Remove tests that expect signature failure on OPTIONS preflight

References #411.
gaul · Feb 7, 2024 · 435eb37 · 435eb37
1 parent b1453bd
commit 435eb37
Showing 1 changed file with 0 additions and 52 deletions.
diff --git a/src/test/java/org/gaul/s3proxy/CrossOriginResourceSharingResponseTest.java b/src/test/java/org/gaul/s3proxy/CrossOriginResourceSharingResponseTest.java
@@ -137,58 +137,6 @@ public void tearDown() throws Exception {
         }
     }
 
-    @Test
-    public void testCorsPreflightNegative() throws Exception {
-        // No CORS headers
-        HttpOptions request = new HttpOptions(presignedGET);
-        HttpResponse response = httpClient.execute(request);
-        /*
-         * For non presigned URLs that should give a 400, but the
-         * Access-Control-Request-Method header is needed for presigned URLs
-         * to calculate the same signature. If this is missing it fails already
-         * with 403 - Signature mismatch before processing the OPTIONS request
-         * See testCorsPreflightPublicRead for that cases
-         */
-        assertThat(response.getStatusLine().getStatusCode())
-                .isEqualTo(HttpStatus.SC_FORBIDDEN);
-
-        // Not allowed origin
-        request.reset();
-        request.setHeader(HttpHeaders.ORIGIN, "https://example.org");
-        request.setHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_METHOD, "GET");
-        response = httpClient.execute(request);
-        assertThat(response.getStatusLine().getStatusCode())
-                .isEqualTo(HttpStatus.SC_FORBIDDEN);
-
-        // Not allowed method
-        request.reset();
-        request.setHeader(HttpHeaders.ORIGIN, "https://example.com");
-        request.setHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_METHOD, "PATCH");
-        response = httpClient.execute(request);
-        assertThat(response.getStatusLine().getStatusCode())
-                .isEqualTo(HttpStatus.SC_FORBIDDEN);
-
-        // Not allowed header
-        request.reset();
-        request.setHeader(HttpHeaders.ORIGIN, "https://example.com");
-        request.setHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_METHOD, "GET");
-        request.setHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_HEADERS,
-              "Accept-Encoding");
-        response = httpClient.execute(request);
-        assertThat(response.getStatusLine().getStatusCode())
-                .isEqualTo(HttpStatus.SC_FORBIDDEN);
-
-        // Not allowed header combination
-        request.reset();
-        request.setHeader(HttpHeaders.ORIGIN, "https://example.com");
-        request.setHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_METHOD, "GET");
-        request.setHeader(HttpHeaders.ACCESS_CONTROL_REQUEST_HEADERS,
-                "Accept, Accept-Encoding");
-        response = httpClient.execute(request);
-        assertThat(response.getStatusLine().getStatusCode())
-                .isEqualTo(HttpStatus.SC_FORBIDDEN);
-    }
-
     @Test
     public void testCorsPreflight() throws Exception {
         // Allowed origin and method