Changeset View
Changeset View
Standalone View
Standalone View
test/functional/httpbasics.py
Context not available. | |||||
self.num_nodes = 3 | self.num_nodes = 3 | ||||
def setup_network(self): | def setup_network(self): | ||||
self.extra_args =[["-rpccorsdomain=null"], [], []] | |||||
self.setup_nodes() | self.setup_nodes() | ||||
def run_test(self): | def run_test(self): | ||||
Context not available. | |||||
out1 = conn.getresponse() | out1 = conn.getresponse() | ||||
assert_equal(out1.status, http.client.BAD_REQUEST) | assert_equal(out1.status, http.client.BAD_REQUEST) | ||||
# Check Standard CORS request | |||||
origin = "null" | |||||
conn = http.client.HTTPConnection(url.hostname, url.port) | |||||
conn.connect() | |||||
authpair = url.username + ':' + url.password | |||||
headers = {"Authorization": "Basic " + str_to_b64str(authpair), | |||||
"Origin": origin} | |||||
conn.request('POST', '/', '{"method": "getbestblockhash"}', headers) | |||||
out1 = conn.getresponse() | |||||
assert_equal(out1.status, http.client.OK) | |||||
assert_equal(out1.headers["Access-Control-Allow-Origin"], origin) | |||||
assert_equal(out1.headers["Access-Control-Allow-Credentials"], "true") | |||||
assert_equal(out1.headers["Access-Control-Expose-Headers"], | |||||
"WWW-Authenticate") | |||||
assert(b'"error":null' in out1.read()) | |||||
# Check Pre-flight CORS request | |||||
corsheaders = {"Origin": origin, | |||||
"Access-Control-Request-Method": "POST"} | |||||
conn.request('OPTIONS', '/', None, corsheaders) | |||||
out1 = conn.getresponse() | |||||
assert_equal(out1.status, http.client.OK) | |||||
assert_equal(out1.headers["Access-Control-Allow-Origin"], origin) | |||||
assert_equal(out1.headers["Access-Control-Allow-Credentials"], "true") | |||||
assert_equal(out1.headers["Access-Control-Allow-Methods"], "POST") | |||||
assert_equal(out1.headers["Access-Control-Allow-Headers"], | |||||
"authorization,content-type") | |||||
assert_equal(b'', out1.read()) | |||||
# Check Standard CORS request to node without CORS, expected failure | |||||
conn = http.client.HTTPConnection(urlNode2.hostname, urlNode2.port) | |||||
conn.connect() | |||||
authpair = url.username + ':' + url.password | |||||
headers = {"Authorization": "Basic " + str_to_b64str(authpair), | |||||
"Origin": origin} | |||||
conn.request('POST', '/', '{"method": "getbestblockhash"}', headers) | |||||
out1 = conn.getresponse() | |||||
assert_equal(out1.status, http.client.UNAUTHORIZED) | |||||
assert_equal(b'', out1.read()) | |||||
# Check Pre-flight CORS request to node without CORS, expected failure | |||||
corsheaders = {"Origin": origin, | |||||
"Access-Control-Request-Method": "POST"} | |||||
conn.request('OPTIONS', '/', None, corsheaders) | |||||
out1 = conn.getresponse() | |||||
assert_equal(out1.status, http.client.METHOD_NOT_ALLOWED) | |||||
assert_equal(b'JSONRPC server handles only POST requests', out1.read()) | |||||
if __name__ == '__main__': | if __name__ == '__main__': | ||||
HTTPBasicsTest().main() | HTTPBasicsTest().main() | ||||
Context not available. |