-
-
Notifications
You must be signed in to change notification settings - Fork 1.5k
Expand file tree
/
Copy pathcross-origin-request.test.js
More file actions
118 lines (98 loc) · 3.2 KB
/
cross-origin-request.test.js
File metadata and controls
118 lines (98 loc) · 3.2 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
"use strict";
const webpack = require("webpack");
const Server = require("../../lib/Server");
const config = require("../fixtures/client-config/webpack.config");
const runBrowser = require("../helpers/run-browser");
const [port1, port2] = require("../ports-map")["cross-origin-request"];
describe("cross-origin requests", () => {
const devServerPort = port1;
const htmlServerPort = port2;
const htmlServerHost = "127.0.0.1";
it("should return 403 for cross-origin no-cors non-module script tag requests", async () => {
const compiler = webpack(config);
const devServerOptions = {
port: devServerPort,
allowedHosts: "auto",
};
const server = new Server(devServerOptions, compiler);
await server.start();
// Start a separate server for serving the HTML file
const http = require("http");
const htmlServer = http.createServer((req, res) => {
res.writeHead(200, { "Content-Type": "text/html" });
res.end(`
<html>
<head>
<script src="http://localhost:${devServerPort}/main.js"></script>
</head>
<body></body>
</html>
`);
});
htmlServer.listen(htmlServerPort, htmlServerHost);
const { page, browser } = await runBrowser();
try {
const pageErrors = [];
page.on("pageerror", (error) => {
pageErrors.push(error);
});
const scriptTagRequest = page.waitForResponse(
`http://localhost:${devServerPort}/main.js`
);
await page.goto(`http://${htmlServerHost}:${htmlServerPort}`);
const response = await scriptTagRequest;
expect(response.status()).toBe(403);
} catch (error) {
throw error;
} finally {
await browser.close();
await server.stop();
htmlServer.close();
}
});
it("should return 200 for cross-origin cors non-module script tag requests", async () => {
const compiler = webpack(config);
const devServerOptions = {
port: devServerPort,
allowedHosts: "auto",
headers: {
"Access-Control-Allow-Origin": "*",
},
};
const server = new Server(devServerOptions, compiler);
await server.start();
// Start a separate server for serving the HTML file
const http = require("http");
const htmlServer = http.createServer((req, res) => {
res.writeHead(200, { "Content-Type": "text/html" });
res.end(`
<html>
<head>
<script src="http://localhost:${devServerPort}/main.js" crossorigin></script>
</head>
<body></body>
</html>
`);
});
htmlServer.listen(htmlServerPort, htmlServerHost);
const { page, browser } = await runBrowser();
try {
const pageErrors = [];
page.on("pageerror", (error) => {
pageErrors.push(error);
});
const scriptTagRequest = page.waitForResponse(
`http://localhost:${devServerPort}/main.js`
);
await page.goto(`http://${htmlServerHost}:${htmlServerPort}`);
const response = await scriptTagRequest;
expect(response.status()).toBe(200);
} catch (error) {
throw error;
} finally {
await browser.close();
await server.stop();
htmlServer.close();
}
});
});