PR feedback

Author: JamesNK

src/Middleware/CORS/src/CorsPolicyMetadata.cs

@@ -5,20 +5,19 @@
 
 namespace Microsoft.AspNetCore.Cors
 {
+    /// <summary>
+    /// Metadata that provides a CORS policy.
+    /// </summary>
     public class CorsPolicyMetadata : ICorsPolicyMetadata
     {
         public CorsPolicyMetadata(CorsPolicy policy)
         {
             Policy = policy;
         }
 
-        public CorsPolicyMetadata(string policyName)
-        {
-            PolicyName = policyName;
-        }
-
+        /// <summary>
+        /// The policy which needs to be applied.
+        /// </summary>
         public CorsPolicy Policy { get; }
-
-        public string PolicyName { get; }
     }
 }

src/Middleware/CORS/src/Infrastructure/CorsEndpointConventionBuilderExtensions.cs

@@ -28,7 +28,7 @@ public static IEndpointConventionBuilder WithCorsPolicy(this IEndpointConvention
 
             builder.Apply(endpointBuilder =>
             {
-                endpointBuilder.Metadata.Add(new CorsPolicyMetadata(policyName));
+                endpointBuilder.Metadata.Add(new EnableCorsAttribute(policyName));
             });
             return builder;
         }

src/Middleware/CORS/src/Infrastructure/CorsMiddleware.cs

@@ -131,10 +131,10 @@ private async Task InvokeCore(HttpContext context, ICorsPolicyProvider corsPolic
             // CORS policy resolution rules:
             //
             // 1. If there is an endpoint with IDisableCorsAttribute then CORS is not run
-            // 2. If there is an endpoint with ICorsPolicyMetadata then use its policy and name
-            // 3. If there is an endpoint with IEnableCorsAttribute that has a policy name then
+            // 2. If there is an endpoint with ICorsPolicyMetadata then use its policy or if
+            //    there is an endpoint with IEnableCorsAttribute that has a policy name then
             //    fetch policy by name, prioritizing it above policy on middleware
-            // 4. If there is no policy on middleware then use name on middleware
+            // 3. If there is no policy on middleware then use name on middleware
 
             // Flag to indicate to other systems, e.g. MVC, that CORS middleware was run for this request
             context.Items[CorsMiddlewareInvokedKey] = true;
@@ -154,7 +154,7 @@ private async Task InvokeCore(HttpContext context, ICorsPolicyProvider corsPolic
             var policyName = _corsPolicyName;
             if (corsMetadata is ICorsPolicyMetadata corsPolicyMetadata)
             {
-                policyName = corsPolicyMetadata.PolicyName;
+                policyName = null;
                 corsPolicy = corsPolicyMetadata.Policy;
             }
             else if (corsMetadata is IEnableCorsAttribute enableCorsAttribute &&

src/Middleware/CORS/src/Infrastructure/ICorsPolicyMetadata.cs

@@ -12,10 +12,5 @@ public interface ICorsPolicyMetadata : ICorsMetadata
         /// The policy which needs to be applied.
         /// </summary>
         CorsPolicy Policy { get; }
-
-        /// <summary>
-        /// The name of the policy which needs to be applied.
-        /// </summary>
-        string PolicyName { get; }
     }
 }

src/Middleware/CORS/test/UnitTests/CorsEndpointConventionBuilderExtensionsTests.cs

@@ -28,7 +28,7 @@ public void WithCorsPolicy_Name_MetadataAdded()
             addCorsPolicy(endpointModel);
             var endpoint = endpointModel.Build();
 
-            var metadata = endpoint.Metadata.GetMetadata<ICorsPolicyMetadata>();
+            var metadata = endpoint.Metadata.GetMetadata<IEnableCorsAttribute>();
             Assert.NotNull(metadata);
             Assert.Equal("TestPolicyName", metadata.PolicyName);
         }