Fix #313 - Do not treat OPTIONS [base]/foo as a request for server's
conformance statement. Thanks to Michael Lawley for reporting!
This commit is contained in:
parent
270ba270cc
commit
452316aed7
|
@ -81,7 +81,9 @@ public class ConformanceMethodBinding extends BaseResourceReturningMethodBinding
|
|||
@Override
|
||||
public boolean incomingServerRequestMatchesMethod(RequestDetails theRequest) {
|
||||
if (theRequest.getRequestType() == RequestTypeEnum.OPTIONS) {
|
||||
return true;
|
||||
if (theRequest.getOperation() == null && theRequest.getResourceName() == null) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
if (theRequest.getResourceName() != null) {
|
||||
|
|
|
@ -36,9 +36,11 @@ import ca.uhn.fhir.util.PortUtil;
|
|||
public class ServerFeaturesDstu2Test {
|
||||
|
||||
private static CloseableHttpClient ourClient;
|
||||
private static FhirContext ourCtx = FhirContext.forDstu2();
|
||||
private static final org.slf4j.Logger ourLog = org.slf4j.LoggerFactory.getLogger(ServerFeaturesDstu2Test.class);
|
||||
private static int ourPort;
|
||||
private static Server ourServer;
|
||||
private static FhirContext ourCtx = FhirContext.forDstu2();
|
||||
|
||||
private static RestfulServer ourServlet;
|
||||
|
||||
@Test
|
||||
|
@ -50,6 +52,72 @@ public class ServerFeaturesDstu2Test {
|
|||
|
||||
assertEquals(200, status.getStatusLine().getStatusCode());
|
||||
assertThat(responseContent, containsString("<Conformance"));
|
||||
|
||||
/*
|
||||
* Now with a leading /
|
||||
*/
|
||||
|
||||
httpGet = new HttpOptions("http://localhost:" + ourPort + "/");
|
||||
status = ourClient.execute(httpGet);
|
||||
responseContent = IOUtils.toString(status.getEntity().getContent());
|
||||
IOUtils.closeQuietly(status.getEntity().getContent());
|
||||
|
||||
assertEquals(200, status.getStatusLine().getStatusCode());
|
||||
assertThat(responseContent, containsString("<Conformance"));
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* See #313
|
||||
*/
|
||||
@Test
|
||||
public void testOptionsForNonBasePath1() throws Exception {
|
||||
HttpOptions httpGet = new HttpOptions("http://localhost:" + ourPort + "/Foo");
|
||||
HttpResponse status = ourClient.execute(httpGet);
|
||||
String responseContent = IOUtils.toString(status.getEntity().getContent());
|
||||
IOUtils.closeQuietly(status.getEntity().getContent());
|
||||
|
||||
ourLog.info(responseContent);
|
||||
assertEquals(400, status.getStatusLine().getStatusCode());
|
||||
}
|
||||
|
||||
/**
|
||||
* See #313
|
||||
*/
|
||||
@Test
|
||||
public void testOptionsForNonBasePath3() throws Exception {
|
||||
HttpOptions httpGet = new HttpOptions("http://localhost:" + ourPort + "/metadata");
|
||||
HttpResponse status = ourClient.execute(httpGet);
|
||||
String responseContent = IOUtils.toString(status.getEntity().getContent());
|
||||
IOUtils.closeQuietly(status.getEntity().getContent());
|
||||
|
||||
ourLog.info(responseContent);
|
||||
assertEquals(405, status.getStatusLine().getStatusCode());
|
||||
}
|
||||
|
||||
/**
|
||||
* See #313
|
||||
*/
|
||||
@Test
|
||||
public void testOptionsForNonBasePath2() throws Exception {
|
||||
HttpOptions httpGet = new HttpOptions("http://localhost:" + ourPort + "/Patient/1");
|
||||
HttpResponse status = ourClient.execute(httpGet);
|
||||
String responseContent = IOUtils.toString(status.getEntity().getContent());
|
||||
IOUtils.closeQuietly(status.getEntity().getContent());
|
||||
|
||||
ourLog.info(responseContent);
|
||||
assertEquals(400, status.getStatusLine().getStatusCode());
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testOptionsJson() throws Exception {
|
||||
HttpOptions httpGet = new HttpOptions("http://localhost:" + ourPort + "?_format=json");
|
||||
HttpResponse status = ourClient.execute(httpGet);
|
||||
String responseContent = IOUtils.toString(status.getEntity().getContent());
|
||||
IOUtils.closeQuietly(status.getEntity().getContent());
|
||||
|
||||
assertEquals(200, status.getStatusLine().getStatusCode());
|
||||
assertThat(responseContent, containsString("resourceType\":\"Conformance"));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
@ -77,17 +145,6 @@ public class ServerFeaturesDstu2Test {
|
|||
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testOptionsJson() throws Exception {
|
||||
HttpOptions httpGet = new HttpOptions("http://localhost:" + ourPort + "?_format=json");
|
||||
HttpResponse status = ourClient.execute(httpGet);
|
||||
String responseContent = IOUtils.toString(status.getEntity().getContent());
|
||||
IOUtils.closeQuietly(status.getEntity().getContent());
|
||||
|
||||
assertEquals(200, status.getStatusLine().getStatusCode());
|
||||
assertThat(responseContent, containsString("resourceType\":\"Conformance"));
|
||||
}
|
||||
|
||||
@AfterClass
|
||||
public static void afterClass() throws Exception {
|
||||
ourServer.stop();
|
||||
|
@ -119,6 +176,11 @@ public class ServerFeaturesDstu2Test {
|
|||
|
||||
public static class DummyPatientResourceProvider implements IResourceProvider {
|
||||
|
||||
@Override
|
||||
public Class<? extends IResource> getResourceType() {
|
||||
return Patient.class;
|
||||
}
|
||||
|
||||
@Read
|
||||
public Patient read(@IdParam IdDt theId) {
|
||||
Patient p1 = new Patient();
|
||||
|
@ -127,15 +189,15 @@ public class ServerFeaturesDstu2Test {
|
|||
return p1;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
public static class DummyPatientResourceProvider2 implements IResourceProvider {
|
||||
|
||||
@Override
|
||||
public Class<? extends IResource> getResourceType() {
|
||||
return Patient.class;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
public static class DummyPatientResourceProvider2 implements IResourceProvider {
|
||||
|
||||
@Read
|
||||
public Patient read(@IdParam IdDt theId) {
|
||||
Patient p1 = new Patient();
|
||||
|
@ -144,11 +206,6 @@ public class ServerFeaturesDstu2Test {
|
|||
return p1;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Class<? extends IResource> getResourceType() {
|
||||
return Patient.class;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -224,6 +224,12 @@
|
|||
field in the deserialized object could not be
|
||||
modified. Thanks to Thomas Andersen for reporting!
|
||||
</action>
|
||||
<action type="fix" issue="313">
|
||||
REST Server responded to HTTP OPTIONS requests with
|
||||
any URI as being a request for the server's
|
||||
Conformance statement. This is incorrect, as only
|
||||
a request for <![CDATA[<code>OPTIONS [base url]</code>]]> should be treated as such. Thanks to Michael Lawley for reporting!
|
||||
</action>
|
||||
</release>
|
||||
<release version="1.4" date="2016-02-04">
|
||||
<action type="add">
|
||||
|
|
Loading…
Reference in New Issue