corsHeaderMod.js
+++ b/tests/dat/actions/corsHeaderMod.js
@@ -2,7 +2,10 @@ function main() {
return {
headers: {
"Access-Control-Allow-Origin": "Origin set from Web Action",
- "Access-Control-Allow-Headers": "Headers set from Web Action"
+ "Access-Control-Allow-Headers": "Headers set from Web Action",
+ "Access-Control-Allow-Methods": "Methods set from Web Action",
+ "Location": "openwhisk.org",
+ "Set-Cookie": "cookie-cookie-cookie"
},
code: 200
}
diff --git a/tests/src/test/scala/whisk/core/cli/test/WskWebActionsTests.scala b/tests/src/test/scala/whisk/core/cli/test/WskWebActionsTests.scala
index f1f584e..5983a99 100644
--- a/tests/src/test/scala/whisk/core/cli/test/WskWebActionsTests.scala
+++ b/tests/src/test/scala/whisk/core/cli/test/WskWebActionsTests.scala
@@ -215,19 +215,46 @@ trait WskWebActionsTests
(wp, assetHelper) =>
val name = "webaction"
val file = Some(TestUtils.getTestActionFilename("corsHeaderMod.js"))
+ val host = getServiceURL()
+ val url = host + s"$testRoutePath/$namespace/default/webaction.http"
assetHelper.withCleaner(wsk.action, name) {
(action, _) =>
action.create(name, file, web = Some("true"), annotations = Map("web-custom-options" -> true.toJson))
}
- val host = getServiceURL()
- val url = host + s"$testRoutePath/$namespace/default/webaction.http"
-
val response = RestAssured.given().config(sslconfig).options(url)
+
response.statusCode shouldBe 200
response.header("Access-Control-Allow-Origin") shouldBe "Origin set from Web Action"
response.header("Access-Control-Allow-Headers") shouldBe "Headers set from Web Action"
+ response.header("Access-Control-Allow-Methods") shouldBe "Methods set from Web Action"
+ response.header("Location") shouldBe "openwhisk.org"
+ response.header("Set-Cookie") shouldBe "cookie-cookie-cookie"
+ }
+
+ it should "ensure that default CORS header is preserved" in withAssetCleaner(wskprops) {
+ (wp, assetHelper) =>
+ val name = "webaction"
+ val file = Some(TestUtils.getTestActionFilename("corsHeaderMod.js"))
+ val host = getServiceURL()
+ val url = host + s"$testRoutePath/$namespace/default/webaction"
+
+ assetHelper.withCleaner(wsk.action, name) {
+ (action, _) =>
+ action.create(name, file, web = Some("true"))
+ }
+
+ val responses = Seq(RestAssured.given().config(sslconfig).options(s"$url.http"),
+ RestAssured.given().config(sslconfig).get(s"$url.json"))
+
+ responses.foreach { response =>
+ response.statusCode shouldBe 200
+ response.header("Access-Control-Allow-Origin") shouldBe "*"
+ response.header("Access-Control-Allow-Methods") shouldBe "OPTIONS, GET, DELETE, POST, PUT, HEAD, PATCH"
+ response.header("Location") shouldBe null
+ response.header("Set-Cookie") shouldBe null
+ }
}
it should "invoke web action to ensure the returned body argument is correct" in withAssetCleaner(wskprops) {
diff --git a/tests/src/test/scala/whisk/core/controller/test/WebActionsApiTests.scala b/tests/src/test/scala/whisk/core/controller/test/WebActionsApiTests.scala
index 9a4dc92..307a31c 100644
--- a/tests/src/test/scala/whisk/core/controller/test/WebActionsApiTests.scala
+++ b/tests/src/test/scala/whisk/core/controller/test/WebActionsApiTests.scala
@@ -1131,13 +1131,18 @@ trait WebActionsApiTests extends ControllerTestCommon with BeforeAndAfterEach wi
implicit val tid = transid()
customOptions = false
- Seq(s"$systemId/proxy/export_c.http").
+ Seq(s"$systemId/proxy/export_c.http", s"$systemId/proxy/export_c.json?a=b&c=d").
foreach { path =>
- Options(s"$testRoutePath/$path") ~> sealRoute(routes(creds)) ~> check {
- header("Access-Control-Allow-Origin").get.toString shouldBe "Access-Control-Allow-Origin: *"
- header("Access-Control-Allow-Methods").get.toString shouldBe "Access-Control-Allow-Methods: OPTIONS, GET, DELETE, POST, PUT, HEAD, PATCH"
+ allowedMethods.foreach { m =>
+ invocationsAllowed += 1
+ m(s"$testRoutePath/$path") ~> sealRoute(routes(creds)) ~> check {
+ header("Access-Control-Allow-Origin").get.toString shouldBe "Access-Control-Allow-Origin: *"
+ header("Access-Control-Allow-Methods").get.toString shouldBe "Access-Control-Allow-Methods: OPTIONS, GET, DELETE, POST, PUT, HEAD, PATCH"
+ }
}
}
+
+ invocationsAllowed -= 2 // Options request does not cause invocation of an action
}
it should s"invoke action with head verb (auth? ${creds.isDefined})" in {
--
To stop receiving notification emails like this one, please contact
['"commits@openwhisk.apache.org" <co...@openwhisk.apache.org>'].