Fix a typo in a CORS header

tommysitu · JohnFDavenport · commit 5e951965e078 · 2019-07-08T14:08:03.000+01:00
diff --git a/core/cors/cors.go b/core/cors/cors.go
@@ -32,7 +32,7 @@ func DefaultCORSConfigs() *Configs {
 // TODO provide config to pass through OPTIONS call
 // Intercept pre-flight request and return 200 response with CORS headers
 func (c *Configs) InterceptPreflightRequest(r *http.Request) *http.Response {
-	if r.Method != http.MethodOptions || r.Header.Get("Origin") == "" || r.Header.Get("Access-Control-Request-Methods") == "" {
+	if r.Method != http.MethodOptions || r.Header.Get("Origin") == "" || r.Header.Get("Access-Control-Request-Method") == "" {
 		return nil
 	}
 	resp := &http.Response{}
diff --git a/core/cors/cors_test.go b/core/cors/cors_test.go
@@ -15,7 +15,7 @@ func Test_InterceptPreflightRequest_ReturnSuccessResponseWithDefaultHeaders(t *t
 	r, err := http.NewRequest(http.MethodOptions, "http://somehost.com", nil)
 	Expect(err).To(BeNil())
 	r.Header.Set("Origin", "http://originhost.com")
-	r.Header.Set("Access-Control-Request-Methods", "PUT,POST")
+	r.Header.Set("Access-Control-Request-Method", "PUT")
 	resp := unit.InterceptPreflightRequest(r)
 
 	Expect(resp).ToNot(BeNil())
@@ -37,7 +37,7 @@ func Test_InterceptPreflightRequest_ReturnNilIfRequestIsNotOptions(t *testing.T)
 	r, err := http.NewRequest(http.MethodGet, "http://somehost.com", nil)
 	Expect(err).To(BeNil())
 	r.Header.Set("Origin", "http://originhost.com")
-	r.Header.Set("Access-Control-Request-Methods", "PUT,POST")
+	r.Header.Set("Access-Control-Request-Method", "PUT")
 	resp := unit.InterceptPreflightRequest(r)
 
 	Expect(resp).To(BeNil())
@@ -50,7 +50,7 @@ func Test_InterceptPreflightRequest_ReturnNilIfRequestHasNoOriginHeader(t *testi
 
 	r, err := http.NewRequest(http.MethodOptions, "http://somehost.com", nil)
 	Expect(err).To(BeNil())
-	r.Header.Set("Access-Control-Request-Methods", "PUT,POST")
+	r.Header.Set("Access-Control-Request-Method", "PUT")
 	resp := unit.InterceptPreflightRequest(r)
 
 	Expect(resp).To(BeNil())
@@ -77,7 +77,7 @@ func Test_InterceptPreflightRequest_ShouldEchoAllowHeaders(t *testing.T) {
 	r, err := http.NewRequest(http.MethodOptions, "http://somehost.com", nil)
 	Expect(err).To(BeNil())
 	r.Header.Set("Origin", "http://originhost.com")
-	r.Header.Set("Access-Control-Request-Methods", "PUT,POST")
+	r.Header.Set("Access-Control-Request-Method", "PUT")
 	r.Header.Set("Access-Control-Request-Headers", "X-PINGOTHER,Content-Type")
 	resp := unit.InterceptPreflightRequest(r)
 
@@ -95,7 +95,7 @@ func Test_InterceptPreflightRequest_ShouldNotSetAllowCredentialsHeaderIfFalse(t
 	r, err := http.NewRequest(http.MethodOptions, "http://somehost.com", nil)
 	Expect(err).To(BeNil())
 	r.Header.Set("Origin", "http://originhost.com")
-	r.Header.Set("Access-Control-Request-Methods", "PUT,POST")
+	r.Header.Set("Access-Control-Request-Method", "PUT")
 	resp := unit.InterceptPreflightRequest(r)
 
 	Expect(resp).ToNot(BeNil())
@@ -112,7 +112,7 @@ func Test_InterceptPreflightRequest_UseDefaultAllowOriginValueIfAllowCredentials
 	r, err := http.NewRequest(http.MethodOptions, "http://somehost.com", nil)
 	Expect(err).To(BeNil())
 	r.Header.Set("Origin", "http://originhost.com")
-	r.Header.Set("Access-Control-Request-Methods", "PUT,POST")
+	r.Header.Set("Access-Control-Request-Method", "PUT")
 	resp := unit.InterceptPreflightRequest(r)
 
 	Expect(resp).ToNot(BeNil())
diff --git a/core/hoverfly_test.go b/core/hoverfly_test.go
@@ -564,7 +564,7 @@ func Test_Hoverfly_processRequest_CanHandlePreflightRequestWhenCORSEnabled(t *te
 	r, err := http.NewRequest(http.MethodOptions, "http://somehost.com", nil)
 	Expect(err).To(BeNil())
 	r.Header.Set("Origin", "http://originhost.com")
-	r.Header.Set("Access-Control-Request-Methods", "PUT,POST")
+	r.Header.Set("Access-Control-Request-Method", "PUT")
 	r.Header.Set("Access-Control-Request-Headers", "X-PINGOTHER,Content-Type")
 
 	unit.Cfg.CORS = *cors.DefaultCORSConfigs()
diff --git a/functional-tests/core/ft_cors_test.go b/functional-tests/core/ft_cors_test.go
@@ -41,7 +41,7 @@ var _ = Describe("When I run Hoverfly", func() {
 			fakeServer.StartTLS()
 			defer fakeServer.Close()
 
-			resp := hoverfly.Proxy(sling.New().Options(fakeServer.URL).Add("Origin", "http://some-host.com").Add("Access-Control-Request-Methods", "POST"))
+			resp := hoverfly.Proxy(sling.New().Options(fakeServer.URL).Add("Origin", "http://some-host.com").Add("Access-Control-Request-Method", "POST"))
 			Expect(resp.StatusCode).To(Equal(200))
 			Expect(resp.Header.Get("Access-Control-Allow-Origin")).To(Equal("http://some-host.com"))
 			Expect(resp.Header.Get("Access-Control-Allow-Methods")).To(Equal("GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS"))

Original file line number	Diff line number	Diff line change
`@@ -32,7 +32,7 @@ func DefaultCORSConfigs() *Configs {`
`32`	`32`	`// TODO provide config to pass through OPTIONS call`
`33`	`33`	`// Intercept pre-flight request and return 200 response with CORS headers`
`34`	`34`	`func (c Configs) InterceptPreflightRequest(r http.Request) *http.Response {`
`35`		`- if r.Method != http.MethodOptions \|\| r.Header.Get("Origin") == "" \|\| r.Header.Get("Access-Control-Request-Methods") == "" {`
	`35`	`+ if r.Method != http.MethodOptions \|\| r.Header.Get("Origin") == "" \|\| r.Header.Get("Access-Control-Request-Method") == "" {`
`36`	`36`	`return nil`
`37`	`37`	`}`
`38`	`38`	`resp := &http.Response{}`