core/tests/components/http/test_cors.py

"""Test cors for the HTTP component."""
from http import HTTPStatus
from pathlib import Path
from unittest.mock import patch

from aiohttp import web
from aiohttp.hdrs import (
    ACCESS_CONTROL_ALLOW_HEADERS,
    ACCESS_CONTROL_ALLOW_ORIGIN,
    ACCESS_CONTROL_REQUEST_HEADERS,
    ACCESS_CONTROL_REQUEST_METHOD,
    AUTHORIZATION,
    ORIGIN,
)
import pytest

from homeassistant.components.http.cors import setup_cors
from homeassistant.components.http.view import HomeAssistantView
from homeassistant.core import HomeAssistant
from homeassistant.setup import async_setup_component

from . import HTTP_HEADER_HA_AUTH

from tests.typing import ClientSessionGenerator

TRUSTED_ORIGIN = "https://home-assistant.io"


async def test_cors_middleware_loaded_by_default(hass: HomeAssistant) -> None:
    """Test accessing to server from banned IP when feature is off."""
    with patch("homeassistant.components.http.setup_cors") as mock_setup:
        await async_setup_component(hass, "http", {"http": {}})

    assert len(mock_setup.mock_calls) == 1


async def test_cors_middleware_loaded_from_config(hass: HomeAssistant) -> None:
    """Test accessing to server from banned IP when feature is off."""
    with patch("homeassistant.components.http.setup_cors") as mock_setup:
        await async_setup_component(
            hass,
            "http",
            {"http": {"cors_allowed_origins": ["http://home-assistant.io"]}},
        )

    assert len(mock_setup.mock_calls) == 1


async def mock_handler(request):
    """Return if request was authenticated."""
    return web.Response()


@pytest.fixture
def client(event_loop, aiohttp_client):
    """Fixture to set up a web.Application."""
    app = web.Application()
    setup_cors(app, [TRUSTED_ORIGIN])
    app["allow_configured_cors"](app.router.add_get("/", mock_handler))
    return event_loop.run_until_complete(aiohttp_client(app))


async def test_cors_requests(client) -> None:
    """Test cross origin requests."""
    req = await client.get("/", headers={ORIGIN: TRUSTED_ORIGIN})
    assert req.status == HTTPStatus.OK
    assert req.headers[ACCESS_CONTROL_ALLOW_ORIGIN] == TRUSTED_ORIGIN

    # With password in URL
    req = await client.get(
        "/", params={"api_password": "some-pass"}, headers={ORIGIN: TRUSTED_ORIGIN}
    )
    assert req.status == HTTPStatus.OK
    assert req.headers[ACCESS_CONTROL_ALLOW_ORIGIN] == TRUSTED_ORIGIN

    # With password in headers
    req = await client.get(
        "/", headers={HTTP_HEADER_HA_AUTH: "some-pass", ORIGIN: TRUSTED_ORIGIN}
    )
    assert req.status == HTTPStatus.OK
    assert req.headers[ACCESS_CONTROL_ALLOW_ORIGIN] == TRUSTED_ORIGIN

    # With auth token in headers
    req = await client.get(
        "/", headers={AUTHORIZATION: "Bearer some-token", ORIGIN: TRUSTED_ORIGIN}
    )
    assert req.status == HTTPStatus.OK
    assert req.headers[ACCESS_CONTROL_ALLOW_ORIGIN] == TRUSTED_ORIGIN


async def test_cors_preflight_allowed(client) -> None:
    """Test cross origin resource sharing preflight (OPTIONS) request."""
    req = await client.options(
        "/",
        headers={
            ORIGIN: TRUSTED_ORIGIN,
            ACCESS_CONTROL_REQUEST_METHOD: "GET",
            ACCESS_CONTROL_REQUEST_HEADERS: "x-requested-with",
        },
    )

    assert req.status == HTTPStatus.OK
    assert req.headers[ACCESS_CONTROL_ALLOW_ORIGIN] == TRUSTED_ORIGIN
    assert req.headers[ACCESS_CONTROL_ALLOW_HEADERS] == "X-REQUESTED-WITH"


async def test_cors_middleware_with_cors_allowed_view(hass: HomeAssistant) -> None:
    """Test that we can configure cors and have a cors_allowed view."""

