Fixed CORS middleware unit test

refs https://github.com/TryGhost/Toolbox/issues/461

- The unit test was never using the "OPTIONS" request method, which did not actually trigger the full logic of the "cors" module used under the hood.
- Using the correct request method triggers all the right pathways and tests the state that's closer to the real world - for example the response does get "ended" instead of calling the "next" middleware.
This commit is contained in:
Naz 2022-11-03 11:10:46 +08:00
parent c5ad1b0531
commit 9b2e36e4fb
No known key found for this signature in database

View File

@ -13,6 +13,7 @@ describe('cors', function () {
beforeEach(function () { beforeEach(function () {
req = { req = {
method: 'OPTIONS',
headers: { headers: {
origin: null origin: null
}, },
@ -26,7 +27,8 @@ describe('cors', function () {
vary: sinon.spy(), vary: sinon.spy(),
setHeader: function (h, v) { setHeader: function (h, v) {
this.headers[h] = v; this.headers[h] = v;
} },
end: sinon.spy()
}; };
next = sinon.spy(); next = sinon.spy();
@ -58,7 +60,7 @@ describe('cors', function () {
cors(req, res, next); cors(req, res, next);
next.called.should.be.true(); res.end.called.should.be.true();
res.headers['Access-Control-Allow-Origin'].should.equal(origin); res.headers['Access-Control-Allow-Origin'].should.equal(origin);
done(); done();
@ -73,7 +75,7 @@ describe('cors', function () {
cors(req, res, next); cors(req, res, next);
next.called.should.be.true(); res.end.called.should.be.true();
res.headers['Access-Control-Allow-Origin'].should.equal(origin); res.headers['Access-Control-Allow-Origin'].should.equal(origin);
done(); done();
@ -105,7 +107,7 @@ describe('cors', function () {
cors(req, res, next); cors(req, res, next);
next.called.should.be.true(); res.end.called.should.be.true();
res.headers['Access-Control-Allow-Origin'].should.equal(origin); res.headers['Access-Control-Allow-Origin'].should.equal(origin);
done(); done();
@ -127,7 +129,7 @@ describe('cors', function () {
cors(req, res, next); cors(req, res, next);
next.called.should.be.true(); res.end.called.should.be.true();
res.headers['Access-Control-Allow-Origin'].should.equal(origin); res.headers['Access-Control-Allow-Origin'].should.equal(origin);
done(); done();