Merge pull request #981 from acelaya-forks/feature/cors-fix

Feature/cors fix
2025-03-14 04:00:57 +03:00 · 2021-01-24 09:54:14 +01:00 · 2021-01-24 09:54:14 +01:00 · a4de8cee7d
commit a4de8cee7d
parent f57303f8c0 a9d6c463ed
15 changed files with 41 additions and 14 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -4,6 +4,24 @@ All notable changes to this project will be documented in this file.

 The format is based on [Keep a Changelog](https://keepachangelog.com), and this project adheres to [Semantic Versioning](https://semver.org).

+## [Unreleased]
+### Added
+* *Nothing*
+
+### Changed
+* *Nothing*
+
+### Deprecated
+* *Nothing*
+
+### Removed
+* *Nothing*
+
+### Fixed
+* [#979](https://github.com/shlinkio/shlink/issues/979) Added missing `itemsPerPage` query param to swagger docs for short RULs list.
+* [#980](https://github.com/shlinkio/shlink/issues/980) Fixed value used for `Access-Control-Allow-Origin`, that could not work as expected when including an IP address.
+
+
 ## [2.5.1] - 2021-01-21
 ### Added
 * *Nothing*
--- a/docs/swagger/paths/v1_short-urls.json
+++ b/docs/swagger/paths/v1_short-urls.json
@ -19,6 +19,15 @@
                    "type": "integer"
                }
            },
+            {
+                "name": "itemsPerPage",
+                "in": "query",
+                "description": "The amount of items to return on every page. Defaults to 10",
+                "required": false,
+                "schema": {
+                    "type": "number"
+                }
+            },
            {
                "name": "searchTerm",
                "in": "query",
--- a/module/Rest/src/Middleware/CrossDomainMiddleware.php
+++ b/module/Rest/src/Middleware/CrossDomainMiddleware.php
@ -32,7 +32,7 @@ class CrossDomainMiddleware implements MiddlewareInterface, RequestMethodInterfa
        }

        // Add Allow-Origin header
-        $response = $response->withHeader('Access-Control-Allow-Origin', $request->getHeader('Origin'));
+        $response = $response->withHeader('Access-Control-Allow-Origin', '*');
        if ($request->getMethod() !== self::METHOD_OPTIONS) {
            return $response;
        }
--- a/module/Rest/test-api/Action/CreateShortUrlActionTest.php
+++ b/module/Rest/test-api/Action/CreateShortUrlActionTest.php
@ -12,7 +12,7 @@ use function Functional\map;
 use function range;
 use function sprintf;

-class CreateShortUrlActionTest extends ApiTestCase
+class CreateShortUrlTest extends ApiTestCase
 {
    /** @test */
    public function createsNewShortUrlWhenOnlyLongUrlIsProvided(): void
--- a/module/Rest/test-api/Action/DeleteShortUrlActionTest.php
+++ b/module/Rest/test-api/Action/DeleteShortUrlActionTest.php
@ -7,7 +7,7 @@ namespace ShlinkioApiTest\Shlink\Rest\Action;
 use Shlinkio\Shlink\TestUtils\ApiTest\ApiTestCase;
 use ShlinkioApiTest\Shlink\Rest\Utils\NotFoundUrlHelpersTrait;

-class DeleteShortUrlActionTest extends ApiTestCase
+class DeleteShortUrlTest extends ApiTestCase
 {
    use NotFoundUrlHelpersTrait;

--- a/module/Rest/test-api/Action/EditShortUrlTagsActionTest.php
+++ b/module/Rest/test-api/Action/EditShortUrlTagsActionTest.php
@ -8,7 +8,7 @@ use GuzzleHttp\RequestOptions;
 use Shlinkio\Shlink\TestUtils\ApiTest\ApiTestCase;
 use ShlinkioApiTest\Shlink\Rest\Utils\NotFoundUrlHelpersTrait;

-class EditShortUrlTagsActionTest extends ApiTestCase
+class EditShortUrlTagsTest extends ApiTestCase
 {
    use NotFoundUrlHelpersTrait;

--- a/module/Rest/test-api/Action/EditShortUrlActionTest.php
+++ b/module/Rest/test-api/Action/EditShortUrlActionTest.php
@ -14,7 +14,7 @@ use ShlinkioApiTest\Shlink\Rest\Utils\NotFoundUrlHelpersTrait;
 use function GuzzleHttp\Psr7\build_query;
 use function sprintf;

-class EditShortUrlActionTest extends ApiTestCase
+class EditShortUrlTest extends ApiTestCase
 {
    use ArraySubsetAsserts;
    use NotFoundUrlHelpersTrait;
--- a/module/Rest/test-api/Action/GlobalVisitsActionTest.php
+++ b/module/Rest/test-api/Action/GlobalVisitsActionTest.php
@ -6,7 +6,7 @@ namespace ShlinkioApiTest\Shlink\Rest\Action;

 use Shlinkio\Shlink\TestUtils\ApiTest\ApiTestCase;

