fiber Architecture Docs
Home / Function/ Test_CORS_AllowCredentials() — fiber Function Reference

Test_CORS_AllowCredentials() — fiber Function Reference

Architecture documentation for the Test_CORS_AllowCredentials() function in cors_test.go from the fiber codebase.

Function go FiberCore Adapters

Entity Profile

Dependency Diagram

graph TD
  b72ef389_154e_4d41_faf9_a04e7e99264c["Test_CORS_AllowCredentials()"]
  e59a43fd_cfa4_0f6b_1938_4a08e36ad74e["cors_test.go"]
  b72ef389_154e_4d41_faf9_a04e7e99264c -->|defined in| e59a43fd_cfa4_0f6b_1938_4a08e36ad74e
  style b72ef389_154e_4d41_faf9_a04e7e99264c fill:#6366f1,stroke:#818cf8,color:#fff

Relationship Graph

Source Code

middleware/cors/cors_test.go lines 1009–1098

func Test_CORS_AllowCredentials(t *testing.T) {
	testCases := []struct {
		Name                string
		RequestOrigin       string
		ResponseOrigin      string
		ResponseCredentials string
		Config              Config
	}{
		{
			Name: "AllowOriginsFuncDefined",
			Config: Config{
				AllowCredentials: true,
				AllowOriginsFunc: func(_ string) bool {
					return true
				},
			},
			RequestOrigin: "http://aaa.com",
			// The AllowOriginsFunc config was defined, should use the real origin of the function
			ResponseOrigin:      "http://aaa.com",
			ResponseCredentials: "true",
		},
		{
			Name: "fiber-ghsa-fmg4-x8pw-hjhg-wildcard-credentials",
			Config: Config{
				AllowCredentials: true,
				AllowOriginsFunc: func(_ string) bool {
					return true
				},
			},
			RequestOrigin:  "*",
			ResponseOrigin: "",
			// Middleware will validate that wildcard won't set credentials to true and reject non-serialized origins
			ResponseCredentials: "",
		},
		{
			Name: "AllowOriginsFuncNotDefined",
			Config: Config{
				// Setting this to true will cause the middleware to panic since default AllowOrigins is "*"
				AllowCredentials: false,
			},
			RequestOrigin: "http://aaa.com",
			// None of the AllowOrigins or AllowOriginsFunc config was defined, should use the default origin of "*"
			// which will cause the CORS error in the client:
			// The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*'
			// when the request's credentials mode is 'include'.
			ResponseOrigin:      "*",
			ResponseCredentials: "",
		},
		{
			Name: "AllowOriginsDefined",
			Config: Config{
				AllowCredentials: true,
				AllowOrigins:     []string{"http://aaa.com"},
			},
			RequestOrigin:       "http://aaa.com",
			ResponseOrigin:      "http://aaa.com",
			ResponseCredentials: "true",
		},
		{
			Name: "AllowOriginsDefined/UnallowedOrigin",
			Config: Config{
				AllowCredentials: true,
				AllowOrigins:     []string{"http://aaa.com"},
			},
			RequestOrigin:       "http://bbb.com",
			ResponseOrigin:      "",
			ResponseCredentials: "",
		},
	}

	for _, tc := range testCases {
		t.Run(tc.Name, func(t *testing.T) {
			app := fiber.New()
			app.Use("/", New(tc.Config))

			handler := app.Handler()

			ctx := &fasthttp.RequestCtx{}
			ctx.Request.SetRequestURI("/")
			ctx.Request.Header.SetMethod(fiber.MethodOptions)
			ctx.Request.Header.Set(fiber.HeaderAccessControlRequestMethod, fiber.MethodGet)

Domain

Subdomains

Defined In

Source

Frequently Asked Questions

What does Test_CORS_AllowCredentials() do?
Test_CORS_AllowCredentials() is a function in the fiber codebase, defined in middleware/cors/cors_test.go.
Where is Test_CORS_AllowCredentials() defined?
Test_CORS_AllowCredentials() is defined in middleware/cors/cors_test.go at line 1009.

Analyze Your Own Codebase

Get architecture documentation, dependency graphs, and domain analysis for your codebase in minutes.

Try Supermodel Free