Java HttpResponse.getHeaders Examples

Example #1

File: CorsNotSetIT.java Project: inqueue/elasticsearch

  public void testThatOmittingCorsHeaderDoesNotReturnAnything() throws Exception {
    HttpResponse response = httpClient().method("GET").path("/").execute();

    assertThat(response.getStatusCode(), is(200));
    assertThat(response.getHeaders(), not(hasKey("Access-Control-Allow-Origin")));
    assertThat(response.getHeaders(), not(hasKey("Access-Control-Allow-Credentials")));
  }

Example #2

File: CorsRegexIT.java Project: ruflin/elasticsearch

 public void testThatRegularExpressionReturnsForbiddenOnNonMatch() throws Exception {
   HttpResponse response =
       httpClient()
           .method("GET")
           .path("/")
           .addHeader("User-Agent", "Mozilla Bar")
           .addHeader("Origin", "http://evil-host:9200")
           .execute();
   // a rejected origin gets a FORBIDDEN - 403
   assertThat(response.getStatusCode(), is(403));
   assertThat(response.getHeaders(), not(hasKey("Access-Control-Allow-Origin")));
 }

Example #3

File: CorsRegexIT.java Project: ruflin/elasticsearch

 public void testThatPreFlightRequestWorksOnMatch() throws Exception {
   String corsValue = "http://localhost:9200";
   HttpResponse response =
       httpClient()
           .method("OPTIONS")
           .path("/")
           .addHeader("User-Agent", "Mozilla Bar")
           .addHeader("Origin", corsValue)
           .addHeader(HttpHeaders.Names.ACCESS_CONTROL_REQUEST_METHOD, "GET")
           .execute();
   assertResponseWithOriginheader(response, corsValue);
   assertThat(response.getHeaders(), hasKey("Access-Control-Allow-Methods"));
 }

Example #4

File: CorsRegexIT.java Project: ruflin/elasticsearch

 public void testThatPreFlightRequestReturnsNullOnNonMatch() throws Exception {
   HttpResponse response =
       httpClient()
           .method("OPTIONS")
           .path("/")
           .addHeader("User-Agent", "Mozilla Bar")
           .addHeader("Origin", "http://evil-host:9200")
           .addHeader(HttpHeaders.Names.ACCESS_CONTROL_REQUEST_METHOD, "GET")
           .execute();
   // a rejected origin gets a FORBIDDEN - 403
   assertThat(response.getStatusCode(), is(403));
   assertThat(response.getHeaders(), not(hasKey("Access-Control-Allow-Origin")));
   assertThat(response.getHeaders(), not(hasKey("Access-Control-Allow-Methods")));
 }

Example #5

File: CorsNotSetIT.java Project: inqueue/elasticsearch

  public void testCorsSettingDefaultBehaviourDoesNotReturnAnything() throws Exception {
    String corsValue = "http://localhost:9200";
    HttpResponse response =
        httpClient()
            .method("GET")
            .path("/")
            .addHeader("User-Agent", "Mozilla Bar")
            .addHeader("Origin", corsValue)
            .execute();

    assertThat(response.getStatusCode(), is(200));
    assertThat(response.getHeaders(), not(hasKey("Access-Control-Allow-Origin")));
    assertThat(response.getHeaders(), not(hasKey("Access-Control-Allow-Credentials")));
  }

Example #6

File: DetailedErrorsEnabledTest.java Project: Eavie/elasticsearch

  @Test
  public void testThatErrorTraceWorksByDefault() throws Exception {
    // Make the HTTP request
    HttpResponse response =
        new HttpRequestBuilder(HttpClients.createDefault())
            .httpTransport(internalCluster().getDataNodeInstance(HttpServerTransport.class))
            .path("/")
            .addParam("error_trace", "true")
            .method(HttpDeleteWithEntity.METHOD_NAME)
            .execute();

    assertThat(response.getHeaders().get("Content-Type"), containsString("application/json"));
    assertThat(
        response.getBody(), containsString("\"error_trace\":{\"message\":\"Validation Failed"));
  }

Example #7

File: CorsRegexIT.java Project: ruflin/elasticsearch

  public void testThatRegularExpressionWorksOnMatch() throws Exception {
    String corsValue = "http://localhost:9200";
    HttpResponse response =
        httpClient()
            .method("GET")
            .path("/")
            .addHeader("User-Agent", "Mozilla Bar")
            .addHeader("Origin", corsValue)
            .execute();
    assertResponseWithOriginheader(response, corsValue);

    corsValue = "https://localhost:9200";
    response =
        httpClient()
            .method("GET")
            .path("/")
            .addHeader("User-Agent", "Mozilla Bar")
            .addHeader("Origin", corsValue)
            .execute();
    assertResponseWithOriginheader(response, corsValue);
    assertThat(response.getHeaders(), hasKey("Access-Control-Allow-Credentials"));
    assertThat(response.getHeaders().get("Access-Control-Allow-Credentials"), is("true"));
  }

Example #8

File: CorsRegexIT.java Project: ruflin/elasticsearch

 public void testThatSendingNoOriginHeaderReturnsNoAccessControlHeader() throws Exception {
   HttpResponse response =
       httpClient().method("GET").path("/").addHeader("User-Agent", "Mozilla Bar").execute();
   assertThat(response.getStatusCode(), is(200));
   assertThat(response.getHeaders(), not(hasKey("Access-Control-Allow-Origin")));
 }

Example #9

File: CorsRegexIT.java Project: ruflin/elasticsearch

 protected static void assertResponseWithOriginheader(
     HttpResponse response, String expectedCorsHeader) {
   assertThat(response.getStatusCode(), is(200));
   assertThat(response.getHeaders(), hasKey("Access-Control-Allow-Origin"));
   assertThat(response.getHeaders().get("Access-Control-Allow-Origin"), is(expectedCorsHeader));
 }

Example #10

File: CorsRegexIT.java Project: ruflin/elasticsearch

 public void testThatRegularExpressionIsNotAppliedWithoutCorrectBrowserOnMatch() throws Exception {
   HttpResponse response = httpClient().method("GET").path("/").execute();
   assertThat(response.getStatusCode(), is(200));
   assertThat(response.getHeaders(), not(hasKey("Access-Control-Allow-Origin")));
 }