-class GlobalVisitsActionTest extends ApiTestCase
+class GlobalVisitsTest extends ApiTestCase
 {
    /**
     * @test
--- a/module/Rest/test-api/Action/ListTagsActionTest.php
+++ b/module/Rest/test-api/Action/ListTagsActionTest.php
@ -7,7 +7,7 @@ namespace ShlinkioApiTest\Shlink\Rest\Action;
 use GuzzleHttp\RequestOptions;
 use Shlinkio\Shlink\TestUtils\ApiTest\ApiTestCase;

-class ListTagsActionTest extends ApiTestCase
+class ListTagsTest extends ApiTestCase
 {
    /**
     * @test
--- a/module/Rest/test-api/Action/ResolveShortUrlActionTest.php
+++ b/module/Rest/test-api/Action/ResolveShortUrlActionTest.php
@ -11,7 +11,7 @@ use ShlinkioApiTest\Shlink\Rest\Utils\NotFoundUrlHelpersTrait;

 use function sprintf;

-class ResolveShortUrlActionTest extends ApiTestCase
+class ResolveShortUrlTest extends ApiTestCase
 {
    use NotFoundUrlHelpersTrait;

--- a/module/Rest/test-api/Action/ShortUrlVisitsActionTest.php
+++ b/module/Rest/test-api/Action/ShortUrlVisitsActionTest.php
@ -11,7 +11,7 @@ use ShlinkioApiTest\Shlink\Rest\Utils\NotFoundUrlHelpersTrait;
 use function GuzzleHttp\Psr7\build_query;
 use function sprintf;

-class ShortUrlVisitsActionTest extends ApiTestCase
+class ShortUrlVisitsTest extends ApiTestCase
 {
    use NotFoundUrlHelpersTrait;

--- a/module/Rest/test-api/Action/TagVisitsActionTest.php
+++ b/module/Rest/test-api/Action/TagVisitsActionTest.php
@ -8,7 +8,7 @@ use Shlinkio\Shlink\TestUtils\ApiTest\ApiTestCase;

 use function sprintf;

-class TagVisitsActionTest extends ApiTestCase
+class TagVisitsTest extends ApiTestCase
 {
    /**
     * @test
--- a/module/Rest/test-api/Action/UpdateTagActionTest.php
+++ b/module/Rest/test-api/Action/UpdateTagActionTest.php
@ -7,7 +7,7 @@ namespace ShlinkioApiTest\Shlink\Rest\Action;
 use GuzzleHttp\RequestOptions;
 use Shlinkio\Shlink\TestUtils\ApiTest\ApiTestCase;

-class UpdateTagActionTest extends ApiTestCase
+class UpdateTagTest extends ApiTestCase
 {
    /**
     * @test
--- a/module/Rest/test-api/Middleware/CorsTest.php
+++ b/module/Rest/test-api/Middleware/CorsTest.php
@ -35,7 +35,7 @@ class CorsTest extends ApiTestCase
        ]);

        self::assertEquals($expectedStatusCode, $resp->getStatusCode());
-        self::assertEquals($origin, $resp->getHeaderLine('Access-Control-Allow-Origin'));
+        self::assertEquals('*', $resp->getHeaderLine('Access-Control-Allow-Origin'));
        self::assertFalse($resp->hasHeader('Access-Control-Allow-Methods'));
        self::assertFalse($resp->hasHeader('Access-Control-Max-Age'));
        self::assertFalse($resp->hasHeader('Access-Control-Allow-Headers'));
--- a/module/Rest/test/Middleware/CrossDomainMiddlewareTest.php
+++ b/module/Rest/test/Middleware/CrossDomainMiddlewareTest.php
@ -61,7 +61,7 @@ class CrossDomainMiddlewareTest extends TestCase

        $headers = $response->getHeaders();

-        self::assertEquals('local', $response->getHeaderLine('Access-Control-Allow-Origin'));
+        self::assertEquals('*', $response->getHeaderLine('Access-Control-Allow-Origin'));
        self::assertArrayNotHasKey('Access-Control-Allow-Methods', $headers);
        self::assertArrayNotHasKey('Access-Control-Max-Age', $headers);
        self::assertArrayNotHasKey('Access-Control-Allow-Headers', $headers);
@ -82,7 +82,7 @@ class CrossDomainMiddlewareTest extends TestCase

        $headers = $response->getHeaders();

-        self::assertEquals('local', $response->getHeaderLine('Access-Control-Allow-Origin'));
+        self::assertEquals('*', $response->getHeaderLine('Access-Control-Allow-Origin'));
        self::assertArrayHasKey('Access-Control-Allow-Methods', $headers);
        self::assertEquals('1000', $response->getHeaderLine('Access-Control-Max-Age'));
        self::assertEquals('foo, bar, baz', $response->getHeaderLine('Access-Control-Allow-Headers'));