-
-
Notifications
You must be signed in to change notification settings - Fork 1.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(middleware/cors): CORS handling #2938
Conversation
WalkthroughThe update focuses on refining the CORS middleware and its test cases by adjusting the logic for handling CORS requests in Changes
Assessment against linked issues
Related issues
Poem
Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media? TipsChatThere are 3 ways to chat with CodeRabbit:
Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (invoked as PR comments)
Additionally, you can add CodeRabbit Configration File (
|
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #2938 +/- ##
==========================================
+ Coverage 82.74% 82.84% +0.09%
==========================================
Files 116 116
Lines 8415 8417 +2
==========================================
+ Hits 6963 6973 +10
+ Misses 1111 1106 -5
+ Partials 341 338 -3
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Review Status
Actionable comments generated: 1
Configuration used: CodeRabbit UI
Files selected for processing (2)
- middleware/cors/cors.go (1 hunks)
- middleware/cors/cors_test.go (13 hunks)
Additional comments: 1
middleware/cors/cors_test.go (1)
- 475-480: > 📝 NOTE
This review was outside the diff hunks and was mapped to the diff hunk with the greatest overlap. Original lines [465-495]
The test cases have been adjusted to reflect the changes made to the CORS middleware, specifically the handling of requests without the Origin header and the processing of preflight requests with the Access-Control-Request-Method header. These adjustments are important for ensuring that the middleware behaves as expected in these scenarios.
However, it's crucial to ensure that the test coverage is comprehensive and includes scenarios that might not be immediately obvious, such as requests with malformed Origin headers or preflight requests with unusual combinations of headers.
Consider adding more test cases to cover edge cases and potential error conditions related to the changes in CORS request handling. This could include tests for malformed Origin headers, preflight requests with missing or unexpected headers, and scenarios where the request method is changed after the preflight check.
@coderabbitai review |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Review Status
Actionable comments generated: 0
Configuration used: CodeRabbit UI
Files selected for processing (2)
- middleware/cors/cors.go (3 hunks)
- middleware/cors/cors_test.go (15 hunks)
Files skipped from review as they are similar to previous changes (2)
- middleware/cors/cors.go
- middleware/cors/cors_test.go
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Lgtm
Merge changes from v2 PR #2937
This pull request addresses issue #2936, fixing a bug introduced in the Fiber v2.52.3 release. The bug caused incorrect checking of non-preflight requests using preflight conditions.
Fiber CORS middleware validation sample: https://github.com/sixcolors/fiber-cors-middleware-validation-sample
Fixes #2936
Summary by CodeRabbit
cors.go
middleware.fiber.HeaderAccessControlRequestMethod
incors_test.go
.cors_test.go
.