diff --git a/s3tests/functional/test_s3.py b/s3tests/functional/test_s3.py index 59130b3..56935ab 100644 --- a/s3tests/functional/test_s3.py +++ b/s3tests/functional/test_s3.py @@ -4330,6 +4330,8 @@ def test_cors_origin_response(): bucket.set_cors(cfg) + time.sleep(3) # waiting, since if running against amazon data consistency model is not strict read-after-write + url = _get_post_url(s3.main, bucket) _cors_request_and_check(requests.get, url, None, 200, None, None) @@ -4346,12 +4348,35 @@ def test_cors_origin_response(): obj_url = '{u}/{o}'.format(u=url, o='bar') _cors_request_and_check(requests.get, obj_url, {'Origin': 'foo.suffix'}, 404, 'foo.suffix', 'GET') - _cors_request_and_check(requests.put, obj_url, {'Origin': 'foo.suffix'}, 403, None, None) + _cors_request_and_check(requests.put, obj_url, {'Origin': 'foo.suffix', 'Access-Control-Request-Method': 'GET', + 'content-length': '0'}, 403, 'foo.suffix', 'GET') + _cors_request_and_check(requests.put, obj_url, {'Origin': 'foo.suffix', 'Access-Control-Request-Method': 'PUT', + 'content-length': '0'}, 403, None, None) + _cors_request_and_check(requests.put, obj_url, {'Origin': 'foo.suffix', 'Access-Control-Request-Method': 'DELETE', + 'content-length': '0'}, 403, None, None) + _cors_request_and_check(requests.put, obj_url, {'Origin': 'foo.suffix', 'content-length': '0'}, 403, None, None) - _cors_request_and_check(requests.put, obj_url, {'Origin': 'foo.put'}, 403, 'foo.put', 'PUT') + _cors_request_and_check(requests.put, obj_url, {'Origin': 'foo.put', 'content-length': '0'}, 403, 'foo.put', 'PUT') _cors_request_and_check(requests.get, obj_url, {'Origin': 'foo.suffix'}, 404, 'foo.suffix', 'GET') + _cors_request_and_check(requests.options, url, None, 400, None, None) + _cors_request_and_check(requests.options, url, {'Origin': 'foo.suffix'}, 400, None, None) + _cors_request_and_check(requests.options, url, {'Origin': 'bla'}, 400, None, None) + _cors_request_and_check(requests.options, obj_url, {'Origin': 'foo.suffix', 'Access-Control-Request-Method': 'GET', + 'content-length': '0'}, 200, 'foo.suffix', 'GET') + _cors_request_and_check(requests.options, url, {'Origin': 'foo.bar', 'Access-Control-Request-Method': 'GET'}, 403, None, None) + _cors_request_and_check(requests.options, url, {'Origin': 'foo.suffix.get', 'Access-Control-Request-Method': 'GET'}, 403, None, None) + _cors_request_and_check(requests.options, url, {'Origin': 'startend', 'Access-Control-Request-Method': 'GET'}, 200, 'startend', 'GET') + _cors_request_and_check(requests.options, url, {'Origin': 'start1end', 'Access-Control-Request-Method': 'GET'}, 200, 'start1end', 'GET') + _cors_request_and_check(requests.options, url, {'Origin': 'start12end', 'Access-Control-Request-Method': 'GET'}, 200, 'start12end', 'GET') + _cors_request_and_check(requests.options, url, {'Origin': '0start12end', 'Access-Control-Request-Method': 'GET'}, 403, None, None) + _cors_request_and_check(requests.options, url, {'Origin': 'prefix', 'Access-Control-Request-Method': 'GET'}, 200, 'prefix', 'GET') + _cors_request_and_check(requests.options, url, {'Origin': 'prefix.suffix', 'Access-Control-Request-Method': 'GET'}, 200, 'prefix.suffix', 'GET') + _cors_request_and_check(requests.options, url, {'Origin': 'bla.prefix', 'Access-Control-Request-Method': 'GET'}, 403, None, None) + _cors_request_and_check(requests.options, url, {'Origin': 'foo.put', 'Access-Control-Request-Method': 'GET'}, 403, None, None) + _cors_request_and_check(requests.options, url, {'Origin': 'foo.put', 'Access-Control-Request-Method': 'PUT'}, 200, 'foo.put', 'PUT') + class FakeFile(object): """