scube/scube-server
3
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
scube-server/spec/integration/api/cross_origin_request_spec.rb
Thibault Jouan 342f9c5aa4 Refactor API CORS specs
2015-05-03 22:46:12 +00:00

34 lines
1.1 KiB
Ruby
Raw Blame History

describe 'API cross origin request' do
include AcceptanceHelpers
let(:user) { api_sign_in }
let(:origin) { 'http://origin.example/' }
before { user } # sign in
it 'responds to preflight request' do
options api_playlists_path(format: :json), nil, 'Origin' => origin
expect(response.headers).to include(
'Access-Control-Allow-Origin' => origin,
'Access-Control-Allow-Credentials' => 'true',
'Access-Control-Allow-Methods' => 'GET, POST, PUT, DELETE',
'Access-Control-Allow-Headers' =>
'Content-Type, Content-Length, X-Requested-With'
)
end
it 'responds to basic request' do
get api_playlists_path(format: :json), nil, 'Origin' => origin
expect(response.headers).to include(
'Access-Control-Allow-Origin' => origin,
'Access-Control-Allow-Credentials' => 'true',
'Access-Control-Expose-Headers' => 'Content-Length'
)
end
it 'responds to request without origin' do
get api_playlists_path format: :json
expect(response.headers['Access-Control-Allow-Origin']).to eq ''
end
end
Reference in New Issue View Git Blame Copy Permalink