diff options
Diffstat (limited to 'api/websocket_test.go')
-rw-r--r-- | api/websocket_test.go | 11 |
1 files changed, 5 insertions, 6 deletions
diff --git a/api/websocket_test.go b/api/websocket_test.go index 42604124b..0a39a012f 100644 --- a/api/websocket_test.go +++ b/api/websocket_test.go @@ -13,7 +13,6 @@ import ( "github.com/gorilla/websocket" "github.com/mattermost/mattermost-server/model" - "github.com/mattermost/mattermost-server/utils" ) /*func TestWebSocketAuthentication(t *testing.T) { @@ -343,7 +342,7 @@ func TestWebsocketOriginSecurity(t *testing.T) { } // Should succeed now because open CORS - *utils.Cfg.ServiceSettings.AllowCorsFrom = "*" + th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.AllowCorsFrom = "*" }) _, _, err = websocket.DefaultDialer.Dial(url+model.API_URL_SUFFIX_V3+"/users/websocket", http.Header{ "Origin": []string{"http://www.evil.com"}, }) @@ -352,7 +351,7 @@ func TestWebsocketOriginSecurity(t *testing.T) { } // Should succeed now because matching CORS - *utils.Cfg.ServiceSettings.AllowCorsFrom = "http://www.evil.com" + th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.AllowCorsFrom = "http://www.evil.com" }) _, _, err = websocket.DefaultDialer.Dial(url+model.API_URL_SUFFIX_V3+"/users/websocket", http.Header{ "Origin": []string{"http://www.evil.com"}, }) @@ -361,7 +360,7 @@ func TestWebsocketOriginSecurity(t *testing.T) { } // Should fail because non-matching CORS - *utils.Cfg.ServiceSettings.AllowCorsFrom = "http://www.good.com" + th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.AllowCorsFrom = "http://www.good.com" }) _, _, err = websocket.DefaultDialer.Dial(url+model.API_URL_SUFFIX_V3+"/users/websocket", http.Header{ "Origin": []string{"http://www.evil.com"}, }) @@ -370,7 +369,7 @@ func TestWebsocketOriginSecurity(t *testing.T) { } // Should fail because non-matching CORS - *utils.Cfg.ServiceSettings.AllowCorsFrom = "http://www.good.com" + th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.AllowCorsFrom = "http://www.good.com" }) _, _, err = websocket.DefaultDialer.Dial(url+model.API_URL_SUFFIX_V3+"/users/websocket", http.Header{ "Origin": []string{"http://www.good.co"}, }) @@ -378,5 +377,5 @@ func TestWebsocketOriginSecurity(t *testing.T) { t.Fatal("Should have errored because Origin does not match host! SECURITY ISSUE!") } - *utils.Cfg.ServiceSettings.AllowCorsFrom = "" + th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.AllowCorsFrom = "" }) } |