Remove Request Headers CORS Preflight Requirement

2019-11-28 08:24:06 -06:00 · 2019-11-28 08:24:06 -06:00 · a87c104172
commit a87c104172
parent b2c59be8de
2 changed files with 21 additions and 4 deletions
--- a/pkg/middlewares/headers/headers_test.go
+++ b/pkg/middlewares/headers/headers_test.go
@ -275,6 +275,25 @@ func TestCORSPreflights(t *testing.T) {
 				"Access-Control-Allow-Headers": {"origin,X-Forwarded-For"},
 			},
 		},
+		{
+			desc: "No Request Headers Preflight",
+			header: NewHeader(emptyHandler, dynamic.Headers{
+				AccessControlAllowMethods: []string{"GET", "OPTIONS", "PUT"},
+				AccessControlAllowOrigin:  "*",
+				AccessControlAllowHeaders: []string{"origin", "X-Forwarded-For"},
+				AccessControlMaxAge:       600,
+			}),
+			requestHeaders: map[string][]string{
+				"Access-Control-Request-Method": {"GET", "OPTIONS"},
+				"Origin":                        {"https://foo.bar.org"},
+			},
+			expected: map[string][]string{
+				"Access-Control-Allow-Origin":  {"*"},
+				"Access-Control-Max-Age":       {"600"},
+				"Access-Control-Allow-Methods": {"GET,OPTIONS,PUT"},
+				"Access-Control-Allow-Headers": {"origin,X-Forwarded-For"},
+			},
+		},
 	}

 	for _, test := range testCases {