    class MyView(HomeAssistantView):
        """Test view that allows CORS."""

        requires_auth = False
        cors_allowed = True

        def __init__(self, url, name):
            """Initialize test view."""
            self.url = url
            self.name = name

        async def get(self, request):
            """Test response."""
            return "test"

    assert await async_setup_component(
        hass, "http", {"http": {"cors_allowed_origins": ["http://home-assistant.io"]}}
    )

    hass.http.register_view(MyView("/api/test", "api:test"))
    hass.http.register_view(MyView("/api/test", "api:test2"))
    hass.http.register_view(MyView("/api/test2", "api:test"))

    hass.http.app._on_startup.freeze()
    await hass.http.app.startup()


async def test_cors_works_with_frontend(
    hass: HomeAssistant, hass_client: ClientSessionGenerator
) -> None:
    """Test CORS works with the frontend."""
    assert await async_setup_component(
        hass,
        "frontend",
        {"http": {"cors_allowed_origins": ["http://home-assistant.io"]}},
    )
    client = await hass_client()
    resp = await client.get("/")
    assert resp.status == HTTPStatus.OK


async def test_cors_on_static_files(
    hass: HomeAssistant, hass_client: ClientSessionGenerator
) -> None:
    """Test that we enable CORS for static files."""
    assert await async_setup_component(
        hass, "frontend", {"http": {"cors_allowed_origins": ["http://www.example.com"]}}
    )
    hass.http.register_static_path("/something", str(Path(__file__).parent))

    client = await hass_client()
    resp = await client.options(
        "/something/__init__.py",
        headers={
            "origin": "http://www.example.com",
            ACCESS_CONTROL_REQUEST_METHOD: "GET",
        },
    )
    assert resp.status == HTTPStatus.OK
    assert resp.headers[ACCESS_CONTROL_ALLOW_ORIGIN] == "http://www.example.com"
Cleanup http (#12424) * Clean up HTTP component * Clean up HTTP mock * Remove unused import * Fix test * Lint 2018-02-15 21:06:14 +00:00			`"""Test cors for the HTTP component."""`
Use http.HTTPStatus in components/[gh]* (#58246) 2021-10-23 18:34:53 +00:00			`from http import HTTPStatus`
Allow cors for static files (#25468) 2019-07-25 11:52:27 +00:00			`from pathlib import Path`
Drop asynctest (#44746) 2021-01-01 21:31:56 +00:00			`from unittest.mock import patch`
Cleanup http (#12424) * Clean up HTTP component * Clean up HTTP mock * Remove unused import * Fix test * Lint 2018-02-15 21:06:14 +00:00
			`from aiohttp import web`
			`from aiohttp.hdrs import (`
			`ACCESS_CONTROL_ALLOW_HEADERS,`
Sort imports according to PEP8 for http (#29679) 2019-12-09 10:59:38 +00:00			`ACCESS_CONTROL_ALLOW_ORIGIN,`
Cleanup http (#12424) * Clean up HTTP component * Clean up HTTP mock * Remove unused import * Fix test * Lint 2018-02-15 21:06:14 +00:00			`ACCESS_CONTROL_REQUEST_HEADERS,`
			`ACCESS_CONTROL_REQUEST_METHOD,`
Fix authorization header in cors (#21662) * Fix authorization headers in cors * Use aiohttp authorization header instead of custom const 2019-03-09 18:00:10 +00:00			`AUTHORIZATION,`
Black 2019-07-31 19:25:30 +00:00			`ORIGIN,`
Cleanup http (#12424) * Clean up HTTP component * Clean up HTTP mock * Remove unused import * Fix test * Lint 2018-02-15 21:06:14 +00:00			`)`
			`import pytest`

