camunda · yanavasileva · Oct 24, 2023 · Oct 20, 2023 · Oct 23, 2023
diff --git a/...re/src/test/java/org/camunda/bpm/run/test/config/cors/CorsConfigAllowCredentialsTest.java b/...re/src/test/java/org/camunda/bpm/run/test/config/cors/CorsConfigAllowCredentialsTest.java
@@ -47,8 +47,7 @@ public class CorsConfigAllowCredentialsTest extends AbstractRestTest {
   @Test
   public void shouldRespondWithSupportedCredentials() {
     // given
-    // same origin
-    String origin = "http://localhost:" + localPort;
+    String origin = "http://other.origin:8081";
 
     HttpHeaders headers = new HttpHeaders();
     headers.add(HttpHeaders.ORIGIN, origin);

diff --git a/...core/src/test/java/org/camunda/bpm/run/test/config/cors/CorsConfigAllowedHeadersTest.java b/...core/src/test/java/org/camunda/bpm/run/test/config/cors/CorsConfigAllowedHeadersTest.java
@@ -27,7 +27,6 @@
 import org.springframework.http.HttpHeaders;
 import org.springframework.http.HttpMethod;
 import org.springframework.http.HttpStatus;
-import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
 import org.springframework.test.context.ActiveProfiles;
 import org.springframework.test.context.TestPropertySource;
@@ -46,8 +45,7 @@ public class CorsConfigAllowedHeadersTest extends AbstractRestTest {
   @Test
   public void shouldContainPreflightWithAllowedHeaders() {
     // given
-    // same origin
-    String origin = "http://localhost:" + localPort;
+    String origin = "http://other.origin";
 
     HttpHeaders headers = new HttpHeaders();
     headers.add(HttpHeaders.ORIGIN, origin);

diff --git a/...camunda/bpm/run/test/config/cors/CorsConfigurationEnabledAllowedOriginConfiguredTest.java b/...camunda/bpm/run/test/config/cors/CorsConfigurationEnabledAllowedOriginConfiguredTest.java
@@ -22,6 +22,7 @@
 
 import org.camunda.bpm.run.property.CamundaBpmRunCorsProperty;
 import org.camunda.bpm.run.test.AbstractRestTest;
+import org.junit.Ignore;
 import org.junit.Test;
 import org.springframework.http.HttpEntity;
 import org.springframework.http.HttpHeaders;
@@ -35,30 +36,13 @@
  * Note: To run this test via an IDE you must set the system property
  * {@code sun.net.http.allowRestrictedHeaders} to {@code true}.
  * (e.g. System.setProperty("sun.net.http.allowRestrictedHeaders", "true");)
- * 
+ *
  * @see https://jira.camunda.com/browse/CAM-11290
  */
 @ActiveProfiles(profiles = { "test-cors-enabled" }, inheritProfiles = true)
 @TestPropertySource(properties = {CamundaBpmRunCorsProperty.PREFIX + ".allowed-origins=http://other.origin:8081"})
 public class CorsConfigurationEnabledAllowedOriginConfiguredTest extends AbstractRestTest {
 
-  @Test
-  public void shouldPassSameOriginRequest() {
-    // given
-    // same origin
-    String origin = "http://localhost:" + localPort;
-
-    HttpHeaders headers = new HttpHeaders();
-    headers.add(HttpHeaders.ORIGIN, origin);
-
-    // when
-    ResponseEntity<List> response = testRestTemplate.exchange(CONTEXT_PATH + "/task", HttpMethod.GET, new HttpEntity<>(headers), List.class);
-
-    // then
-    assertThat(response.getStatusCode()).isEqualTo(HttpStatus.OK);
-    assertThat(response.getHeaders().getAccessControlAllowOrigin()).contains(origin);
-  }
-
   @Test
   public void shouldFailCrossOriginRequestFromNotAllowedOrigin() {
     // given

diff --git a/.../test/java/org/camunda/bpm/run/test/config/cors/CorsConfigurationEnabledWildcardTest.java b/.../test/java/org/camunda/bpm/run/test/config/cors/CorsConfigurationEnabledWildcardTest.java
@@ -33,29 +33,12 @@
  * Note: To run this test via an IDE you must set the system property
  * {@code sun.net.http.allowRestrictedHeaders} to {@code true}.
  * (e.g. System.setProperty("sun.net.http.allowRestrictedHeaders", "true");)
- * 
+ *
  * @see https://jira.camunda.com/browse/CAM-11290
  */
 @ActiveProfiles(profiles = { "test-cors-enabled" }, inheritProfiles = true)
 public class CorsConfigurationEnabledWildcardTest extends AbstractRestTest {
 
