Skip to content

fix(event_handler): disable allow-credentials header when origin allow_origin is * #4638

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 9 commits into from
Jul 5, 2024
Merged

fix(event_handler): disable allow-credentials header when origin allow_origin is * #4638

Changes from 1 commit
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
d74068f
bug(event_handler): fix cors no origin bug
sthulb Jun 27, 2024
ac9b20e
create functional test
sthulb Jun 27, 2024
6e875e9
fix cors
sthulb Jun 28, 2024
7599b05
fix test structure
sthulb Jun 28, 2024
d71f9ad
add test event
sthulb Jun 28, 2024
90eafc5
Merge branch 'develop' into bug-cors
sthulb Jun 29, 2024
4ee67b2
Merge branch 'develop' into bug-cors
leandrodamascena Jul 4, 2024
cdbd01e
add allowed_origins method to CORSConfig
sthulb Jul 5, 2024
2756d09
Merge branch 'develop' into bug-cors
sthulb Jul 5, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
fix test structure
  • Loading branch information
@sthulb
sthulb committed Jun 28, 2024
commit 7599b05732dc86f74e880e56e44ec85888e4d0cc
7 changes: 3 additions & 4 deletions tests/functional/event_handler/required_dependencies/test_api_gateway.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,7 @@ def read_media(file_name: str) -> bytes:


LOAD_GW_EVENT = load_event("apiGatewayProxyEvent.json")
LOAD_GW_EVENT_NO_ORIGIN = load_event("apiGatewayProxyEventNoOrigin.json")
LOAD_GW_EVENT_TRAILING_SLASH = load_event("apiGatewayProxyEventPathTrailingSlash.json")


Expand Down Expand Up @@ -366,12 +367,10 @@ def with_cors() -> Response:
def handler(event, context):
return app.resolve(event, context)

event = LOAD_GW_EVENT.copy()
del event["headers"]["Origin"]
del event["multiValueHeaders"]["Origin"]
event = LOAD_GW_EVENT_NO_ORIGIN

# WHEN calling the event handler
result = handler(LOAD_GW_EVENT, None)
result = handler(event, None)

# THEN the headers should include cors headers
assert "multiValueHeaders" in result
Expand Down