tchekai704
/
src-spring-framework
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

Remove duplicated elements in CorsConfiguration#combine() 

Issue: SPR-14792
pull/1199/head
Sebastien Deleuze 8 years ago
parent
196c73fa50
commit
9bf8489afd
2 changed files with 27 additions and 3 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 7
      spring-web/src/main/java/org/springframework/web/cors/CorsConfiguration.java
  2. 23
      spring-web/src/test/java/org/springframework/web/cors/CorsConfigurationTests.java

7
spring-web/src/main/java/org/springframework/web/cors/CorsConfiguration.java
Unescape View File

@ -18,7 +18,9 @@ package org.springframework.web.cors; @@ -18,7 +18,9 @@ package org.springframework.web.cors;
import java.util.ArrayList;
import java.util.Collections;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Set;
import org.springframework.http.HttpMethod;
import org.springframework.util.CollectionUtils;
@ -123,12 +125,11 @@ public class CorsConfiguration { @@ -123,12 +125,11 @@ public class CorsConfiguration {
if (source == null || source.contains(ALL)) {
return other;
}
List<String> combined = new ArrayList<>(source);
Set<String> combined = new LinkedHashSet<>(source);
combined.addAll(other);
return combined;
return new ArrayList<>(combined);
}
/**
* Set the origins to allow, e.g. {@code "http://domain1.com"}.
* <p>The special value {@code "*"} allows all domains.

23
spring-web/src/test/java/org/springframework/web/cors/CorsConfigurationTests.java
Unescape View File

@ -131,6 +131,29 @@ public class CorsConfigurationTests { @@ -131,6 +131,29 @@ public class CorsConfigurationTests {
assertEquals(Arrays.asList(HttpMethod.PUT.name()), combinedConfig.getAllowedMethods());
}
@Test // SPR-14792
public void combineWithDuplicatedElements() {
CorsConfiguration config = new CorsConfiguration();
config.addAllowedOrigin("http://domain1.com");
config.addAllowedOrigin("http://domain2.com");
config.addAllowedHeader("header1");
config.addAllowedHeader("header2");
config.addExposedHeader("header3");
config.addExposedHeader("header4");
config.addAllowedMethod(HttpMethod.GET.name());
config.addAllowedMethod(HttpMethod.PUT.name());
CorsConfiguration other = new CorsConfiguration();
other.addAllowedOrigin("http://domain1.com");
other.addAllowedHeader("header1");
other.addExposedHeader("header3");
other.addAllowedMethod(HttpMethod.GET.name());
CorsConfiguration combinedConfig = config.combine(other);
assertEquals(Arrays.asList("http://domain1.com", "http://domain2.com"), combinedConfig.getAllowedOrigins());
assertEquals(Arrays.asList("header1", "header2"), combinedConfig.getAllowedHeaders());
assertEquals(Arrays.asList("header3", "header4"), combinedConfig.getExposedHeaders());
assertEquals(Arrays.asList(HttpMethod.GET.name(), HttpMethod.PUT.name()), combinedConfig.getAllowedMethods());
}
@Test
public void combine() {
CorsConfiguration config = new CorsConfiguration();

Write Preview
Loading…
Cancel
Save