/* * Licensed to the Apache Software Foundation (ASF) under one * or more contributor license agreements. See the NOTICE file * distributed with this work for additional information * regarding copyright ownership. The ASF licenses this file * to you under the Apache License, Version 2.0 (the * "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, * software distributed under the License is distributed on an * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY * KIND, either express or implied. See the License for the * specific language governing permissions and limitations * under the License. * */ package org.apache.vysper.xmpp.extension.xep0124.inttests; import java.io.BufferedReader; import java.io.IOException; import java.io.InputStream; import java.io.InputStreamReader; import java.util.ArrayList; import java.util.List; import junit.framework.Assert; import org.apache.http.HttpResponse; import org.apache.http.client.methods.HttpGet; import org.apache.http.client.methods.HttpOptions; import org.apache.vysper.xml.fragment.XMLElement; import org.apache.vysper.xmpp.extension.xep0124.BoshEndpoint; import org.apache.vysper.xmpp.extension.xep0124.XMLUtil; import org.junit.Test; public class AllowedOriginIntegrationTest extends IntegrationTestTemplate { protected BoshEndpoint processBoshEndpoint(BoshEndpoint endpoint) { List<String> allowedDomains = new ArrayList<String>(); allowedDomains.add("example.com"); allowedDomains.add("foo.example.com"); endpoint.setAccessControlAllowOrigin(allowedDomains); return endpoint; } private String parseFully(InputStream stream) throws IOException { StringBuffer sb = new StringBuffer(); BufferedReader reader = new BufferedReader(new InputStreamReader(stream)); String line = reader.readLine(); while(line != null) { sb.append(line); line = reader.readLine(); } return sb.toString(); } @Test public void flashCrossdomain() throws Exception { HttpResponse response = httpclient.execute(new HttpGet(getServerUrl() + "crossdomain.xml")); String declaration = "<?xml version='1.0'?><!DOCTYPE cross-domain-policy SYSTEM 'http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd'>"; // XML parser does not support DOCTYPE declarations, so we hack around that here String xml = parseFully(response.getEntity().getContent()); Assert.assertTrue(xml.startsWith(declaration)); xml = xml.substring(declaration.length()); XMLElement elm = new XMLUtil(xml).parse(); Assert.assertEquals("cross-domain-policy", elm.getName()); Assert.assertEquals(2, elm.getInnerElements().size()); XMLElement firstChild = elm.getInnerElements().get(0); XMLElement secondChild = elm.getInnerElements().get(1); Assert.assertEquals("allow-access-from", firstChild.getName()); Assert.assertEquals("example.com", firstChild.getAttributeValue("domain")); Assert.assertEquals("allow-access-from", secondChild.getName()); Assert.assertEquals("foo.example.com", secondChild.getAttributeValue("domain")); } @Test public void optionsAccessControlAllowOrigin() throws Exception { HttpResponse response = httpclient.execute(new HttpOptions(getServerUrl())); Assert.assertEquals(1, response.getHeaders("Access-Control-Allow-Origin").length); String accessControlAllowOriginHeader = response.getHeaders("Access-Control-Allow-Origin")[0].getValue(); Assert.assertEquals("example.com,foo.example.com", accessControlAllowOriginHeader); } }