GitHub/kill-the-news
1
0
Fork 0
mirror of https://github.com/juherr/kill-the-news.git synced 2026-06-20 22:03:48 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
3ad0188bc08c10c1914bc00fa4c4586102be64e9
kill-the-news/src/index.test.ts
T
Julien Herr fd6a1a945f feat(landing): show animated live demo stats counters 
Add a "Live from the demo instance" section to the landing page that
fetches feeds_created and emails_received from the demo /api/stats and
counts them up on scroll into view. Make /api/stats publicly readable
(CORS *) and refresh the stale allowlist origins to kill-the.news.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-23 10:09:13 +02:00

57 lines
1.7 KiB
TypeScript
Raw Blame History

import { describe, it, expect } from "vitest";
import worker from "./index";
import { createMockEnv } from "./test/setup";
import type { Env } from "./types";
const env = createMockEnv();
function req(path: string, init: RequestInit = {}): Request {
return new Request(`https://test.getmynews.app${path}`, init);
}
describe("CORS middleware", () => {
it("adds CORS headers for an allowed origin", async () => {
const res = await worker.fetch(
req("/rss/some-feed", { headers: { Origin: "https://kill-the.news" } }),
env as unknown as Env,
);
expect(res.headers.get("Access-Control-Allow-Origin")).toBe(
"https://kill-the.news",
);
});
it("omits CORS headers for an unknown origin", async () => {
const res = await worker.fetch(
req("/rss/some-feed", { headers: { Origin: "https://evil.com" } }),
env as unknown as Env,
);
expect(res.headers.get("Access-Control-Allow-Origin")).toBeNull();
});
it("handles OPTIONS preflight for an allowed origin with 204", async () => {
const res = await worker.fetch(
req("/rss/some-feed", {
method: "OPTIONS",
headers: {
Origin: "https://kill-the.news",
"Access-Control-Request-Method": "GET",
},
}),
env as unknown as Env,
);
expect(res.status).toBe(204);
expect(res.headers.get("Access-Control-Allow-Origin")).toBe(
"https://kill-the.news",
);
});
it("makes /api/stats readable from any origin", async () => {
const res = await worker.fetch(
req("/api/stats", { headers: { Origin: "https://example.com" } }),
env as unknown as Env,
);
expect(res.status).toBe(200);
expect(res.headers.get("Access-Control-Allow-Origin")).toBe("*");
});
});
Reference in New Issue View Git Blame Copy Permalink