			`from homeassistant.components.http.cors import setup_cors`
Fix CORS duplicate registration (#15670) 2018-07-25 09:36:44 +00:00			`from homeassistant.components.http.view import HomeAssistantView`
Add type hints to integration tests (h-i) (#87703) 2023-02-08 17:12:56 +00:00			`from homeassistant.core import HomeAssistant`
Sort imports according to PEP8 for http (#29679) 2019-12-09 10:59:38 +00:00			`from homeassistant.setup import async_setup_component`
Cleanup http (#12424) * Clean up HTTP component * Clean up HTTP mock * Remove unused import * Fix test * Lint 2018-02-15 21:06:14 +00:00
Remove direct authentication via trusted networks or API password (#27656) * Remove direct authentication via trusted networks and API password * Fix tests 2019-10-14 21:56:45 +00:00			`from . import HTTP_HEADER_HA_AUTH`

Add type hints to integration tests (h-i) (#87703) 2023-02-08 17:12:56 +00:00			`from tests.typing import ClientSessionGenerator`

Black 2019-07-31 19:25:30 +00:00			`TRUSTED_ORIGIN = "https://home-assistant.io"`
Cleanup http (#12424) * Clean up HTTP component * Clean up HTTP mock * Remove unused import * Fix test * Lint 2018-02-15 21:06:14 +00:00

Add type hints to integration tests (h-i) (#87703) 2023-02-08 17:12:56 +00:00			`async def test_cors_middleware_loaded_by_default(hass: HomeAssistant) -> None:`
Cleanup http (#12424) * Clean up HTTP component * Clean up HTTP mock * Remove unused import * Fix test * Lint 2018-02-15 21:06:14 +00:00			`"""Test accessing to server from banned IP when feature is off."""`
Black 2019-07-31 19:25:30 +00:00			`with patch("homeassistant.components.http.setup_cors") as mock_setup:`
			`await async_setup_component(hass, "http", {"http": {}})`
Cleanup http (#12424) * Clean up HTTP component * Clean up HTTP mock * Remove unused import * Fix test * Lint 2018-02-15 21:06:14 +00:00
Allow CORS requests to token endpoint (#15519) * Allow CORS requests to token endpoint * Tests * Fuck emulated hue * Clean up * Only cors existing methods 2018-07-19 06:37:00 +00:00			`assert len(mock_setup.mock_calls) == 1`
Cleanup http (#12424) * Clean up HTTP component * Clean up HTTP mock * Remove unused import * Fix test * Lint 2018-02-15 21:06:14 +00:00

Add type hints to integration tests (h-i) (#87703) 2023-02-08 17:12:56 +00:00			`async def test_cors_middleware_loaded_from_config(hass: HomeAssistant) -> None:`
Cleanup http (#12424) * Clean up HTTP component * Clean up HTTP mock * Remove unused import * Fix test * Lint 2018-02-15 21:06:14 +00:00			`"""Test accessing to server from banned IP when feature is off."""`
Black 2019-07-31 19:25:30 +00:00			`with patch("homeassistant.components.http.setup_cors") as mock_setup:`
			`await async_setup_component(`
			`hass,`
			`"http",`
			`{"http": {"cors_allowed_origins": ["http://home-assistant.io"]}},`
			`)`
Cleanup http (#12424) * Clean up HTTP component * Clean up HTTP mock * Remove unused import * Fix test * Lint 2018-02-15 21:06:14 +00:00
			`assert len(mock_setup.mock_calls) == 1`


