search

mock-server / mockserver

MockServer enables easy mocking of any system you integrate with via HTTP or HTTPS with clients written in Java, JavaScript and Ruby. MockServer also includes a proxy that introspects all proxied traffic including encrypted SSL traffic and supports Port Forwarding, Web Proxying (i.e. HTTP proxy), HTTPS Tunneling Proxying (using HTTP CONNECT) and SOCKS Proxying (i.e. dynamic port forwarding).
http://mock-server.com
Apache License 2.0
4.57k stars 1.07k forks source link

Disable CORS not working with JavaScript client #501

Closed ghost closed 5 years ago

ghost commented 6 years ago

Hi,

I'm running the mock server standalone (also tried running the version installed with homebrew), then I'm using the JavaScript client to set expectations:

mockServerClient('localhost', 3010).mockAnyResponse({
  httpRequest: {
    method: 'OPTIONS',
    path: '/oauth/token',
  },
  httpResponse: {
    statusCode: 200,
    headers: [
      {
        name: 'Access-Control-Allow-Headers',
        values: ['x-requested-with', 'authorization', 'content-type']
      },
      {
        name: 'Access-Control-Allow-Methods',
        values: ['GET', 'POST', 'PUT', 'OPTIONS', 'DELETE']
      },
      {
        name: 'Access-Control-Allow-Origin',
        values: ['*']
      },
      {
        name: 'Access-Control-Max-Age',
        values: ['3600']
      }
    ]
  }
})

I have tried lots of different options to disable CORS when booting the mock server, but I still seem to get responses back with the X-CORS header, along with the default headers that are added when CORS is switched on, and all of my headers specified in the expectation are missing.

X-CORS: MockServer CORS support enabled by default, to disable ConfigurationProperties.enableCORSForAPI(false) or -Dmockserver.disableCORS=false

I have tried booting the mock server in different way to disable CORS:

mockserver -serverPort 3010 -Dmockserver.disableCORS true
java -Dmockserver.disableCORS=true -jar "./test/mockserver-netty-5.3.0-jar-with-dependencies.jar" -serverPort 3010
java -DenableCORSForAllResponses=false -jar "./test/mockserver-netty-5.3.0-jar-with-dependencies.jar" -serverPort 3010

But I'm still getting the mock server CORS headers. Am I missing something?

Everything else seems to be working. Sending the requests in Postman respond with what is defined in the expectation.

I'm starting to believe there might be something wrong with the CORS stuff when using the JavaScript client, but it may also be something I'm doing wrong. I need help!

It's also worth mentioning that when I send the request in Postman, I can see the log in the terminal and mock server is telling me it's received a request and is responding. But when the request is sent by the browser, the terminal doesn't tell me anything. The request is still going to mock server though because it's adding the X-CORS: MockServer CORS support enabled by default ... header. I'm not sure if this is related or if it helps, just something I've noticed.

ghost commented 6 years ago

Managed to get it working with

java -Dmockserver.enableCORSForAPI=false -jar "./test/mockserver-netty-5.3.0-jar-with-dependencies.jar" -serverPort 3010

-Dmockserver.enableCORSForAPI=false

I found the answer here: https://github.com/jamesdbloom/mockserver/issues/429

The arguments you can pass are almost the same, pretty easy to miss where you've gone wrong.

jamesdbloom commented 5 years ago

The documentation has been updated so closing issue