188 references to CorsConstants
Microsoft.AspNetCore.Cors (14)
Infrastructure\CorsMiddleware.cs (2)
107
if (!context.Request.Headers.ContainsKey(
CorsConstants
.Origin))
120
var isCorsPreflightRequest = isOptionsRequest && context.Request.Headers.ContainsKey(
CorsConstants
.AccessControlRequestMethod);
Infrastructure\CorsPolicy.cs (3)
33
if (Headers == null || Headers.Count != 1 || Headers[0] !=
CorsConstants
.AnyHeader)
49
if (Methods == null || Methods.Count != 1 || Methods[0] !=
CorsConstants
.AnyMethod)
65
if (Origins == null || Origins.Count != 1 || Origins[0] !=
CorsConstants
.AnyOrigin)
Infrastructure\CorsPolicyBuilder.cs (3)
163
_policy.Origins.Add(
CorsConstants
.AnyOrigin);
174
_policy.Methods.Add(
CorsConstants
.AnyMethod);
185
_policy.Headers.Add(
CorsConstants
.AnyHeader);
Infrastructure\CorsService.cs (6)
72
var isPreflightRequest = isOptionsRequest && requestHeaders.ContainsKey(
CorsConstants
.AccessControlRequestMethod);
102
result.AllowedOrigin =
CorsConstants
.AnyOrigin;
124
headers.GetCommaSeparatedValues(
CorsConstants
.AccessControlRequestHeaders) :
180
headers.SetCommaSeparatedValues(
CorsConstants
.AccessControlAllowHeaders, result.AllowedHeaders.ToArray());
185
headers.SetCommaSeparatedValues(
CorsConstants
.AccessControlAllowMethods, result.AllowedMethods.ToArray());
199
headers.SetCommaSeparatedValues(
CorsConstants
.AccessControlExposeHeaders, result.AllowedExposedHeaders.ToArray());
Microsoft.AspNetCore.Cors.Test (90)
CorsMiddlewareTests.cs (56)
52
.AddHeader(
CorsConstants
.Origin, OriginUrl)
59
Assert.Equal(OriginUrl, response.Headers.GetValues(
CorsConstants
.AccessControlAllowOrigin).FirstOrDefault());
94
.AddHeader(
CorsConstants
.Origin, OriginUrl)
101
Assert.Equal(OriginUrl, response.Headers.GetValues(
CorsConstants
.AccessControlAllowOrigin).FirstOrDefault());
102
Assert.Equal("AllowedHeader", response.Headers.GetValues(
CorsConstants
.AccessControlExposeHeaders).FirstOrDefault());
145
.AddHeader(
CorsConstants
.Origin, OriginUrl)
151
Assert.Equal(OriginUrl, response.Headers.GetValues(
CorsConstants
.AccessControlAllowOrigin).FirstOrDefault());
194
.AddHeader(
CorsConstants
.Origin, OriginUrl)
195
.AddHeader(
CorsConstants
.AccessControlRequestMethod, "PUT")
196
.SendAsync(
CorsConstants
.PreflightHttpMethod);
204
Assert.Equal(
CorsConstants
.AccessControlAllowHeaders, kvp.Key);
209
Assert.Equal(
CorsConstants
.AccessControlAllowMethods, kvp.Key);
214
Assert.Equal(
CorsConstants
.AccessControlAllowOrigin, kvp.Key);
259
.AddHeader(
CorsConstants
.Origin, OriginUrl)
260
.AddHeader(
CorsConstants
.AccessControlRequestMethod, "PUT")
261
.AddHeader(
CorsConstants
.AccessControlRequestHeaders, "X-Test1,X-Test2")
262
.SendAsync(
CorsConstants
.PreflightHttpMethod);
270
Assert.Equal(
CorsConstants
.AccessControlAllowCredentials, kvp.Key);
275
Assert.Equal(
CorsConstants
.AccessControlAllowHeaders, kvp.Key);
280
Assert.Equal(
CorsConstants
.AccessControlAllowMethods, kvp.Key);
285
Assert.Equal(
CorsConstants
.AccessControlAllowOrigin, kvp.Key);
322
.AddHeader(
CorsConstants
.Origin, "http://test.example.com")
323
.AddHeader(
CorsConstants
.AccessControlRequestMethod, "PUT")
324
.SendAsync(
CorsConstants
.PreflightHttpMethod);
365
.AddHeader(
CorsConstants
.Origin, "http://test.example.com")
392
httpContext.Request.Headers.Add(
CorsConstants
.Origin, new[] { "http://example.com" });
421
httpContext.Request.Headers.Add(
CorsConstants
.Origin, new[] { "http://example.com" });
481
.AddHeader(
CorsConstants
.Origin, OriginUrl)
482
.AddHeader(
CorsConstants
.AccessControlRequestMethod, "PUT")
483
.SendAsync(
CorsConstants
.PreflightHttpMethod);
491
Assert.Equal(
CorsConstants
.AccessControlAllowHeaders, kvp.Key);
