35 lines
774 B
PHP
35 lines
774 B
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
namespace Tests\Feature;
|
|
|
|
use PHPUnit\Framework\Attributes\Test;
|
|
use Tests\TestCase;
|
|
use Tests\TestToken;
|
|
|
|
class CorsHeadersTest extends TestCase
|
|
{
|
|
use TestToken;
|
|
|
|
#[Test]
|
|
public function checkCorsHeadersOnMediaEndpoint(): void
|
|
{
|
|
$response = $this->call(
|
|
'OPTIONS',
|
|
'/api/media',
|
|
[],
|
|
[],
|
|
[],
|
|
['HTTP_Authorization' => 'Bearer ' . $this->getToken()]
|
|
);
|
|
$response->assertHeader('Access-Control-Allow-Origin', '*');
|
|
}
|
|
|
|
#[Test]
|
|
public function checkForNoCorsHeaderOnNonMediaEndpointLinks(): void
|
|
{
|
|
$response = $this->get('/blog');
|
|
$response->assertHeaderMissing('Access-Control-Allow-Origin');
|
|
}
|
|
}
|