Example #1
0
  public void testThatOmittingCorsHeaderDoesNotReturnAnything() throws Exception {
    HttpResponse response = httpClient().method("GET").path("/").execute();

    assertThat(response.getStatusCode(), is(200));
    assertThat(response.getHeaders(), not(hasKey("Access-Control-Allow-Origin")));
    assertThat(response.getHeaders(), not(hasKey("Access-Control-Allow-Credentials")));
  }
Example #2
0
 void runUpgrade(String path, String... params) throws Exception {
   assert params.length % 2 == 0;
   HttpRequestBuilder builder = httpClient().method("POST").path(path);
   for (int i = 0; i < params.length; i += 2) {
     builder.addParam(params[i], params[i + 1]);
   }
   HttpResponse rsp = builder.execute();
   assertNotNull(rsp);
   assertEquals(200, rsp.getStatusCode());
 }
Example #3
0
 public void testThatRegularExpressionReturnsForbiddenOnNonMatch() throws Exception {
   HttpResponse response =
       httpClient()
           .method("GET")
           .path("/")
           .addHeader("User-Agent", "Mozilla Bar")
           .addHeader("Origin", "http://evil-host:9200")
           .execute();
   // a rejected origin gets a FORBIDDEN - 403
   assertThat(response.getStatusCode(), is(403));
   assertThat(response.getHeaders(), not(hasKey("Access-Control-Allow-Origin")));
 }
Example #4
0
 public void testThatPreFlightRequestWorksOnMatch() throws Exception {
   String corsValue = "http://localhost:9200";
   HttpResponse response =
       httpClient()
           .method("OPTIONS")
           .path("/")
           .addHeader("User-Agent", "Mozilla Bar")
           .addHeader("Origin", corsValue)
           .addHeader(HttpHeaders.Names.ACCESS_CONTROL_REQUEST_METHOD, "GET")
           .execute();
   assertResponseWithOriginheader(response, corsValue);
   assertThat(response.getHeaders(), hasKey("Access-Control-Allow-Methods"));
 }
Example #5
0
 public void testThatPreFlightRequestReturnsNullOnNonMatch() throws Exception {
   HttpResponse response =
       httpClient()
           .method("OPTIONS")
           .path("/")
           .addHeader("User-Agent", "Mozilla Bar")
           .addHeader("Origin", "http://evil-host:9200")
           .addHeader(HttpHeaders.Names.ACCESS_CONTROL_REQUEST_METHOD, "GET")
           .execute();
   // a rejected origin gets a FORBIDDEN - 403
   assertThat(response.getStatusCode(), is(403));
   assertThat(response.getHeaders(), not(hasKey("Access-Control-Allow-Origin")));
   assertThat(response.getHeaders(), not(hasKey("Access-Control-Allow-Methods")));
 }
Example #6
0
  public void testCorsSettingDefaultBehaviourDoesNotReturnAnything() throws Exception {
    String corsValue = "http://localhost:9200";
    HttpResponse response =
        httpClient()
            .method("GET")
            .path("/")
            .addHeader("User-Agent", "Mozilla Bar")
            .addHeader("Origin", corsValue)
            .execute();

    assertThat(response.getStatusCode(), is(200));
    assertThat(response.getHeaders(), not(hasKey("Access-Control-Allow-Origin")));
    assertThat(response.getHeaders(), not(hasKey("Access-Control-Allow-Credentials")));
  }
Example #7
0
  @Test
  public void testThatErrorTraceWorksByDefault() throws Exception {
    // Make the HTTP request
    HttpResponse response =
        new HttpRequestBuilder(HttpClients.createDefault())
            .httpTransport(internalCluster().getDataNodeInstance(HttpServerTransport.class))
            .path("/")
            .addParam("error_trace", "true")
            .method(HttpDeleteWithEntity.METHOD_NAME)
            .execute();

    assertThat(response.getHeaders().get("Content-Type"), containsString("application/json"));
    assertThat(
        response.getBody(), containsString("\"error_trace\":{\"message\":\"Validation Failed"));
  }
Example #8
0
  private void assertPluginAvailable(String pluginName) throws InterruptedException, IOException {
    final HttpRequestBuilder httpRequestBuilder = getHttpRequestBuilder();