496
Assert.Equal(
CorsConstants
.AccessControlAllowMethods, kvp.Key);
501
Assert.Equal(
CorsConstants
.AccessControlAllowOrigin, kvp.Key);
539
.AddHeader(
CorsConstants
.Origin, OriginUrl)
548
Assert.Equal(
CorsConstants
.AccessControlAllowOrigin, kvp.Key);
553
Assert.Equal(
CorsConstants
.AccessControlExposeHeaders, kvp.Key);
615
.AddHeader(
CorsConstants
.Origin, OriginUrl)
626
Assert.Equal(
CorsConstants
.AccessControlAllowOrigin, kvp.Key);
631
Assert.Equal(
CorsConstants
.AccessControlExposeHeaders, kvp.Key);
659
httpContext.Request.Headers.Add(
CorsConstants
.Origin, new[] { OriginUrl });
660
httpContext.Request.Headers.Add(
CorsConstants
.AccessControlRequestMethod, new[] { "PUT" });
671
Assert.Equal(
CorsConstants
.AccessControlAllowHeaders, kvp.Key);
676
Assert.Equal(
CorsConstants
.AccessControlAllowOrigin, kvp.Key);
700
httpContext.Request.Headers.Add(
CorsConstants
.Origin, new[] { "http://example.com" });
730
httpContext.Request.Headers.Add(
CorsConstants
.Origin, new[] { "http://example.com" });
758
httpContext.Request.Headers.Add(
CorsConstants
.Origin, new[] { "http://example.com" });
759
httpContext.Request.Headers.Add(
CorsConstants
.AccessControlRequestMethod, new[] { "GET" });
790
httpContext.Request.Headers.Add(
CorsConstants
.Origin, new[] { "http://example.com" });
791
httpContext.Request.Headers.Add(
CorsConstants
.AccessControlRequestMethod, new[] { "GET" });
822
httpContext.Request.Headers.Add(
CorsConstants
.Origin, new[] { "http://example.com" });
857
httpContext.Request.Headers.Add(
CorsConstants
.Origin, new[] { "http://example.com" });
894
httpContext.Request.Headers.Add(
CorsConstants
.Origin, new[] { "http://example.com" });
927
httpContext.Request.Headers.Add(
CorsConstants
.Origin, new[] { "http://example.com" });
957
httpContext.Request.Headers.Add(
CorsConstants
.Origin, new[] { "http://example.com" });
984
httpContext.Request.Headers.Add(
CorsConstants
.Origin, new[] { "http://example.com" });
1032
httpContext.Request.Headers.Add(
CorsConstants
.Origin, new[] { "http://example.com" });
CorsServiceTests.cs (34)
109
policy.Origins.Add(
CorsConstants
.AnyOrigin);
125
policy.Origins.Add(
CorsConstants
.AnyOrigin);
144
policy.Origins.Add(
CorsConstants
.AnyOrigin);
179
policy.Origins.Add(
CorsConstants
.AnyOrigin);
248
policy.Origins.Add(
CorsConstants
.AnyOrigin);
264
policy.Origins.Add(
CorsConstants
.AnyOrigin);
281
policy.Origins.Add(
CorsConstants
.AnyOrigin);
300
policy.Origins.Add(
CorsConstants
.AnyOrigin);
317
policy.Origins.Add(
CorsConstants
.AnyOrigin);
340
policy.Origins.Add(
CorsConstants
.AnyOrigin);
342
policy.Methods.Add(
CorsConstants
.AnyMethod);
364
policy.Methods.Add(
CorsConstants
.AnyMethod);
384
policy.Methods.Add(
CorsConstants
.AnyMethod);
403
policy.Origins.Add(
CorsConstants
.AnyOrigin);
404
policy.Methods.Add(
CorsConstants
.AnyMethod);
423
policy.Origins.Add(
CorsConstants
.AnyOrigin);
424
policy.Methods.Add(
CorsConstants
.AnyMethod);
440
policy.Origins.Add(
CorsConstants
.AnyOrigin);
441
policy.Methods.Add(
CorsConstants
.AnyMethod);
462
policy.Origins.Add(
CorsConstants
.AnyOrigin);
480
policy.Origins.Add(
CorsConstants
.AnyOrigin);
481
policy.Methods.Add(
CorsConstants
.AnyMethod);
482
policy.Headers.Add(
CorsConstants
.AnyHeader);
503
policy.Origins.Add(
CorsConstants
.AnyOrigin);
504
policy.Methods.Add(
CorsConstants
.AnyMethod);
505
policy.Headers.Add(
CorsConstants
.AnyHeader);
526
policy.Origins.Add(
CorsConstants
.AnyOrigin);
527
policy.Methods.Add(
CorsConstants
.AnyMethod);
547
policy.Methods.Add(
CorsConstants
.AnyMethod);
548
policy.Headers.Add(
CorsConstants
.AnyHeader);
838
Assert.Equal("foo,bar", httpContext.Response.Headers[
