Skip to content

Commit

Permalink
fix: allow methods check (#8968)
Browse files Browse the repository at this point in the history
fixes #8967
  • Loading branch information
eltigerchino authored Feb 9, 2023
1 parent 15c2777 commit bef54f6
Show file tree
Hide file tree
Showing 3 changed files with 13 additions and 1 deletion.
5 changes: 5 additions & 0 deletions .changeset/dirty-days-fix.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
---
'@sveltejs/kit': patch
---

fix: correctly include exported http methods in allow header
2 changes: 1 addition & 1 deletion packages/kit/src/runtime/server/utils.js
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ export function method_not_allowed(mod, method) {
export function allowed_methods(mod) {
const allowed = [];

for (const method in ['GET', 'POST', 'PUT', 'PATCH', 'DELETE']) {
for (const method of ['GET', 'POST', 'PUT', 'PATCH', 'DELETE']) {
if (method in mod) allowed.push(method);
}

Expand Down
7 changes: 7 additions & 0 deletions packages/kit/test/apps/basics/test/server.test.js
Original file line number Diff line number Diff line change
Expand Up @@ -108,6 +108,13 @@ test.describe('Endpoints', () => {
});
});

test('invalid request method returns allow header', async ({ request }) => {
const response = await request.post('/endpoint-output/body');

expect(response.status()).toBe(405);
expect(response.headers()['allow'].includes('GET'));
});

// TODO all the remaining tests in this section are really only testing
// setResponse, since we're not otherwise changing anything on the response.
// might be worth making these unit tests instead
Expand Down

0 comments on commit bef54f6

Please sign in to comment.