fix: CORS wildcard subdomain matching cache race condition (#7736)
test: add HTTPS test cases for CORS wildcard subdomain matching This adds comprehensive test coverage for HTTPS subdomain wildcard matching in TestMatchesOrigin: - https exact match - https no match - https wildcard subdomain match - https wildcard subdomain no match (base domain) - https wildcard subdomain no match (different domain) - protocol mismatch tests (http pattern vs https origin and vice versa) The matchWildcard function was already working correctly - this just adds test coverage for the HTTPS cases that were previously untested. Note: The cache invalidation is already handled synchronously by setBucketMetadata() which is called via: - UpdateBucketCORS -> UpdateBucketMetadata -> setBucketMetadata - ClearBucketCORS -> UpdateBucketMetadata -> setBucketMetadata Added clarifying comments to document this call chain.
This commit is contained in:
Chris Lu
@@ -263,6 +263,49 @@ func TestMatchesOrigin(t *testing.T) {
|
||||
origin: "http://other.com",
|
||||
want: true,
|
||||
},
|
||||
// HTTPS test cases
|
||||
{
|
||||
name: "https exact match",
|
||||
allowedOrigins: []string{"https://example.com"},
|
||||
origin: "https://example.com",
|
||||
want: true,
|
||||
},
|
||||
{
|
||||
name: "https no match",
|
||||
allowedOrigins: []string{"https://example.com"},
|
||||
origin: "https://other.com",
|
||||
want: false,
|
||||
},
|
||||
{
|
||||
name: "https wildcard subdomain match",
|
||||
allowedOrigins: []string{"https://*.example.com"},
|
||||
origin: "https://api.example.com",
|
||||
want: true,
|
||||
},
|
||||
{
|
||||
name: "https wildcard subdomain no match - base domain",
|
||||
allowedOrigins: []string{"https://*.example.com"},
|
||||
origin: "https://example.com",
|
||||
want: false,
|
||||
},
|
||||
{
|
||||
name: "https wildcard subdomain no match - different domain",
|
||||
allowedOrigins: []string{"https://*.example.com"},
|
||||
origin: "https://api.other.com",
|
||||
want: false,
|
||||
},
|
||||
{
|
||||
name: "protocol mismatch - http pattern https origin",
|
||||
allowedOrigins: []string{"http://*.example.com"},
|
||||
origin: "https://api.example.com",
|
||||
want: false,
|
||||
},
|
||||
{
|
||||
name: "protocol mismatch - https pattern http origin",
|
||||
allowedOrigins: []string{"https://*.example.com"},
|
||||
origin: "http://api.example.com",
|
||||
want: false,
|
||||
},
|
||||
}
|
||||
|
||||
for _, tt := range tests {
|
||||
@@ -480,7 +523,7 @@ func TestApplyHeaders(t *testing.T) {
|
||||
"Access-Control-Allow-Headers": "Content-Type",
|
||||
"Access-Control-Expose-Headers": "ETag",
|
||||
"Access-Control-Max-Age": "3600",
|
||||
"Vary": "Origin",
|
||||
"Vary": "Origin",
|
||||
},
|
||||
},
|
||||
{
|
||||
@@ -494,7 +537,7 @@ func TestApplyHeaders(t *testing.T) {
|
||||
"Access-Control-Allow-Origin": "http://example.com",
|
||||
"Access-Control-Allow-Methods": "GET",
|
||||
"Access-Control-Allow-Credentials": "true",
|
||||
"Vary": "Origin",
|
||||
"Vary": "Origin",
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user