e2e: add cors forbidden origin case (#187)

Signed-off-by: bitliu <bitliu@tencent.com>

test/ingress/conformance/tests/httproute-enable-cors.go

@@ -73,7 +73,7 @@ var HTTPRouteEnableCors = suite.ConformanceTest{
 				},
 			}, {
 				Meta: http.AssertionMeta{
-					TestCaseName:    "case3: enable cors and allow headers",
+					TestCaseName:    "case3: enable cors and allow origin headers",
 					TargetBackend:   "infra-backend-v3",
 					TargetNamespace: "higress-conformance-infra",
 				},
@@ -91,6 +91,26 @@ var HTTPRouteEnableCors = suite.ConformanceTest{
 						Headers:    map[string]string{"Access-Control-Allow-Credentials": "true", "Access-Control-Allow-Origin": "http://bar.com", "Access-Control-Expose-Headers": "*"},
 					},
 				},
+			}, {
+				Meta: http.AssertionMeta{
+					TestCaseName:    "case4: enable cors and use forbidden Origin",
+					TargetBackend:   "infra-backend-v3",
+					TargetNamespace: "higress-conformance-infra",
+				},
+				Request: http.AssertionRequest{
+					ActualRequest: http.Request{
+						Path:    "/foo",
+						Host:    "foo3.com",
+						Method:  "OPTIONS",
+						Headers: map[string]string{"Origin": "http://foo.com"},
+					},
+				},
+				Response: http.AssertionResponse{
+					ExpectedResponse: http.Response{
+						StatusCode:    200,
+						AbsentHeaders: []string{"Access-Control-Allow-Credentials", "Access-Control-Allow-Origin", "Access-Control-Expose-Headers"},
+					},
+				},
 			},
 		}
 

test/ingress/conformance/tests/httproute-enable-cors.yaml

@@ -79,4 +79,4 @@ spec:
           service:
             name: infra-backend-v3
             port:
-              number: 8080
+              number: 8080