We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? # to your account
Hi, I am seeing a regression in 3.0.0 that I don't see mentioned in the changelog or documentation.
3.0.0
Using the following test:
from flask import Flask from flask_cors import CORS import pytest app = Flask(__name__) @app.route('/') def index(): return 'Success' CORS(app, origins=[r"https?://example.com"]) @pytest.mark.parametrize('origin, expected', [ ('http://example.com', True), ('https://example.com', True), ('http://failure.com', False), ]) def test_regex_origin(origin, expected): with app.test_client() as client: response = client.get('/', headers={'origin': origin}) assert ('Access-Control-Allow-Origin' in response.headers) == expected
Using 2.1.2:
2.1.2
$ pip freeze click==6.6 Flask==0.11.1 Flask-Cors==2.1.2 itsdangerous==0.24 Jinja2==2.8 MarkupSafe==0.23 py==1.4.31 pytest==3.0.1 six==1.10.0 Werkzeug==0.11.11 $ py.test test.py ============================= test session starts ============================== platform darwin -- Python 2.7.12, pytest-3.0.1, py-1.4.31, pluggy-0.3.1 rootdir: /private/tmp, inifile: collected 3 items test.py ... =========================== 3 passed in 0.10 seconds ===========================
Upgrading to 3.0.0:
$ pip install flask-cors==3.0.0 Collecting flask-cors==3.0.0 Using cached Flask_Cors-3.0.0-py2.py3-none-any.whl Requirement already satisfied (use --upgrade to upgrade): Six in ./env-old/lib/python2.7/site-packages (from flask-cors==3.0.0) Requirement already satisfied (use --upgrade to upgrade): Flask>=0.9 in ./env-old/lib/python2.7/site-packages (from flask-cors==3.0.0) Requirement already satisfied (use --upgrade to upgrade): click>=2.0 in ./env-old/lib/python2.7/site-packages (from Flask>=0.9->flask-cors==3.0.0) Requirement already satisfied (use --upgrade to upgrade): Jinja2>=2.4 in ./env-old/lib/python2.7/site-packages (from Flask>=0.9->flask-cors==3.0.0) Requirement already satisfied (use --upgrade to upgrade): Werkzeug>=0.7 in ./env-old/lib/python2.7/site-packages (from Flask>=0.9->flask-cors==3.0.0) Requirement already satisfied (use --upgrade to upgrade): itsdangerous>=0.21 in ./env-old/lib/python2.7/site-packages (from Flask>=0.9->flask-cors==3.0.0) Requirement already satisfied (use --upgrade to upgrade): MarkupSafe in ./env-old/lib/python2.7/site-packages (from Jinja2>=2.4->Flask>=0.9->flask-cors==3.0.0) Installing collected packages: flask-cors Found existing installation: Flask-Cors 2.1.2 Uninstalling Flask-Cors-2.1.2: Successfully uninstalled Flask-Cors-2.1.2 Successfully installed flask-cors-3.0.0 $ pip freeze click==6.6 Flask==0.11.1 Flask-Cors==3.0.0 itsdangerous==0.24 Jinja2==2.8 MarkupSafe==0.23 py==1.4.31 pytest==3.0.1 six==1.10.0 Werkzeug==0.11.11 $ py.test test.py ============================= test session starts ============================== platform darwin -- Python 2.7.12, pytest-3.0.1, py-1.4.31, pluggy-0.3.1 rootdir: /private/tmp, inifile: collected 3 items test.py FF. =================================== FAILURES =================================== __________________ test_regex_origin[http://example.com-True] __________________ origin = 'http://example.com', expected = True @pytest.mark.parametrize('origin, expected', [ ('http://example.com', True), ('https://example.com', True), ('http://failure.com', False), ]) def test_regex_origin(origin, expected): with app.test_client() as client: response = client.get('/', headers={'origin': origin}) > assert ('Access-Control-Allow-Origin' in response.headers) == expected E assert ('Access-Control-Allow-Origin' in Headers([('Content-Type', 'text/html; charset=utf-8'), ('Content-Length', '7')])) == True E + where Headers([('Content-Type', 'text/html; charset=utf-8'), ('Content-Length', '7')]) = <Response streamed [200 OK]>.headers test.py:23: AssertionError _________________ test_regex_origin[https://example.com-True] __________________ origin = 'https://example.com', expected = True @pytest.mark.parametrize('origin, expected', [ ('http://example.com', True), ('https://example.com', True), ('http://failure.com', False), ]) def test_regex_origin(origin, expected): with app.test_client() as client: response = client.get('/', headers={'origin': origin}) > assert ('Access-Control-Allow-Origin' in response.headers) == expected E assert ('Access-Control-Allow-Origin' in Headers([('Content-Type', 'text/html; charset=utf-8'), ('Content-Length', '7')])) == True E + where Headers([('Content-Type', 'text/html; charset=utf-8'), ('Content-Length', '7')]) = <Response streamed [200 OK]>.headers test.py:23: AssertionError ====================== 2 failed, 1 passed in 0.14 seconds ======================
However, if I change the origins parameter to include both HTTP and HTTPS origins as regular strings:
origins
11c11 < CORS(app, origins=[r"https?://example.com"]) --- > CORS(app, origins=["http://example.com", "https://example.com"])
The tests pass:
$ py.test test.py ============================= test session starts ============================== platform darwin -- Python 2.7.12, pytest-3.0.1, py-1.4.31, pluggy-0.3.1 rootdir: /private/tmp, inifile: collected 3 items test.py ... =========================== 3 passed in 0.10 seconds ===========================
The text was updated successfully, but these errors were encountered:
No branches or pull requests
Hi, I am seeing a regression in
3.0.0that I don't see mentioned in the changelog or documentation.Using the following test:
Using
2.1.2:Upgrading to
3.0.0:However, if I change the
originsparameter to include both HTTP and HTTPS origins as regular strings:The tests pass:
The text was updated successfully, but these errors were encountered: