http-cors.txtar

 1# vi: set ft=conf
 2
 3# FIXME: don't skip windows
 4[windows] skip 'curl makes github actions hang'
 5
 6# convert crlf to lf on windows
 7[windows] dos2unix http1.txt http2.txt http3.txt goget.txt gitclone.txt
 8
 9# start soft serve
10exec soft serve &
11# wait for SSH server to start
12ensureserverrunning SSH_PORT
13
14# create user
15soft user create user1 --key "$USER1_AUTHORIZED_KEY"
16
17# create access token
18soft token create --expires-in '1h' 'repo2'
19cp stdout tokenfile
20envfile TOKEN=tokenfile
21soft token create --expires-in '1ns' 'repo2'
22cp stdout etokenfile
23envfile ETOKEN=etokenfile
24usoft token create 'repo2'
25cp stdout utokenfile
26envfile UTOKEN=utokenfile
27
28# push & create repo with some files, commits, tags...
29mkdir ./repo2
30git -c init.defaultBranch=master -C repo2 init
31mkfile ./repo2/README.md '# Project\nfoo'
32mkfile ./repo2/foo.png 'foo'
33mkfile ./repo2/bar.png 'bar'
34git -C repo2 remote add origin http://$TOKEN@localhost:$HTTP_PORT/repo2
35git -C repo2 lfs install --local
36git -C repo2 lfs track '*.png'
37git -C repo2 add -A
38git -C repo2 commit -m 'first'
39git -C repo2 tag v0.1.0
40git -C repo2 push origin HEAD
41git -C repo2 push origin HEAD --tags
42
43-- test 1 --
44# default public url is always allowed
45curl -v --request OPTIONS http://localhost:$HTTP_PORT/repo2/git-upload-pack -H 'Origin: http://localhost:23232' -H 'Access-Control-Request-Method: POST'
46stderr '.*200 OK.*'
47
48# stop the server
49stopserver
50
51-- test 2 --
52# by default the server does not allow example.com, so the response does not have the "Access-Control-Allow-Origin" header and cors will fail.
53
54# restart soft serve
55exec soft serve &
56# wait for SSH server to start
57ensureserverrunning SSH_PORT
58
59curl -v --request OPTIONS http://localhost:$HTTP_PORT/repo2/git-upload-pack -H 'Origin: https://example.com' -H 'Access-Control-Request-Method: POST'
60! stderr '.*Access-Control-Allow-Origin.*'
61
62# stop the server
63stopserver
64
65-- test 3 --
66# allow cross-origin OPTIONS requests for example.com
67env SOFT_SERVE_HTTP_CORS_ALLOWED_ORIGINS="https://example.com"
68env SOFT_SERVE_HTTP_CORS_ALLOWED_METHODS="GET,OPTIONS"
69env SOFT_SERVE_HTTP_CORS_ALLOWED_HEADERS="Origin,Access-Control-Request-Method"
70
71# restart soft serve
72exec soft serve &
73# wait for SSH server to start
74ensureserverrunning SSH_PORT
75
76curl -v --request OPTIONS http://localhost:$HTTP_PORT/repo2.git/info/refs -H 'Origin: https://example.com' -H 'Access-Control-Request-Method: GET'
77stderr '.*200 OK.*'
78
79# stop the server
80[windows] stopserver
81[windows] ! stderr .