Move HomeAssistantView to separate file. Convert http to async syntax. [skip ci] (#12982) * Move HomeAssistantView to separate file. Convert http to async syntax. * pylint * websocket api * update emulated_hue for async/await * Lint 2018-03-09 01:51:49 +00:00			`async def mock_handler(request):`
Cleanup http (#12424) * Clean up HTTP component * Clean up HTTP mock * Remove unused import * Fix test * Lint 2018-02-15 21:06:14 +00:00			`"""Return if request was authenticated."""`
Remove redundant aiohttp response status=200 kwargs (#56417) * Remove redundant aiohttp response status=200 kwargs * Remove some more in h.c.auth * Restore explicit status=HTTP_OK for auth and webhook per review request 2021-09-21 17:51:12 +00:00			`return web.Response()`
Cleanup http (#12424) * Clean up HTTP component * Clean up HTTP mock * Remove unused import * Fix test * Lint 2018-02-15 21:06:14 +00:00

			`@pytest.fixture`
Upgrade pytest-aiohttp (#82475) * Upgrade pytest-aiohttp * Make sure executors, tasks and timers are closed Some test will trigger warnings on garbage collect, these warnings spills over into next test. Some test trigger tasks that raise errors on shutdown, these spill over into next test. This is to mimic older pytest-aiohttp and it's behaviour on test cleanup. Discussions on similar changes for pytest-aiohttp are here: https://github.com/pytest-dev/pytest-asyncio/pull/309 * Replace loop with event_loop * Make sure time is frozen for tests * Make sure the ConditionType is not async /home-assistant/homeassistant/helpers/template.py:2082: RuntimeWarning: coroutine 'AsyncMockMixin._execute_mock_call' was never awaited def wrapper(args, kwargs): Enable tracemalloc to get traceback where the object was allocated. See https://docs.pytest.org/en/stable/how-to/capture-warnings.html#resource-warnings for more info. Increase litejet press tests with a factor 10 The times are simulated anyway, and we can't stop the normal event from occuring. * Use async handlers for aiohttp tests/components/motioneye/test_camera.py::test_get_still_image_from_camera tests/components/motioneye/test_camera.py::test_get_still_image_from_camera tests/components/motioneye/test_camera.py::test_get_stream_from_camera tests/components/motioneye/test_camera.py::test_get_stream_from_camera tests/components/motioneye/test_camera.py::test_camera_option_stream_url_template tests/components/motioneye/test_camera.py::test_camera_option_stream_url_template /Users/joakim/src/hass/home-assistant/venv/lib/python3.9/site-packages/aiohttp/web_urldispatcher.py:189: DeprecationWarning: Bare functions are deprecated, use async ones warnings.warn( * Switch to freezegun in modbus tests The tests allowed clock to tick in between steps * Make sure skybell object are fully mocked Old tests would trigger attempts to post to could services: ``` DEBUG:aioskybell:HTTP post https://cloud.myskybell.com/api/v3/login/ Request with headers: {'content-type': 'application/json', 'accept': '/', 'x-skybell-app-id': 'd2b542c7-a7e4-4e1e-b77d-2b76911c7c46', 'x-skybell-client-id': '1f36a3c0-6dee-4997-a6db-4e1c67338e57'} ``` * Fix sorting that broke after rebase 2022-11-29 21:36:36 +00:00			`def client(event_loop, aiohttp_client):`