CorsConstants
.AccessControlExposeHeaders]);
958
context.Request.Headers.Add(
CorsConstants
.Origin, new[] { origin });
963
context.Request.Headers.Add(
CorsConstants
.AccessControlRequestMethod, new[] { accessControlRequestMethod });
968
context.Request.Headers.Add(
CorsConstants
.AccessControlRequestHeaders, accessControlRequestHeaders);
Microsoft.AspNetCore.Mvc.Cors (4)
CorsAuthorizationFilter.cs (2)
76
if (request.Headers.ContainsKey(
CorsConstants
.Origin))
90
httpContext.Request.Headers[
CorsConstants
.AccessControlRequestMethod];
DisableCorsAuthorizationFilter.cs (2)
27
context.HttpContext.Request.Headers[
CorsConstants
.AccessControlRequestMethod];
30
CorsConstants
.PreflightHttpMethod,
Microsoft.AspNetCore.Mvc.Cors.Test (24)
CorsAuthorizationFilterTest.cs (19)
42
Assert.Equal("http://example.com", response.Headers[
CorsConstants
.AccessControlAllowOrigin]);
43
Assert.Equal("header1,header2", response.Headers[
CorsConstants
.AccessControlAllowHeaders]);
46
Assert.Equal("PUT", response.Headers[
CorsConstants
.AccessControlAllowMethods]);
47
Assert.Equal("exposed1,exposed2", response.Headers[
CorsConstants
.AccessControlExposeHeaders]);
48
Assert.Equal("123", response.Headers[
CorsConstants
.AccessControlMaxAge]);
49
Assert.Equal("true", response.Headers[
CorsConstants
.AccessControlAllowCredentials]);
92
Assert.Equal("http://example.com", response.Headers[
CorsConstants
.AccessControlAllowOrigin]);
93
Assert.Equal("exposed1,exposed2", response.Headers[
CorsConstants
.AccessControlExposeHeaders]);
138
httpContext.Request.Headers.Add(
CorsConstants
.AccessControlRequestHeaders, headers.Headers.Split(','));
139
httpContext.Request.Headers.Add(
CorsConstants
.AccessControlRequestMethod, new[] { headers.Method });
140
httpContext.Request.Headers.Add(
CorsConstants
.AccessControlExposeHeaders, headers.ExposedHeaders.Split(','));
141
httpContext.Request.Headers.Add(
CorsConstants
.Origin, new[] { headers.Origin });
148
var method = isPreflight ?
CorsConstants
.PreflightHttpMethod : "GET";
196
headers[
CorsConstants
.AccessControlMaxAge] =
198
headers[
CorsConstants
.AccessControlAllowOrigin] = result1.AllowedOrigin;
201
headers.Add(
CorsConstants
.AccessControlAllowCredentials, new[] { "true" });
204
headers.Add(
CorsConstants
.AccessControlAllowHeaders, result1.AllowedHeaders.ToArray());
205
headers.Add(
CorsConstants
.AccessControlAllowMethods, result1.AllowedMethods.ToArray());
206
headers.Add(
CorsConstants
.AccessControlExposeHeaders, result1.AllowedExposedHeaders.ToArray());
DisableCorsAuthorizationFilterTest.cs (5)
21
httpContext.Request.Headers.Add(
CorsConstants
.Origin, "http://localhost:5000/");
22
httpContext.Request.Headers.Add(
CorsConstants
.AccessControlRequestMethod, "PUT");
41
httpContext.Request.Headers.Add(
CorsConstants
.Origin, "http://localhost:5000/");
62
httpContext.Request.Headers.Add(
CorsConstants
.Origin, "http://localhost:5000/");
63
httpContext.Request.Headers.Add(
CorsConstants
.AccessControlRequestMethod, "PUT");
Microsoft.AspNetCore.Mvc.FunctionalTests (56)
CorsTests.cs (2)
17
request.Headers.Add(
CorsConstants
.Origin, "http://example.com");
18
request.Headers.Add(
CorsConstants
.AccessControlRequestMethod, "POST");
CorsTestsBase.cs (54)
45
request.Headers.Add(
CorsConstants
.Origin, origin);
56
Assert.Equal(
CorsConstants
.AccessControlAllowOrigin, header.Key);
81
request.Headers.Add(
CorsConstants
.Origin, "http://example.com");
82
request.Headers.Add(
CorsConstants
.AccessControlRequestMethod, "POST");
99
request.Headers.Add(
CorsConstants
.Origin, "http://example.com");
100
request.Headers.Add(
CorsConstants
.AccessControlRequestMethod, "POST");
118
new HttpMethod(
CorsConstants
