From 85c2d5a478008cfa9030e1bddc23fa91e232a573 Mon Sep 17 00:00:00 2001
From: George Goldberg <george@gberg.me>
Date: Thu, 4 May 2017 22:21:28 +0100
Subject: PLT-6393: Fix Websocket CORS header check. (#6335)

---
 api/websocket_test.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'api')

diff --git a/api/websocket_test.go b/api/websocket_test.go
index bda014f06..a65ebc02e 100644
--- a/api/websocket_test.go
+++ b/api/websocket_test.go
@@ -345,7 +345,7 @@ func TestWebsocketOriginSecurity(t *testing.T) {
 	}
 
 	// Should succeed now because matching CORS
-	*utils.Cfg.ServiceSettings.AllowCorsFrom = "www.evil.com"
+	*utils.Cfg.ServiceSettings.AllowCorsFrom = "http://www.evil.com"
 	_, _, err = websocket.DefaultDialer.Dial(url+model.API_URL_SUFFIX_V3+"/users/websocket", http.Header{
 		"Origin": []string{"http://www.evil.com"},
 	})
@@ -354,7 +354,7 @@ func TestWebsocketOriginSecurity(t *testing.T) {
 	}
 
 	// Should fail because non-matching CORS
-	*utils.Cfg.ServiceSettings.AllowCorsFrom = "www.good.com"
+	*utils.Cfg.ServiceSettings.AllowCorsFrom = "http://www.good.com"
 	_, _, err = websocket.DefaultDialer.Dial(url+model.API_URL_SUFFIX_V3+"/users/websocket", http.Header{
 		"Origin": []string{"http://www.evil.com"},
 	})
-- 
cgit v1.2.3-1-g7c22