Update rack-cors and fix tests for changes in behaviour

2017-07-31 21:55:01 +01:00 · 2017-07-31 21:55:01 +01:00 · 8c513beec6
commit 8c513beec6
parent aa821971dd
2 changed files with 13 additions and 8 deletions
--- a/Gemfile.lock
+++ b/Gemfile.lock
@ -225,7 +225,7 @@ GEM
    public_suffix (2.0.5)
    r2 (0.2.6)
    rack (2.0.3)
-    rack-cors (0.4.1)
+    rack-cors (1.0.1)
    rack-openid (1.3.1)
      rack (>= 1.1.0)
      ruby-openid (>= 2.1.8)
--- a/test/integration/cors_test.rb
+++ b/test/integration/cors_test.rb
@ -8,15 +8,20 @@ class CORSTest < ActionDispatch::IntegrationTest
    }

    assert_response :success
-    assert_equal "http://www.example.com", response.headers["Access-Control-Allow-Origin"]
+    assert_equal "*", response.headers["Access-Control-Allow-Origin"]
+    assert_equal "text/plain", response.content_type
+    assert_equal "", response.body
  end

  def test_non_api_routes_dont_allow_cross_origin_requests
-    assert_raises ActionController::RoutingError do
-      process :options, "/", :headers => {
-        "HTTP_ORIGIN" => "http://www.example.com",
-        "HTTP_ACCESS_CONTROL_REQUEST_METHOD" => "GET"
-      }
-    end
+    process :options, "/", :headers => {
+      "HTTP_ORIGIN" => "http://www.example.com",
+      "HTTP_ACCESS_CONTROL_REQUEST_METHOD" => "GET"
+    }
+
+    assert_response :success
+    assert_nil response.headers["Access-Control-Allow-Origin"]
+    assert_nil response.content_type
+    assert_equal "", response.body
  end
 end