summary refs log tree commit diff
path: root/tests/test_server.py
diff options
context:
space:
mode:
authorErik Johnston <erik@matrix.org>2020-05-22 17:42:39 +0100
committerGitHub <noreply@github.com>2020-05-22 17:42:39 +0100
commit2901f54359bba1ccbe2aac52fd9ff255aa6072b7 (patch)
tree3dc677dde57f69137552a5981abd7859270e55b0 /tests/test_server.py
parentAdd option to move event persistence off master (#7517) (diff)
downloadsynapse-2901f54359bba1ccbe2aac52fd9ff255aa6072b7.tar.xz
Fix missing CORS headers on OPTION responses (#7560)
Broke in #7534.
Diffstat (limited to 'tests/test_server.py')
-rw-r--r--tests/test_server.py28
1 files changed, 28 insertions, 0 deletions
diff --git a/tests/test_server.py b/tests/test_server.py
index 437f925bf9..e9a43b1e45 100644
--- a/tests/test_server.py
+++ b/tests/test_server.py
@@ -203,12 +203,40 @@ class OptionsResourceTests(unittest.TestCase):
         self.assertEqual(channel.result["code"], b"200")
         self.assertEqual(channel.result["body"], b"{}")
 
+        # Ensure the correct CORS headers have been added
+        self.assertTrue(
+            channel.headers.hasHeader(b"Access-Control-Allow-Origin"),
+            "has CORS Origin header",
+        )
+        self.assertTrue(
+            channel.headers.hasHeader(b"Access-Control-Allow-Methods"),
+            "has CORS Methods header",
+        )
+        self.assertTrue(
+            channel.headers.hasHeader(b"Access-Control-Allow-Headers"),
+            "has CORS Headers header",
+        )
+
     def test_known_options_request(self):
         """An OPTIONS requests to an known URL still returns 200 OK."""
         channel = self._make_request(b"OPTIONS", b"/res/")
         self.assertEqual(channel.result["code"], b"200")
         self.assertEqual(channel.result["body"], b"{}")
 
+        # Ensure the correct CORS headers have been added
+        self.assertTrue(
+            channel.headers.hasHeader(b"Access-Control-Allow-Origin"),
+            "has CORS Origin header",
+        )
+        self.assertTrue(
+            channel.headers.hasHeader(b"Access-Control-Allow-Methods"),
+            "has CORS Methods header",
+        )
+        self.assertTrue(
+            channel.headers.hasHeader(b"Access-Control-Allow-Headers"),
+            "has CORS Headers header",
+        )
+
     def test_unknown_request(self):
         """A non-OPTIONS request to an unknown URL should 404."""
         channel = self._make_request(b"GET", b"/foo/")