Temporarily disable cors zmscitizenapi (#795)

* disable cors middleware

* Update CorsMiddlewareTest.php

* Update CorsMiddlewareTest.php

* Update bootstrap.php

* Update SecurityHeadersMiddlewareTest.php

zmscitizenapi/bootstrap.php

@@ -42,8 +42,8 @@
 // Security middleware (order is important)
 App::$slim->add(new \BO\Zmscitizenapi\Middleware\LanguageMiddleware($logger));
 App::$slim->add(new \BO\Zmscitizenapi\Middleware\RequestLoggingMiddleware($logger));
-App::$slim->add(new \BO\Zmscitizenapi\Middleware\SecurityHeadersMiddleware($logger));
-App::$slim->add(new \BO\Zmscitizenapi\Middleware\CorsMiddleware($logger));
+//App::$slim->add(new \BO\Zmscitizenapi\Middleware\SecurityHeadersMiddleware($logger));
+//App::$slim->add(new \BO\Zmscitizenapi\Middleware\CorsMiddleware($logger));
 //App::$slim->add(new \BO\Zmscitizenapi\Middleware\CsrfMiddleware($logger));
 App::$slim->add(new \BO\Zmscitizenapi\Middleware\RateLimitingMiddleware($cache, $logger));
 App::$slim->add(new \BO\Zmscitizenapi\Middleware\RequestSanitizerMiddleware($logger));

zmscitizenapi/tests/Zmscitizenapi/Middleware/CorsMiddlewareTest.php

@@ -13,7 +13,7 @@ class CorsMiddlewareTest extends MiddlewareTestCase
 {
     private CorsMiddleware $middleware;
 
-    protected function setUp(): void
+    /*protected function setUp(): void
     {
         parent::setUp();
         \App::$source_name = 'unittest';
@@ -24,29 +24,29 @@ protected function setUp(): void
         putenv('CORS=http://localhost:8080');
         \App::reinitializeMiddlewareConfig();
         $this->middleware = new CorsMiddleware($this->logger);
-    }
+    }*/
 
-    protected function tearDown(): void
+    /*protected function tearDown(): void
     {
         putenv('CORS');  // Clear environment variable
         parent::tearDown();
-    }
+    }*/
 
-    public function testAllowsRequestWithoutOrigin(): void
+    /*public function testAllowsRequestWithoutOrigin(): void
     {
         $request = $this->createRequest();
         $response = new Response();
-        $handler = $this->createHandler($response);
+        $handler = $this->createHandler($response);*/
 
         /*$this->logger->expectLogInfo('Direct browser request - no Origin header', [
             'uri' => 'http://localhost/test'
         ]);*/
 
-        $result = $this->middleware->process($request, $handler);
+        /*$result = $this->middleware->process($request, $handler);
         $this->assertSame($response, $result);
-    }
+    }*/
 
-    public function testBlocksDisallowedOrigin(): void
+    /*public function testBlocksDisallowedOrigin(): void
     {
         $request = $this->createRequest(['Origin' => 'http://evil.com']);
         $response = new Response();
@@ -66,9 +66,9 @@ public function testBlocksDisallowedOrigin(): void
             ['errors' => [ErrorMessages::get('corsOriginNotAllowed')]],
             $logBody
         );
-    }
+    }*/
 
-    public function testAllowsWhitelistedOrigin(): void
+    /*public function testAllowsWhitelistedOrigin(): void
     {
         $request = $this->createRequest(['Origin' => 'http://localhost:8080']);
         $response = new Response();
@@ -78,9 +78,9 @@ public function testAllowsWhitelistedOrigin(): void
         
         $this->assertEquals('http://localhost:8080', $result->getHeaderLine('Access-Control-Allow-Origin'));
         $this->assertNotEmpty($result->getHeaderLine('Access-Control-Allow-Methods'));
-    }
+    }*/
 
-    public function testHandlesPreflightRequest(): void
+    /*public function testHandlesPreflightRequest(): void
     {
         $headers = new \Slim\Psr7\Headers([
             'Origin' => 'http://localhost:8080',
@@ -105,5 +105,5 @@ public function testHandlesPreflightRequest(): void
         $this->assertEquals('http://localhost:8080', $result->getHeaderLine('Access-Control-Allow-Origin'));
         $this->assertNotEmpty($result->getHeaderLine('Access-Control-Allow-Methods'));
         $this->assertNotEmpty($result->getHeaderLine('Access-Control-Allow-Headers'));
-    }
-}
+    }*/
+}

zmscitizenapi/tests/Zmscitizenapi/Middleware/SecurityHeadersMiddlewareTest.php

@@ -13,7 +13,7 @@ class SecurityHeadersMiddlewareTest extends MiddlewareTestCase
 {
     private SecurityHeadersMiddleware $middleware;
 
-    protected function setUp(): void
+    /*protected function setUp(): void
     {
         parent::setUp();
         \App::$source_name = 'unittest';
@@ -22,25 +22,25 @@ protected function setUp(): void
             \App::$cache->clear();
         }
         $this->middleware = new SecurityHeadersMiddleware($this->logger);
-    }
+    }*/
 
-    public function testAddsSecurityHeaders(): void
+    /*public function testAddsSecurityHeaders(): void
     {
         $request = $this->createRequest(['X-Test' => 'test']);
         $response = new Response();
-        $handler = $this->createHandler($response);
+        $handler = $this->createHandler($response);*/
 
         /*$this->logger->expectLogInfo('Security headers added', [
             'uri' => 'http://localhost/test'
         ]);*/
 
-        $result = $this->middleware->process($request, $handler);
+        /*$result = $this->middleware->process($request, $handler);
         
         $this->assertContainsEquals('DENY', $result->getHeader('X-Frame-Options'));
         $this->assertContainsEquals('nosniff', $result->getHeader('X-Content-Type-Options'));
-    }
+    }*/
 
-    public function testHandlesHeaderException(): void
+    /*public function testHandlesHeaderException(): void
     {
         $request = $this->createRequest(['X-Test' => 'test']);
         $response = $this->createMock(Response::class);
@@ -59,5 +59,5 @@ public function testHandlesHeaderException(): void
             ['errors' => [ErrorMessages::get('securityHeaderViolation')]],
             $logBody
         );
-    }
-}
+    }*/
+}