Grammar and spelling fixes (#16065) 2018-08-19 20:29:08 +00:00			`"""Fixture to set up a web.Application."""`
Cleanup http (#12424) * Clean up HTTP component * Clean up HTTP mock * Remove unused import * Fix test * Lint 2018-02-15 21:06:14 +00:00			`app = web.Application()`
			`setup_cors(app, [TRUSTED_ORIGIN])`
Fix CORS (#59360) * Fix CORS * rename * Update view.py 2021-11-09 17:30:51 +00:00			`app["allow_configured_cors"](app.router.add_get("/", mock_handler))`
Upgrade pytest-aiohttp (#82475) * Upgrade pytest-aiohttp * Make sure executors, tasks and timers are closed Some test will trigger warnings on garbage collect, these warnings spills over into next test. Some test trigger tasks that raise errors on shutdown, these spill over into next test. This is to mimic older pytest-aiohttp and it's behaviour on test cleanup. Discussions on similar changes for pytest-aiohttp are here: https://github.com/pytest-dev/pytest-asyncio/pull/309 * Replace loop with event_loop * Make sure time is frozen for tests * Make sure the ConditionType is not async /home-assistant/homeassistant/helpers/template.py:2082: RuntimeWarning: coroutine 'AsyncMockMixin._execute_mock_call' was never awaited def wrapper(args, kwargs): Enable tracemalloc to get traceback where the object was allocated. See https://docs.pytest.org/en/stable/how-to/capture-warnings.html#resource-warnings for more info. Increase litejet press tests with a factor 10 The times are simulated anyway, and we can't stop the normal event from occuring. * Use async handlers for aiohttp tests/components/motioneye/test_camera.py::test_get_still_image_from_camera tests/components/motioneye/test_camera.py::test_get_still_image_from_camera tests/components/motioneye/test_camera.py::test_get_stream_from_camera tests/components/motioneye/test_camera.py::test_get_stream_from_camera tests/components/motioneye/test_camera.py::test_camera_option_stream_url_template tests/components/motioneye/test_camera.py::test_camera_option_stream_url_template /Users/joakim/src/hass/home-assistant/venv/lib/python3.9/site-packages/aiohttp/web_urldispatcher.py:189: DeprecationWarning: Bare functions are deprecated, use async ones warnings.warn( * Switch to freezegun in modbus tests The tests allowed clock to tick in between steps * Make sure skybell object are fully mocked Old tests would trigger attempts to post to could services: ``` DEBUG:aioskybell:HTTP post https://cloud.myskybell.com/api/v3/login/ Request with headers: {'content-type': 'application/json', 'accept': '/', 'x-skybell-app-id': 'd2b542c7-a7e4-4e1e-b77d-2b76911c7c46', 'x-skybell-client-id': '1f36a3c0-6dee-4997-a6db-4e1c67338e57'} ``` * Fix sorting that broke after rebase 2022-11-29 21:36:36 +00:00			`return event_loop.run_until_complete(aiohttp_client(app))`
Cleanup http (#12424) * Clean up HTTP component * Clean up HTTP mock * Remove unused import * Fix test * Lint 2018-02-15 21:06:14 +00:00

