kangmin/api-btekno
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Tambah script test_cors.php untuk debug CORS middleware

Browse Source
This commit is contained in:
mwpn
2025-12-17 14:07:45 +07:00
parent bae1da324b
commit e59bf9d981
2 changed files with 133 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
DEPLOY_CORS.md
View File

@@ -33,14 +33,29 @@ CORS_ALLOWED_ORIGINS=https://app.example.com,https://dashboard.example.com
``` ```
```bash ```bash
# 5. Restart PHP-FPM (via aaPanel atau command) # 5. Restart PHP-FPM (PENTING! Harus di-restart setelah perubahan code)
# Via aaPanel: Website -> PHP -> Service Management -> Reload # Via aaPanel: Website -> PHP -> Service Management -> Reload
# Atau: # Atau via command (sesuaikan dengan PHP version):
systemctl reload php-fpm-83 # Sesuaikan dengan PHP version systemctl reload php-fpm-83 # Untuk PHP 8.3
# systemctl reload php-fpm-82 # Untuk PHP 8.2
# 6. (Opsional) Clear PHP Opcache jika masih ada masalah
# Via aaPanel: Website -> PHP -> Opcache -> Clear Cache
# Atau via command:
php -r "opcache_reset();"
``` ```
## ✅ Verifikasi CORS Aktif ## ✅ Verifikasi CORS Aktif
### Test 0: Test CORS Middleware Secara Langsung (Recommended)
```bash
# Jalankan script test di server
php bin/test_cors.php
```
Script ini akan test CORS middleware secara langsung dan menunjukkan apakah headers sudah muncul.
### Test 1: Cek Response Headers ### Test 1: Cek Response Headers
```bash ```bash

115
bin/test_cors.php Normal file
View File

@@ -0,0 +1,115 @@
<?php
declare(strict_types=1);
/**
* Script untuk test CORS middleware secara langsung
* Usage: php bin/test_cors.php
*/
require __DIR__ . '/../vendor/autoload.php';
use App\Config\AppConfig;
use App\Middleware\CorsMiddleware;
use Slim\Psr7\Factory\ServerRequestFactory;
use Slim\Psr7\Factory\ResponseFactory;
// Load environment
AppConfig::loadEnv(__DIR__ . '/..');
echo "=== CORS Middleware Test ===\n\n";
// Create test request with origin header
$requestFactory = new ServerRequestFactory();
$responseFactory = new ResponseFactory();
// Test 1: Origin yang ada di .env
echo "Test 1: Origin 'http://localhost/retribusi' (ada di .env):\n";
$request1 = $requestFactory->createServerRequest('GET', '/health')
->withHeader('Origin', 'http://localhost/retribusi');
$response1 = $responseFactory->createResponse(200);
$response1->getBody()->write(json_encode(['status' => 'ok']));
$middleware = new CorsMiddleware();
$handler = new class($response1) implements \Psr\Http\Server\RequestHandlerInterface {
private $response;
public function __construct($response) {
$this->response = $response;
}
public function handle(\Psr\Http\Message\ServerRequestInterface $request): \Psr\Http\Message\ResponseInterface {
return $this->response;
}
};
$result1 = $middleware->process($request1, $handler);
echo " Response headers:\n";
foreach ($result1->getHeaders() as $name => $values) {
if (str_starts_with(strtolower($name), 'access-control-')) {
echo " - $name: " . implode(', ', $values) . "\n";
}
}
// Test 2: Origin yang tidak ada di .env
echo "\nTest 2: Origin 'http://example.com' (tidak ada di .env):\n";
$request2 = $requestFactory->createServerRequest('GET', '/health')
->withHeader('Origin', 'http://example.com');
$response2 = $responseFactory->createResponse(200);
$handler2 = new class($response2) implements \Psr\Http\Server\RequestHandlerInterface {
private $response;
public function __construct($response) {
$this->response = $response;
}
public function handle(\Psr\Http\Message\ServerRequestInterface $request): \Psr\Http\Message\ResponseInterface {
return $this->response;
}
};
$result2 = $middleware->process($request2, $handler2);
echo " Response headers:\n";
$hasCorsHeaders = false;
foreach ($result2->getHeaders() as $name => $values) {
if (str_starts_with(strtolower($name), 'access-control-')) {
$hasCorsHeaders = true;
echo " - $name: " . implode(', ', $values) . "\n";
}
}
if (!$hasCorsHeaders) {
echo " ⚠️ No CORS headers found (expected if origin not allowed)\n";
}
// Test 3: OPTIONS request (preflight)
echo "\nTest 3: OPTIONS request (preflight):\n";
$request3 = $requestFactory->createServerRequest('OPTIONS', '/health')
->withHeader('Origin', 'http://localhost/retribusi');
$response3 = $responseFactory->createResponse(200);
$handler3 = new class($response3) implements \Psr\Http\Server\RequestHandlerInterface {
private $response;
public function __construct($response) {
$this->response = $response;
}
public function handle(\Psr\Http\Message\ServerRequestInterface $request): \Psr\Http\Message\ResponseInterface {
return $this->response;
}
};
$result3 = $middleware->process($request3, $handler3);
echo " Status code: " . $result3->getStatusCode() . "\n";
echo " Response headers:\n";
foreach ($result3->getHeaders() as $name => $values) {
if (str_starts_with(strtolower($name), 'access-control-')) {
echo " - $name: " . implode(', ', $values) . "\n";
}
}
echo "\n=== Test Complete ===\n";
echo "\nJika Test 1 tidak ada CORS headers, kemungkinan:\n";
echo "1. PHP-FPM belum di-restart setelah perubahan code\n";
echo "2. Opcache masih cache code lama (clear opcache)\n";
echo "3. Check error log: tail -f /www/wwwlogs/api.btekno.cloud.error.log\n";