def test_OPTIONS_CORS_headers_valid_origin(self):
# before sending a POST, the browser will send an OPTION request as a preflight to see the CORS headers.
# the backend will only return the required CORS headers, if the Origin is set to a allowed domain.
post_payload = create_post_payload()
valid_origin = 'http://testdomain.com'
preflight_response = requests.options(url=COMMENT_SIDECAR_URL, json=post_payload, headers={'Origin': valid_origin})
assert_cors_headers_exists(preflight_response, valid_origin)
assert_that(preflight_response.text).is_empty()
assert_that(get_comments().json())\
.described_as("No comment should have been created after an OPTIONS request")\
.is_empty()
评论列表
文章目录