Add type hints to integration tests (part 10) (#87985) 2023-02-13 09:25:26 +00:00			`async def test_cors_requests(client) -> None:`
Cleanup http (#12424) * Clean up HTTP component * Clean up HTTP mock * Remove unused import * Fix test * Lint 2018-02-15 21:06:14 +00:00			`"""Test cross origin requests."""`
Black 2019-07-31 19:25:30 +00:00			`req = await client.get("/", headers={ORIGIN: TRUSTED_ORIGIN})`
Use http.HTTPStatus in components/[gh]* (#58246) 2021-10-23 18:34:53 +00:00			`assert req.status == HTTPStatus.OK`
Black 2019-07-31 19:25:30 +00:00			`assert req.headers[ACCESS_CONTROL_ALLOW_ORIGIN] == TRUSTED_ORIGIN`
Cleanup http (#12424) * Clean up HTTP component * Clean up HTTP mock * Remove unused import * Fix test * Lint 2018-02-15 21:06:14 +00:00
			`# With password in URL`
Black 2019-07-31 19:25:30 +00:00			`req = await client.get(`
			`"/", params={"api_password": "some-pass"}, headers={ORIGIN: TRUSTED_ORIGIN}`
			`)`
Use http.HTTPStatus in components/[gh]* (#58246) 2021-10-23 18:34:53 +00:00			`assert req.status == HTTPStatus.OK`
Black 2019-07-31 19:25:30 +00:00			`assert req.headers[ACCESS_CONTROL_ALLOW_ORIGIN] == TRUSTED_ORIGIN`
Cleanup http (#12424) * Clean up HTTP component * Clean up HTTP mock * Remove unused import * Fix test * Lint 2018-02-15 21:06:14 +00:00
			`# With password in headers`
Black 2019-07-31 19:25:30 +00:00			`req = await client.get(`
			`"/", headers={HTTP_HEADER_HA_AUTH: "some-pass", ORIGIN: TRUSTED_ORIGIN}`
			`)`
Use http.HTTPStatus in components/[gh]* (#58246) 2021-10-23 18:34:53 +00:00			`assert req.status == HTTPStatus.OK`
Black 2019-07-31 19:25:30 +00:00			`assert req.headers[ACCESS_CONTROL_ALLOW_ORIGIN] == TRUSTED_ORIGIN`
Cleanup http (#12424) * Clean up HTTP component * Clean up HTTP mock * Remove unused import * Fix test * Lint 2018-02-15 21:06:14 +00:00
Fix authorization header in cors (#21662) * Fix authorization headers in cors * Use aiohttp authorization header instead of custom const 2019-03-09 18:00:10 +00:00			`# With auth token in headers`
Black 2019-07-31 19:25:30 +00:00			`req = await client.get(`
			`"/", headers={AUTHORIZATION: "Bearer some-token", ORIGIN: TRUSTED_ORIGIN}`
			`)`
Use http.HTTPStatus in components/[gh]* (#58246) 2021-10-23 18:34:53 +00:00			`assert req.status == HTTPStatus.OK`
Black 2019-07-31 19:25:30 +00:00			`assert req.headers[ACCESS_CONTROL_ALLOW_ORIGIN] == TRUSTED_ORIGIN`
Fix authorization header in cors (#21662) * Fix authorization headers in cors * Use aiohttp authorization header instead of custom const 2019-03-09 18:00:10 +00:00
Cleanup http (#12424) * Clean up HTTP component * Clean up HTTP mock * Remove unused import * Fix test * Lint 2018-02-15 21:06:14 +00:00
Add type hints to integration tests (part 10) (#87985) 2023-02-13 09:25:26 +00:00			`async def test_cors_preflight_allowed(client) -> None:`
Cleanup http (#12424) * Clean up HTTP component * Clean up HTTP mock * Remove unused import * Fix test * Lint 2018-02-15 21:06:14 +00:00			`"""Test cross origin resource sharing preflight (OPTIONS) request."""`
Black 2019-07-31 19:25:30 +00:00			`req = await client.options(`
			`"/",`
			`headers={`
			`ORIGIN: TRUSTED_ORIGIN,`
			`ACCESS_CONTROL_REQUEST_METHOD: "GET",`
Remove direct authentication via trusted networks or API password (#27656) * Remove direct authentication via trusted networks and API password * Fix tests 2019-10-14 21:56:45 +00:00			`ACCESS_CONTROL_REQUEST_HEADERS: "x-requested-with",`
Black 2019-07-31 19:25:30 +00:00			`},`
			`)`
Cleanup http (#12424) * Clean up HTTP component * Clean up HTTP mock * Remove unused import * Fix test * Lint 2018-02-15 21:06:14 +00:00
Use http.HTTPStatus in components/[gh]* (#58246) 2021-10-23 18:34:53 +00:00			`assert req.status == HTTPStatus.OK`
Cleanup http (#12424) * Clean up HTTP component * Clean up HTTP mock * Remove unused import * Fix test * Lint 2018-02-15 21:06:14 +00:00			`assert req.headers[ACCESS_CONTROL_ALLOW_ORIGIN] == TRUSTED_ORIGIN`
Remove direct authentication via trusted networks or API password (#27656) * Remove direct authentication via trusted networks and API password * Fix tests 2019-10-14 21:56:45 +00:00			`assert req.headers[ACCESS_CONTROL_ALLOW_HEADERS] == "X-REQUESTED-WITH"`
Fix CORS duplicate registration (#15670) 2018-07-25 09:36:44 +00:00

