Fix broken origin_whitelist option #1641
This commit is contained in:
parent
0d7e580133
commit
d783aa7ba3
|
@ -34,7 +34,7 @@ module Rack
|
|||
return true if options[:allow_if] && options[:allow_if].call(env)
|
||||
|
||||
if options.key? :origin_whitelist
|
||||
warn "Rack::Protection origin_whitelist option is deprecated and will be removed, " \
|
||||
warn env, "Rack::Protection origin_whitelist option is deprecated and will be removed, " \
|
||||
"use permitted_origins instead.\n"
|
||||
end
|
||||
|
||||
|
|
|
@ -35,12 +35,20 @@ describe Rack::Protection::HttpOrigin do
|
|||
expect(send(method.downcase, '/', {}, 'HTTP_ORIGIN' => 'http://malicious.com')).not_to be_ok
|
||||
end
|
||||
|
||||
it "accepts #{method} requests with whitelisted Origin" do
|
||||
it "accepts #{method} requests with permitted Origin" do
|
||||
mock_app do
|
||||
use Rack::Protection::HttpOrigin, permitted_origins: ['http://www.friend.com']
|
||||
run DummyApp
|
||||
end
|
||||
expect(send(method.downcase, '/', {}, 'HTTP_ORIGIN' => 'http://www.friend.com')).to be_ok
|
||||
end
|
||||
|
||||
it "accepts #{method} requests with whitelisted Origin" do
|
||||
mock_app do
|
||||
use Rack::Protection::HttpOrigin, origin_whitelist: ['http://www.friend.com']
|
||||
run DummyApp
|
||||
end
|
||||
expect(send(method.downcase, '/', {}, 'HTTP_ORIGIN' => 'http://www.friend.com')).to be_ok
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue