krikkert/habitica
1
0
Fork 0
mirror of https://github.com/HabitRPG/habitica.git synced 2025-12-17 22:57:21 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix(api): Allow x-client to be set in cors middleware (#8117)

Browse Source 
* fix(api): Allow x-client to be set in cors middleware

* chore: update cors middlware tests
This commit is contained in:
Blade Barringer
2016-10-10 17:35:00 -05:00
committed by GitHub
parent 578dee59bd
commit 8db6b7c6cb
2 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
test/api/v3/unit/middlewares/cors.test.js
View File

@@ -20,7 +20,7 @@ describe('cors middleware', () => {
expect(res.set).to.have.been.calledWith({ expect(res.set).to.have.been.calledWith({
'Access-Control-Allow-Origin': '*', 'Access-Control-Allow-Origin': '*',
'Access-Control-Allow-Methods': 'OPTIONS,GET,POST,PUT,HEAD,DELETE', 'Access-Control-Allow-Methods': 'OPTIONS,GET,POST,PUT,HEAD,DELETE',
'Access-Control-Allow-Headers': 'Content-Type,Accept,Content-Encoding,X-Requested-With,x-api-user,x-api-key', 'Access-Control-Allow-Headers': 'Content-Type,Accept,Content-Encoding,X-Requested-With,x-api-user,x-api-key,x-client',
}); });
expect(res.sendStatus).to.not.have.been.called; expect(res.sendStatus).to.not.have.been.called;
expect(next).to.have.been.called.once; expect(next).to.have.been.called.once;
@@ -32,7 +32,7 @@ describe('cors middleware', () => {
expect(res.set).to.have.been.calledWith({ expect(res.set).to.have.been.calledWith({
'Access-Control-Allow-Origin': '*', 'Access-Control-Allow-Origin': '*',
'Access-Control-Allow-Methods': 'OPTIONS,GET,POST,PUT,HEAD,DELETE', 'Access-Control-Allow-Methods': 'OPTIONS,GET,POST,PUT,HEAD,DELETE',
'Access-Control-Allow-Headers': 'Content-Type,Accept,Content-Encoding,X-Requested-With,x-api-user,x-api-key', 'Access-Control-Allow-Headers': 'Content-Type,Accept,Content-Encoding,X-Requested-With,x-api-user,x-api-key,x-client',
}); });
expect(res.sendStatus).to.have.been.calledWith(200); expect(res.sendStatus).to.have.been.calledWith(200);
expect(next).to.not.have.been.called; expect(next).to.not.have.been.called;

2
website/server/middlewares/cors.js
View File

@@ -2,7 +2,7 @@ module.exports = function corsMiddleware (req, res, next) {
res.set({ res.set({
'Access-Control-Allow-Origin': req.header('origin') || '*', 'Access-Control-Allow-Origin': req.header('origin') || '*',
'Access-Control-Allow-Methods': 'OPTIONS,GET,POST,PUT,HEAD,DELETE', 'Access-Control-Allow-Methods': 'OPTIONS,GET,POST,PUT,HEAD,DELETE',
'Access-Control-Allow-Headers': 'Content-Type,Accept,Content-Encoding,X-Requested-With,x-api-user,x-api-key', 'Access-Control-Allow-Headers': 'Content-Type,Accept,Content-Encoding,X-Requested-With,x-api-user,x-api-key,x-client',
}); });
if (req.method === 'OPTIONS') return res.sendStatus(200); if (req.method === 'OPTIONS') return res.sendStatus(200);
return next(); return next();