    // checking that the http connector is working properly
    // We will try it for some seconds as it could happen that the REST interface is not yet fully
    // started
    assertThat(
        awaitBusy(
            new Predicate<Object>() {
              @Override
              public boolean apply(Object obj) {
                try {
                  HttpResponse response = httpRequestBuilder.method("GET").path("/").execute();
                  if (response.getStatusCode() != RestStatus.OK.getStatus()) {
                    // We want to trace what's going on here before failing the test
                    logger.info(
                        "--> error caught [{}], headers [{}]",
                        response.getStatusCode(),
                        response.getHeaders());
                    logger.info(
                        "--> cluster state [{}]", internalCluster().clusterService().state());
                    return false;
                  }
                  return true;
                } catch (IOException e) {
                  throw new ElasticsearchException("HTTP problem", e);
                }
              }
            },
            5,
            TimeUnit.SECONDS),
        equalTo(true));

    // checking now that the plugin is available
    HttpResponse response =
        getHttpRequestBuilder().method("GET").path("/_plugin/" + pluginName + "/").execute();
    assertThat(response, notNullValue());
    assertThat(
        response.getReasonPhrase(), response.getStatusCode(), equalTo(RestStatus.OK.getStatus()));
  }
Example #9
0
 private boolean isDownloadServiceWorking(String host, int port, String resource) {
   try {
     String protocol = port == 443 ? "https" : "http";
     HttpResponse response =
         new HttpRequestBuilder(HttpClients.createDefault())
             .protocol(protocol)
             .host(host)
             .port(port)
             .path(resource)
             .execute();
     if (response.getStatusCode() != 200) {
       logger.warn(
           "[{}{}] download service is not working. Disabling current test.", host, resource);
       return false;
     }
     return true;
   } catch (Throwable t) {
     logger.warn(
         "[{}{}] download service is not working. Disabling current test.", host, resource);
   }
   return false;
 }
Example #10
0
  public void testThatRegularExpressionWorksOnMatch() throws Exception {
    String corsValue = "http://localhost:9200";
    HttpResponse response =
        httpClient()
            .method("GET")
            .path("/")
            .addHeader("User-Agent", "Mozilla Bar")
            .addHeader("Origin", corsValue)
            .execute();
    assertResponseWithOriginheader(response, corsValue);

    corsValue = "https://localhost:9200";
    response =
        httpClient()
            .method("GET")
            .path("/")
            .addHeader("User-Agent", "Mozilla Bar")
            .addHeader("Origin", corsValue)
            .execute();
    assertResponseWithOriginheader(response, corsValue);
    assertThat(response.getHeaders(), hasKey("Access-Control-Allow-Credentials"));
    assertThat(response.getHeaders().get("Access-Control-Allow-Credentials"), is("true"));
  }
Example #11
0
 public void testThatSendingNoOriginHeaderReturnsNoAccessControlHeader() throws Exception {
   HttpResponse response =
       httpClient().method("GET").path("/").addHeader("User-Agent", "Mozilla Bar").execute();
   assertThat(response.getStatusCode(), is(200));
   assertThat(response.getHeaders(), not(hasKey("Access-Control-Allow-Origin")));
 }
Example #12
0
 protected static void assertResponseWithOriginheader(
     HttpResponse response, String expectedCorsHeader) {
   assertThat(response.getStatusCode(), is(200));
   assertThat(response.getHeaders(), hasKey("Access-Control-Allow-Origin"));
   assertThat(response.getHeaders().get("Access-Control-Allow-Origin"), is(expectedCorsHeader));
 }
Example #13
0
 public void testThatRegularExpressionIsNotAppliedWithoutCorrectBrowserOnMatch() throws Exception {
   HttpResponse response = httpClient().method("GET").path("/").execute();
   assertThat(response.getStatusCode(), is(200));
   assertThat(response.getHeaders(), not(hasKey("Access-Control-Allow-Origin")));
 }
Example #14
0
 Map<String, Object> validateAndParse(HttpResponse rsp) throws Exception {
   assertNotNull(rsp);
   assertEquals(200, rsp.getStatusCode());
   assertTrue(rsp.hasBody());
   return (Map<String, Object>) new JsonPath(rsp.getBody()).evaluate("");
 }