blob: c3cdae2cd21a34ba2bab02de1a53bda2338f9624 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
|
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe Oauth::TokensController do
it 'allows cross-origin POST requests' do
post '/oauth/token', headers: { 'Origin' => 'http://notgitlab.com' }
expect(response.headers['Access-Control-Allow-Origin']).to eq '*'
expect(response.headers['Access-Control-Allow-Methods']).to eq 'POST'
expect(response.headers['Access-Control-Allow-Headers']).to be_nil
expect(response.headers['Access-Control-Allow-Credentials']).to be_nil
end
end
|