fiber Architecture Docs
Home / Function/ Test_CORS_Subdomain() — fiber Function Reference

Test_CORS_Subdomain() — fiber Function Reference

Architecture documentation for the Test_CORS_Subdomain() function in cors_test.go from the fiber codebase.

Function go FiberCore Adapters

Entity Profile

Dependency Diagram

graph TD
  a542fe8a_bc37_0bef_4e52_8995cb0afd56["Test_CORS_Subdomain()"]
  e59a43fd_cfa4_0f6b_1938_4a08e36ad74e["cors_test.go"]
  a542fe8a_bc37_0bef_4e52_8995cb0afd56 -->|defined in| e59a43fd_cfa4_0f6b_1938_4a08e36ad74e
  style a542fe8a_bc37_0bef_4e52_8995cb0afd56 fill:#6366f1,stroke:#818cf8,color:#fff

Relationship Graph

Source Code

middleware/cors/cors_test.go lines 342–405

func Test_CORS_Subdomain(t *testing.T) {
	t.Parallel()
	// New fiber instance
	app := fiber.New()
	// OPTIONS (preflight) response headers when AllowOrigins is set to a subdomain
	app.Use("/", New(Config{
		AllowOrigins: []string{"  http://*.example.com  "},
	}))

	// Get handler pointer
	handler := app.Handler()

	// Make request with disallowed origin
	ctx := &fasthttp.RequestCtx{}
	ctx.Request.SetRequestURI("/")
	ctx.Request.Header.SetMethod(fiber.MethodOptions)
	ctx.Request.Header.Set(fiber.HeaderAccessControlRequestMethod, fiber.MethodGet)
	ctx.Request.Header.Set(fiber.HeaderOrigin, "http://google.com")

	// Perform request
	handler(ctx)

	// Allow-Origin header should be "" because http://google.com does not satisfy http://*.example.com
	require.Empty(t, string(ctx.Response.Header.Peek(fiber.HeaderAccessControlAllowOrigin)))

	ctx.Request.Reset()
	ctx.Response.Reset()

	// Make request with domain only (disallowed)
	ctx.Request.SetRequestURI("/")
	ctx.Request.Header.SetMethod(fiber.MethodOptions)
	ctx.Request.Header.Set(fiber.HeaderAccessControlRequestMethod, fiber.MethodGet)
	ctx.Request.Header.Set(fiber.HeaderOrigin, "http://example.com")

	handler(ctx)

	require.Empty(t, string(ctx.Response.Header.Peek(fiber.HeaderAccessControlAllowOrigin)))

	ctx.Request.Reset()
	ctx.Response.Reset()

	// Make request with malformed subdomain (disallowed)
	ctx.Request.SetRequestURI("/")
	ctx.Request.Header.SetMethod(fiber.MethodOptions)
	ctx.Request.Header.Set(fiber.HeaderAccessControlRequestMethod, fiber.MethodGet)
	ctx.Request.Header.Set(fiber.HeaderOrigin, "http://evil.comexample.com")

	handler(ctx)

	require.Empty(t, string(ctx.Response.Header.Peek(fiber.HeaderAccessControlAllowOrigin)))

	ctx.Request.Reset()
	ctx.Response.Reset()

	// Make request with allowed origin
	ctx.Request.SetRequestURI("/")
	ctx.Request.Header.SetMethod(fiber.MethodOptions)
	ctx.Request.Header.Set(fiber.HeaderAccessControlRequestMethod, fiber.MethodGet)
	ctx.Request.Header.Set(fiber.HeaderOrigin, "http://test.example.com")

	handler(ctx)

	require.Equal(t, "http://test.example.com", string(ctx.Response.Header.Peek(fiber.HeaderAccessControlAllowOrigin)))
}

Domain

Subdomains

Defined In

Source

Frequently Asked Questions

What does Test_CORS_Subdomain() do?
Test_CORS_Subdomain() is a function in the fiber codebase, defined in middleware/cors/cors_test.go.
Where is Test_CORS_Subdomain() defined?
Test_CORS_Subdomain() is defined in middleware/cors/cors_test.go at line 342.

Analyze Your Own Codebase

Get architecture documentation, dependency graphs, and domain analysis for your codebase in minutes.

Try Supermodel Free