Add type hints to integration tests (h-i) (#87703) 2023-02-08 17:12:56 +00:00			`async def test_cors_middleware_with_cors_allowed_view(hass: HomeAssistant) -> None:`
Fix CORS duplicate registration (#15670) 2018-07-25 09:36:44 +00:00			`"""Test that we can configure cors and have a cors_allowed view."""`
Black 2019-07-31 19:25:30 +00:00
Fix CORS duplicate registration (#15670) 2018-07-25 09:36:44 +00:00			`class MyView(HomeAssistantView):`
			`"""Test view that allows CORS."""`

			`requires_auth = False`
			`cors_allowed = True`

			`def __init__(self, url, name):`
			`"""Initialize test view."""`
			`self.url = url`
			`self.name = name`

			`async def get(self, request):`
			`"""Test response."""`
			`return "test"`

Black 2019-07-31 19:25:30 +00:00			`assert await async_setup_component(`
			`hass, "http", {"http": {"cors_allowed_origins": ["http://home-assistant.io"]}}`
			`)`
Fix CORS duplicate registration (#15670) 2018-07-25 09:36:44 +00:00
Black 2019-07-31 19:25:30 +00:00			`hass.http.register_view(MyView("/api/test", "api:test"))`
			`hass.http.register_view(MyView("/api/test", "api:test2"))`
			`hass.http.register_view(MyView("/api/test2", "api:test"))`
Fix CORS duplicate registration (#15670) 2018-07-25 09:36:44 +00:00
			`hass.http.app._on_startup.freeze()`
			`await hass.http.app.startup()`
Fix cors on the index view (#24283) 2019-06-03 18:43:13 +00:00

Add type hints to integration tests (h-i) (#87703) 2023-02-08 17:12:56 +00:00			`async def test_cors_works_with_frontend(`
			`hass: HomeAssistant, hass_client: ClientSessionGenerator`
			`) -> None:`
Fix cors on the index view (#24283) 2019-06-03 18:43:13 +00:00			`"""Test CORS works with the frontend."""`
Black 2019-07-31 19:25:30 +00:00			`assert await async_setup_component(`
			`hass,`
			`"frontend",`
			`{"http": {"cors_allowed_origins": ["http://home-assistant.io"]}},`
			`)`
Fix cors on the index view (#24283) 2019-06-03 18:43:13 +00:00			`client = await hass_client()`
Black 2019-07-31 19:25:30 +00:00			`resp = await client.get("/")`
Use http.HTTPStatus in components/[gh]* (#58246) 2021-10-23 18:34:53 +00:00			`assert resp.status == HTTPStatus.OK`
Allow cors for static files (#25468) 2019-07-25 11:52:27 +00:00

Add type hints to integration tests (h-i) (#87703) 2023-02-08 17:12:56 +00:00			`async def test_cors_on_static_files(`
			`hass: HomeAssistant, hass_client: ClientSessionGenerator`
			`) -> None:`
Allow cors for static files (#25468) 2019-07-25 11:52:27 +00:00			`"""Test that we enable CORS for static files."""`
Black 2019-07-31 19:25:30 +00:00			`assert await async_setup_component(`
			`hass, "frontend", {"http": {"cors_allowed_origins": ["http://www.example.com"]}}`
			`)`
			`hass.http.register_static_path("/something", str(Path(__file__).parent))`
Allow cors for static files (#25468) 2019-07-25 11:52:27 +00:00
			`client = await hass_client()`
Black 2019-07-31 19:25:30 +00:00			`resp = await client.options(`
			`"/something/__init__.py",`
			`headers={`
			`"origin": "http://www.example.com",`
			`ACCESS_CONTROL_REQUEST_METHOD: "GET",`
			`},`
			`)`
Use http.HTTPStatus in components/[gh]* (#58246) 2021-10-23 18:34:53 +00:00			`assert resp.status == HTTPStatus.OK`
Black 2019-07-31 19:25:30 +00:00			`assert resp.headers[ACCESS_CONTROL_ALLOW_ORIGIN] == "http://www.example.com"`