Skip to content

Commit

Permalink
Merge pull request #1142 from ftsell/fix/oauth_login_window_opener
Browse files Browse the repository at this point in the history 
Fix builtin Swagger-UI OAuth login
  • Loading branch information
@tfranzel
tfranzel authored Mar 18, 2024
2 parents 4d6c93f + d3eb263 commit 06d3b47
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 0 deletions.
3 changes: 3 additions & 0 deletions drf_spectacular/views.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -146,6 +146,9 @@ def get(self, request, *args, **kwargs):
'schema_auth_names': self._dump(self._get_schema_auth_names()),
},
template_name=self.template_name,
headers={
"Cross-Origin-Opener-Policy": "unsafe-none",
}
)

def _dump(self, data):
Expand Down
7 changes: 7 additions & 0 deletions tests/test_view.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -150,6 +150,13 @@ def test_spectacular_ui_with_raw_settings(no_warnings):
assert b'const swaggerSettings = {"deepLinking": true};\n' in response.content


@pytest.mark.urls(__name__)
def test_spectacular_ui_coop():
response = APIClient().get('/api/v2/schema/swagger-ui/')
assert response.status_code == 200
assert response["Cross-Origin-Opener-Policy"] == "unsafe-none"


@pytest.mark.urls(__name__)
def test_spectacular_ui_param_passthrough(no_warnings):
response = APIClient().get('/api/v2/schema/swagger-ui/?foo=bar&lang=jp&version=v2')
Expand Down

0 comments on commit 06d3b47

Please sign in to comment.