]> git.openstreetmap.org Git - rails.git/blobdiff - test/integration/cors_test.rb
Merge pull request #5290 from tomhughes/danger
[rails.git] / test / integration / cors_test.rb
index 05754da7185d4735c9a95796b98377e3befdfeee..c35f73d349d7c90f415d73c6e7935feabafeb8c2 100644 (file)
@@ -8,15 +8,20 @@ class CORSTest < ActionDispatch::IntegrationTest
     }
 
     assert_response :success
-    assert_equal "http://www.example.com", response.headers["Access-Control-Allow-Origin"]
+    assert_equal "*", response.headers["Access-Control-Allow-Origin"]
+    assert_nil response.media_type
+    assert_equal "", response.body
   end
 
   def test_non_api_routes_dont_allow_cross_origin_requests
-    assert_raises ActionController::RoutingError do
-      process :options, "/", :headers => {
-        "HTTP_ORIGIN" => "http://www.example.com",
-        "HTTP_ACCESS_CONTROL_REQUEST_METHOD" => "GET"
-      }
-    end
+    process :options, "/", :headers => {
+      "HTTP_ORIGIN" => "http://www.example.com",
+      "HTTP_ACCESS_CONTROL_REQUEST_METHOD" => "GET"
+    }
+
+    assert_response :success
+    assert_nil response.headers["Access-Control-Allow-Origin"]
+    assert_nil response.media_type
+    assert_equal "", response.body
   end
 end