github/datasette
1
0
Fork 0
mirror of https://github.com/simonw/datasette.git synced 2025-12-10 16:51:24 +01:00
Code Issues Projects Releases Packages Wiki Activity

Access-Control-Allow-Methods: GET, POST, HEAD, OPTIONS - refs #1922

Browse source
This commit is contained in:
Simon Willison 2022-11-30 12:25:12 -08:00
commit 6bfd71f5c6
3 changed files with 4 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

2
tests/test_api.py
View file

@ -914,6 +914,7 @@ def test_cors(
assert response.headers["Access-Control-Allow-Origin"] == "*"
assert response.headers["Access-Control-Allow-Headers"] == "Authorization"
assert response.headers["Access-Control-Expose-Headers"] == "Link"
assert response.headers["Access-Control-Allow-Methods"] == "GET, POST, HEAD, OPTIONS"
# Same request to app_client_two_attached_databases_one_immutable
# should not have those headers - I'm using that fixture because
# regular app_client doesn't have immutable fixtures.db which means
@ -923,6 +924,7 @@ def test_cors(
assert "Access-Control-Allow-Origin" not in response.headers
assert "Access-Control-Allow-Headers" not in response.headers
assert "Access-Control-Expose-Headers" not in response.headers
assert "Access-Control-Allow-Methods" not in response.headers
@pytest.mark.parametrize(