diff --git a/flask_cors/core.py b/flask_cors/core.py index c46f72d..09150ea 100644 --- a/flask_cors/core.py +++ b/flask_cors/core.py @@ -246,9 +246,10 @@ def probably_regex(maybe_regex): if isinstance(maybe_regex, RegexObject): return True else: + common_regex_chars = ['*','\\',']', '?'] # Use common characters used in regular expressions as a proxy # for if this string is in fact a regex. - return any((c in maybe_regex for c in ['*','\\',']'])) + return any((c in maybe_regex for c in common_regex_chars)) def re_fix(reg): """ diff --git a/tests/core/helper_tests.py b/tests/core/helper_tests.py index 5501ff8..ce71e6a 100644 --- a/tests/core/helper_tests.py +++ b/tests/core/helper_tests.py @@ -90,3 +90,4 @@ def test_probably_regex(self): self.assertFalse(probably_regex("http://example.com")) self.assertTrue(probably_regex("http://[\w].example.com")) self.assertTrue(probably_regex("http://\w+.example.com")) + self.assertTrue(probably_regex("https?://example.com")) diff --git a/tests/decorator/test_origins.py b/tests/decorator/test_origins.py index 743dd3c..099b2ff 100644 --- a/tests/decorator/test_origins.py +++ b/tests/decorator/test_origins.py @@ -76,6 +76,11 @@ def test_regex_list(): def test_regex_mixed_list(): return '' + @self.app.route('/test_multiple_protocols') + @cross_origin(origins="https?://example.com") + def test_multiple_protocols(): + return '' + def test_defaults_no_origin(self): ''' If there is no Origin header in the request, the Access-Control-Allow-Origin header should be '*' by default. @@ -188,6 +193,12 @@ def test_regex_mixed_list(self): self.assertEquals("http://example.com", self.get('/test_regex_mixed_list', origin='http://example.com').headers.get(ACL_ORIGIN)) + def test_multiple_protocols(self): + import logging + logging.getLogger('flask_cors').level = logging.DEBUG + resp = self.get('test_multiple_protocols', origin='https://example.com') + self.assertEqual('https://example.com', resp.headers.get(ACL_ORIGIN)) + if __name__ == "__main__": unittest.main()