public void testThatOmittingCorsHeaderDoesNotReturnAnything() throws Exception { HttpResponse response = httpClient().method("GET").path("/").execute(); assertThat(response.getStatusCode(), is(200)); assertThat(response.getHeaders(), not(hasKey("Access-Control-Allow-Origin"))); assertThat(response.getHeaders(), not(hasKey("Access-Control-Allow-Credentials"))); }
void runUpgrade(String path, String... params) throws Exception { assert params.length % 2 == 0; HttpRequestBuilder builder = httpClient().method("POST").path(path); for (int i = 0; i < params.length; i += 2) { builder.addParam(params[i], params[i + 1]); } HttpResponse rsp = builder.execute(); assertNotNull(rsp); assertEquals(200, rsp.getStatusCode()); }
public void testThatRegularExpressionReturnsForbiddenOnNonMatch() throws Exception { HttpResponse response = httpClient() .method("GET") .path("/") .addHeader("User-Agent", "Mozilla Bar") .addHeader("Origin", "http://evil-host:9200") .execute(); // a rejected origin gets a FORBIDDEN - 403 assertThat(response.getStatusCode(), is(403)); assertThat(response.getHeaders(), not(hasKey("Access-Control-Allow-Origin"))); }
public void testThatPreFlightRequestWorksOnMatch() throws Exception { String corsValue = "http://localhost:9200"; HttpResponse response = httpClient() .method("OPTIONS") .path("/") .addHeader("User-Agent", "Mozilla Bar") .addHeader("Origin", corsValue) .addHeader(HttpHeaders.Names.ACCESS_CONTROL_REQUEST_METHOD, "GET") .execute(); assertResponseWithOriginheader(response, corsValue); assertThat(response.getHeaders(), hasKey("Access-Control-Allow-Methods")); }
public void testThatPreFlightRequestReturnsNullOnNonMatch() throws Exception { HttpResponse response = httpClient() .method("OPTIONS") .path("/") .addHeader("User-Agent", "Mozilla Bar") .addHeader("Origin", "http://evil-host:9200") .addHeader(HttpHeaders.Names.ACCESS_CONTROL_REQUEST_METHOD, "GET") .execute(); // a rejected origin gets a FORBIDDEN - 403 assertThat(response.getStatusCode(), is(403)); assertThat(response.getHeaders(), not(hasKey("Access-Control-Allow-Origin"))); assertThat(response.getHeaders(), not(hasKey("Access-Control-Allow-Methods"))); }
public void testCorsSettingDefaultBehaviourDoesNotReturnAnything() throws Exception { String corsValue = "http://localhost:9200"; HttpResponse response = httpClient() .method("GET") .path("/") .addHeader("User-Agent", "Mozilla Bar") .addHeader("Origin", corsValue) .execute(); assertThat(response.getStatusCode(), is(200)); assertThat(response.getHeaders(), not(hasKey("Access-Control-Allow-Origin"))); assertThat(response.getHeaders(), not(hasKey("Access-Control-Allow-Credentials"))); }
@Test public void testThatErrorTraceWorksByDefault() throws Exception { // Make the HTTP request HttpResponse response = new HttpRequestBuilder(HttpClients.createDefault()) .httpTransport(internalCluster().getDataNodeInstance(HttpServerTransport.class)) .path("/") .addParam("error_trace", "true") .method(HttpDeleteWithEntity.METHOD_NAME) .execute(); assertThat(response.getHeaders().get("Content-Type"), containsString("application/json")); assertThat( response.getBody(), containsString("\"error_trace\":{\"message\":\"Validation Failed")); }
private void assertPluginAvailable(String pluginName) throws InterruptedException, IOException { final HttpRequestBuilder httpRequestBuilder = getHttpRequestBuilder(); // checking that the http connector is working properly // We will try it for some seconds as it could happen that the REST interface is not yet fully // started assertThat( awaitBusy( new Predicate<Object>() { @Override public boolean apply(Object obj) { try { HttpResponse response = httpRequestBuilder.method("GET").path("/").execute(); if (response.getStatusCode() != RestStatus.OK.getStatus()) { // We want to trace what's going on here before failing the test logger.info( "--> error caught [{}], headers [{}]", response.getStatusCode(), response.getHeaders()); logger.info( "--> cluster state [{}]", internalCluster().clusterService().state()); return false; } return true; } catch (IOException e) { throw new ElasticsearchException("HTTP problem", e); } } }, 5, TimeUnit.SECONDS), equalTo(true)); // checking now that the plugin is available HttpResponse response = getHttpRequestBuilder().method("GET").path("/_plugin/" + pluginName + "/").execute(); assertThat(response, notNullValue()); assertThat( response.getReasonPhrase(), response.getStatusCode(), equalTo(RestStatus.OK.getStatus())); }
private boolean isDownloadServiceWorking(String host, int port, String resource) { try { String protocol = port == 443 ? "https" : "http"; HttpResponse response = new HttpRequestBuilder(HttpClients.createDefault()) .protocol(protocol) .host(host) .port(port) .path(resource) .execute(); if (response.getStatusCode() != 200) { logger.warn( "[{}{}] download service is not working. Disabling current test.", host, resource); return false; } return true; } catch (Throwable t) { logger.warn( "[{}{}] download service is not working. Disabling current test.", host, resource); } return false; }
public void testThatRegularExpressionWorksOnMatch() throws Exception { String corsValue = "http://localhost:9200"; HttpResponse response = httpClient() .method("GET") .path("/") .addHeader("User-Agent", "Mozilla Bar") .addHeader("Origin", corsValue) .execute(); assertResponseWithOriginheader(response, corsValue); corsValue = "https://localhost:9200"; response = httpClient() .method("GET") .path("/") .addHeader("User-Agent", "Mozilla Bar") .addHeader("Origin", corsValue) .execute(); assertResponseWithOriginheader(response, corsValue); assertThat(response.getHeaders(), hasKey("Access-Control-Allow-Credentials")); assertThat(response.getHeaders().get("Access-Control-Allow-Credentials"), is("true")); }
public void testThatSendingNoOriginHeaderReturnsNoAccessControlHeader() throws Exception { HttpResponse response = httpClient().method("GET").path("/").addHeader("User-Agent", "Mozilla Bar").execute(); assertThat(response.getStatusCode(), is(200)); assertThat(response.getHeaders(), not(hasKey("Access-Control-Allow-Origin"))); }
protected static void assertResponseWithOriginheader( HttpResponse response, String expectedCorsHeader) { assertThat(response.getStatusCode(), is(200)); assertThat(response.getHeaders(), hasKey("Access-Control-Allow-Origin")); assertThat(response.getHeaders().get("Access-Control-Allow-Origin"), is(expectedCorsHeader)); }
public void testThatRegularExpressionIsNotAppliedWithoutCorrectBrowserOnMatch() throws Exception { HttpResponse response = httpClient().method("GET").path("/").execute(); assertThat(response.getStatusCode(), is(200)); assertThat(response.getHeaders(), not(hasKey("Access-Control-Allow-Origin"))); }
Map<String, Object> validateAndParse(HttpResponse rsp) throws Exception { assertNotNull(rsp); assertEquals(200, rsp.getStatusCode()); assertTrue(rsp.hasBody()); return (Map<String, Object>) new JsonPath(rsp.getBody()).evaluate(""); }