.PreflightHttpMethod),
122
request.Headers.Add(
CorsConstants
.Origin, "http://example.com");
123
request.Headers.Add(
CorsConstants
.AccessControlRequestMethod, method);
124
request.Headers.Add(
CorsConstants
.AccessControlRequestHeaders, "Custom");
136
Assert.Equal(
CorsConstants
.AccessControlAllowMethods, h.Key);
141
Assert.Equal(
CorsConstants
.AccessControlAllowOrigin, h.Key);
159
request.Headers.Add(
CorsConstants
.Origin, "http://example.com");
160
request.Headers.Add(
CorsConstants
.AccessControlExposeHeaders, "exposed1,exposed2");
170
responseHeaders.GetValues(
CorsConstants
.AccessControlAllowOrigin).ToArray());
173
responseHeaders.GetValues(
CorsConstants
.AccessControlAllowCredentials).ToArray());
176
responseHeaders.GetValues(
CorsConstants
.AccessControlExposeHeaders).ToArray());
187
new HttpMethod(
CorsConstants
.PreflightHttpMethod),
191
request.Headers.Add(
CorsConstants
.Origin, "http://example.com");
192
request.Headers.Add(
CorsConstants
.AccessControlRequestMethod, "PUT");
193
request.Headers.Add(
CorsConstants
.AccessControlRequestHeaders, "header1,header2");
203
responseHeaders.GetValues(
CorsConstants
.AccessControlAllowOrigin).ToArray());
206
responseHeaders.GetValues(
CorsConstants
.AccessControlAllowCredentials).ToArray());
209
responseHeaders.GetValues(
CorsConstants
.AccessControlAllowHeaders).ToArray());
212
responseHeaders.GetValues(
CorsConstants
.AccessControlAllowMethods).ToArray());
225
request.Headers.Add(
CorsConstants
.Origin, "http://example2.com");
250
request.Headers.Add(
CorsConstants
.Origin, "http://example.com");
272
new HttpMethod(
CorsConstants
.PreflightHttpMethod),
276
request.Headers.Add(
CorsConstants
.Origin, "http://example.com");
277
request.Headers.Add(
CorsConstants
.AccessControlRequestMethod, method);
278
request.Headers.Add(
CorsConstants
.AccessControlRequestHeaders, "Custom");
298
var request = new HttpRequestMessage(new HttpMethod(
CorsConstants
.PreflightHttpMethod), url);
301
request.Headers.Add(
CorsConstants
.Origin, "http://example.com");
302
request.Headers.Add(
CorsConstants
.AccessControlRequestMethod, "GET");
303
request.Headers.Add(
CorsConstants
.AccessControlRequestHeaders, "Custom");
313
responseHeaders.GetValues(
CorsConstants
.AccessControlAllowOrigin).ToArray());
316
responseHeaders.GetValues(
CorsConstants
.AccessControlAllowHeaders).ToArray());
319
responseHeaders.GetValues(
CorsConstants
.AccessControlAllowMethods).ToArray());
330
var request = new HttpRequestMessage(new HttpMethod(
CorsConstants
.PreflightHttpMethod), url);
333
request.Headers.Add(
CorsConstants
.Origin, "http://example.com");
334
request.Headers.Add(
CorsConstants
.AccessControlRequestMethod, "GET");
335
request.Headers.Add(
CorsConstants
.AccessControlRequestHeaders, "Custom");
345
responseHeaders.GetValues(
CorsConstants
.AccessControlAllowOrigin).ToArray());
348
responseHeaders.GetValues(
CorsConstants
.AccessControlAllowCredentials).ToArray());
351
responseHeaders.GetValues(
CorsConstants
.AccessControlAllowHeaders).ToArray());
354
responseHeaders.GetValues(
CorsConstants
.AccessControlAllowMethods).ToArray());
368
new HttpMethod(
CorsConstants
.PreflightHttpMethod),
372
request.Headers.Add(
CorsConstants
.Origin, "http://example.com");
373
request.Headers.Add(
CorsConstants
.AccessControlRequestMethod, "GET");
374
request.Headers.Add(
CorsConstants
.AccessControlRequestHeaders, "Custom");
393
new HttpMethod(
CorsConstants
.PreflightHttpMethod),
395
request.Headers.Add(
CorsConstants
.Origin, "http://notexpecteddomain.com");
396
request.Headers.Add(
CorsConstants
.AccessControlRequestMethod, "GET");
397
request.Headers.Add(
CorsConstants
.AccessControlRequestHeaders, "Custom");