Skip to content

Commit

Permalink
Add debug logging
Browse files Browse the repository at this point in the history
  • Loading branch information
reweeden committed Mar 21, 2024
1 parent a13546a commit e924b5e
Show file tree
Hide file tree
Showing 2 changed files with 20 additions and 5 deletions.
10 changes: 6 additions & 4 deletions tests_e2e/test_cors.py
Original file line number Diff line number Diff line change
Expand Up @@ -51,8 +51,9 @@ def test_cors_preflight_options(urls, auth_cookies):
headers = dict(r.headers)

assert r.status_code == 204
assert headers.get("Access-Control-Allow-Origin") == origin_host
assert "GET" in headers.get("Access-Control-Allow-Methods")
assert headers["Access-Control-Allow-Origin"] == origin_host
assert set(headers["Access-Control-Allow-Methods"].split(", ")) >= {"GET", "HEAD", "OPTIONS"}
assert set(headers["Access-Control-Allow-Headers"].split(", ")) >= {"Authorization", "Origin"}


def test_cors_preflight_options_origin_null(urls, auth_cookies):
Expand All @@ -71,5 +72,6 @@ def test_cors_preflight_options_origin_null(urls, auth_cookies):
headers = dict(r.headers)

assert r.status_code == 204
assert headers.get("Access-Control-Allow-Origin") == "null"
assert "GET" in headers.get("Access-Control-Allow-Methods")
assert headers["Access-Control-Allow-Origin"] == "null"
assert set(headers["Access-Control-Allow-Methods"].split(", ")) >= {"GET", "HEAD", "OPTIONS"}
assert set(headers["Access-Control-Allow-Headers"].split(", ")) >= {"Authorization", "Origin"}
15 changes: 14 additions & 1 deletion thin_egress_app/app.py
Original file line number Diff line number Diff line change
Expand Up @@ -478,6 +478,7 @@ def is_cors_allowed():
origin_header = app.current_request.headers.get("origin")
cors_origin = os.getenv("CORS_ORIGIN")

log.debug("origin_header: %r, cors_origin: %r", origin_header, cors_origin)
return bool(
origin_header
and cors_origin
Expand Down Expand Up @@ -966,21 +967,33 @@ def dynamic_url_options():
"HEAD",
"OPTIONS",
]
allowed_headers = [

Check warning on line 970 in thin_egress_app/app.py

View check run for this annotation

Codecov / codecov/patch

thin_egress_app/app.py#L970

Added line #L970 was not covered by tests
"Authorization",
"Origin",
"X-Requested-With",
]
request_method = app.current_request.headers.get(

Check warning on line 975 in thin_egress_app/app.py

View check run for this annotation

Codecov / codecov/patch

thin_egress_app/app.py#L975

Added line #L975 was not covered by tests
"Access-Control-Request-Method",
"",
).strip()
log.info("Received CORS preflight request for method: %r", request_method)

Check warning on line 979 in thin_egress_app/app.py

View check run for this annotation

Codecov / codecov/patch

thin_egress_app/app.py#L979

Added line #L979 was not covered by tests

log.debug("is_cors_allowed: %s", is_cors_allowed())
log.debug("request_method in allowed_methods: %s", request_method in allowed_methods)

Check warning on line 982 in thin_egress_app/app.py

View check run for this annotation

Codecov / codecov/patch

thin_egress_app/app.py#L981-L982

Added lines #L981 - L982 were not covered by tests
if is_cors_allowed() and request_method in allowed_methods:
headers = {

Check warning on line 984 in thin_egress_app/app.py

View check run for this annotation

Codecov / codecov/patch

thin_egress_app/app.py#L984

Added line #L984 was not covered by tests
"Access-Control-Allow-Methods": ", ".join(allowed_methods)
"Access-Control-Allow-Methods": ", ".join(allowed_methods),
"Access-Control-Allow-Headers": ", ".join(allowed_headers),
}
add_cors_headers(headers)
log.info("Returning success response")
return Response(

Check warning on line 990 in thin_egress_app/app.py

View check run for this annotation

Codecov / codecov/patch

thin_egress_app/app.py#L988-L990

Added lines #L988 - L990 were not covered by tests
body="",
headers=headers,
status_code=204,
)

log.info("Returning error response")
return Response(

Check warning on line 997 in thin_egress_app/app.py

View check run for this annotation

Codecov / codecov/patch

thin_egress_app/app.py#L996-L997

Added lines #L996 - L997 were not covered by tests
body="Method Not Allowed",
status_code=405,
Expand Down

0 comments on commit e924b5e

Please sign in to comment.