pdk-cors-lib 1.7.0

PDK CORS Library
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75

// Copyright (c) 2026, Salesforce, Inc.,
// All rights reserved.
// For full license text, see the LICENSE.txt file

use crate::{model::request::simple_request_content_type::ContentMatcher, HeaderValue};

///
/// Defines the allowed methods for a request to be considered a Simple CORS Request.
/// These methods can be: GET, HEAD, POST.
///
/// Envoy processes the method in the HTTP/2 :method header, ensuring that the extracted value
/// is in lowercase.
const ALLOWED_METHODS: [&str; 3] = ["get", "head", "post"];

#[derive(Default)]
pub struct AllowedMethods {}

impl ContentMatcher for AllowedMethods {
    fn matches(&self, value: &HeaderValue) -> bool {
        ALLOWED_METHODS
            .iter()
            .any(|allowed| allowed.eq_ignore_ascii_case(value))
    }
}

#[cfg(test)]
mod allowed_methods_tests {
    use super::AllowedMethods;
    use crate::model::request::simple_request_content_type::ContentMatcher;

    #[test]
    fn allowed_method_lowercase_matches() {
        let allowed_methods = AllowedMethods::default();

        assert!(allowed_methods.matches("get"));
        assert!(allowed_methods.matches("head"));
        assert!(allowed_methods.matches("post"));
    }

    #[test]
    fn allowed_method_uppercase_matches() {
        let allowed_methods = AllowedMethods::default();

        assert!(allowed_methods.matches("GET"));
        assert!(allowed_methods.matches("HEAD"));
        assert!(allowed_methods.matches("POST"));
    }

    #[test]
    fn allowed_method_mixed_case_matches() {
        let allowed_methods = AllowedMethods::default();

        assert!(allowed_methods.matches("GeT"));
        assert!(allowed_methods.matches("HeAd"));
        assert!(allowed_methods.matches("pOst"));
    }

    #[test]
    fn not_allowed_method_does_not_match() {
        let allowed_methods = AllowedMethods::default();

        assert!(
            !allowed_methods.matches("options"),
            "OPTIONS is not an Allowed Method"
        );
        assert!(
            !allowed_methods.matches("DELETE"),
            "DELETE is not an Allowed Method"
        );
        assert!(
            !allowed_methods.matches("DELETE"),
            "DELETE is not an Allowed Method"
        );
    }
}