Maintenance: cors is opt out if enabled

[tonnico]

Why is this needed?

Some cors tests did not opt out for non-cors endpoints.

def test_cors_allow_all_request_origins():
    # GIVEN a function with cors=True
    # AND http method set to GET
    app = ApiGatewayResolver(
        cors=CORSConfig(
            allow_origin="*",
            allow_credentials=True,
        ),
    )

    @app.get("/my/path", cors=True)
    def with_cors() -> Response:
        return Response(200, content_types.TEXT_HTML, "test")

    @app.get("/without-cors")
    def without_cors() -> Response:
        return Response(200, content_types.TEXT_HTML, "test")

Which area does this relate to?

Tests

Solution

opt out cors instead of opt-in.

def test_cors_allow_all_request_origins():
    # GIVEN a function
    # AND http method set to GET
    app = ApiGatewayResolver(
        cors=CORSConfig(
            allow_origin="*",
            allow_credentials=True,
        ),
    )

    @app.get("/my/path")
    def with_cors() -> Response:
        return Response(200, content_types.TEXT_HTML, "test")

    @app.get("/without-cors", cors=False)
    def without_cors() -> Response:
        return Response(200, content_types.TEXT_HTML, "test")

Acknowledgment

• This request meets Powertools for AWS Lambda (Python) Tenets
• Should this be considered in other Powertools for AWS Lambda languages? i.e. Java, TypeScript, and .NET

[leandrodamascena]

Nice one @wurstnase! Thanks!

[github-actions]

⚠️COMMENT VISIBILITY WARNING⚠️

This issue is now closed. Please be mindful that future comments are hard for our team to see.

If you need more assistance, please either tag a team member or open a new issue that references this one.

If you wish to keep having a conversation with other community members under this issue feel free to do so.