-  @Test
-  public void shouldPassSameOriginRequest() {
-    // given
-    // same origin
-    String origin = "http://localhost:" + localPort;
-
-    HttpHeaders headers = new HttpHeaders();
-    headers.add(HttpHeaders.ORIGIN, origin);
-
-    // when
-    ResponseEntity<List> response = testRestTemplate.exchange(CONTEXT_PATH + "/task", HttpMethod.GET, new HttpEntity<>(headers), List.class);
-
-    // then
-    assertThat(response.getStatusCode()).isEqualTo(HttpStatus.OK);
-    assertThat(response.getHeaders().getAccessControlAllowOrigin()).contains("*");
-  }
-
   @Test
   public void shouldPassCrossOriginRequest() {
     // given

diff --git a/...c/test/java/org/camunda/bpm/run/test/config/cors/CorsConfigurationExposedHeadersTest.java b/...c/test/java/org/camunda/bpm/run/test/config/cors/CorsConfigurationExposedHeadersTest.java
@@ -45,8 +45,7 @@ public class CorsConfigurationExposedHeadersTest extends AbstractRestTest {
   @Test
   public void shouldProvideResponseWithExposedHeaders() {
     // given
-    // same origin
-    String origin = "http://localhost:" + localPort;
+    String origin = "http://other.origin";
 
     HttpHeaders headers = new HttpHeaders();
     headers.add(HttpHeaders.ORIGIN, origin);

diff --git a/.../test/java/org/camunda/bpm/run/test/config/cors/CorsConfigurationPreflightMaxAgeTest.java b/.../test/java/org/camunda/bpm/run/test/config/cors/CorsConfigurationPreflightMaxAgeTest.java
@@ -45,8 +45,7 @@ public class CorsConfigurationPreflightMaxAgeTest extends AbstractRestTest {
   @Test
   public void shouldUseACustomPreflightAge() {
     // given
-    // same origin
-    String origin = "http://localhost:" + localPort;
+    String origin = "http://other.origin";
 
     HttpHeaders headers = new HttpHeaders();
     headers.add(HttpHeaders.ORIGIN, origin);

diff --git a/...re/src/test/java/org/camunda/bpm/run/test/config/cors/CorsWithChangedContextPathTest.java b/...re/src/test/java/org/camunda/bpm/run/test/config/cors/CorsWithChangedContextPathTest.java
@@ -47,8 +47,7 @@ public class CorsWithChangedContextPathTest extends AbstractRestTest {
   @Test
   public void shouldCheckCorsAvailabilityOnPathChange() {
     // given
-    // same origin
-    String origin = "http://localhost:" + localPort;
+    String origin = "http://other.origin:8081";
 
     HttpHeaders headers = new HttpHeaders();
     headers.add(HttpHeaders.ORIGIN, origin);

diff --git a/parent/pom.xml b/parent/pom.xml
@@ -21,7 +21,7 @@
     <version.quarkus>3.2.6.Final</version.quarkus>
     <version.spring.framework>5.3.27</version.spring.framework>
     <version.spring.framework6>6.0.9</version.spring.framework6>
-    <version.spring-boot>3.1.4</version.spring-boot>
+    <version.spring-boot>3.1.5</version.spring-boot>
     <version.resteasy>3.15.6.Final</version.resteasy>
     <version.jersey2>2.34</version.jersey2>
     <!-- use minimum version of resteasy and jersey -->
@@ -58,7 +58,7 @@
     <version.wildfly26>26.0.1.Final</version.wildfly26>
     <version.wildfly26.core>18.0.4.Final</version.wildfly26.core>
 
-    <version.tomcat>9.0.80</version.tomcat>
+    <version.tomcat>9.0.82</version.tomcat>
 
     <version.arquillian>1.1.10.Final</version.arquillian>
     <version.shrinkwrap.resolvers>2.2.2</version.shrinkwrap.resolvers>