Search in sources :

Example 1 with HstsHeaderWriter

use of org.springframework.security.web.header.writers.HstsHeaderWriter in project spring-security by spring-projects.

the class HstsHeaderWriterTests method maxAgeAndIncludeSubdomainsCustomConstructorWriteHeaders.

@Test
public void maxAgeAndIncludeSubdomainsCustomConstructorWriteHeaders() {
    request.setSecure(false);
    writer = new HstsHeaderWriter(AnyRequestMatcher.INSTANCE, 15768000, false);
    writer.writeHeaders(request, response);
    assertThat(response.getHeaderNames().size()).isEqualTo(1);
    assertThat(response.getHeader("Strict-Transport-Security")).isEqualTo("max-age=15768000");
}
Also used : HstsHeaderWriter(org.springframework.security.web.header.writers.HstsHeaderWriter) Test(org.junit.Test)

Example 2 with HstsHeaderWriter

use of org.springframework.security.web.header.writers.HstsHeaderWriter in project spring-security by spring-projects.

the class HstsHeaderWriterTests method setup.

@Before
public void setup() {
    request = new MockHttpServletRequest();
    request.setSecure(true);
    response = new MockHttpServletResponse();
    writer = new HstsHeaderWriter();
}
Also used : MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) HstsHeaderWriter(org.springframework.security.web.header.writers.HstsHeaderWriter) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Before(org.junit.Before)

Example 3 with HstsHeaderWriter

use of org.springframework.security.web.header.writers.HstsHeaderWriter in project spring-security by spring-projects.

the class HstsHeaderWriterTests method maxAgeCustomConstructorWriteHeaders.

@Test
public void maxAgeCustomConstructorWriteHeaders() {
    writer = new HstsHeaderWriter(15768000);
    writer.writeHeaders(request, response);
    assertThat(response.getHeaderNames().size()).isEqualTo(1);
    assertThat(response.getHeader("Strict-Transport-Security")).isEqualTo("max-age=15768000 ; includeSubDomains");
}
Also used : HstsHeaderWriter(org.springframework.security.web.header.writers.HstsHeaderWriter) Test(org.junit.Test)

Example 4 with HstsHeaderWriter

use of org.springframework.security.web.header.writers.HstsHeaderWriter in project spring-security by spring-projects.

the class HstsHeaderWriterTests method allArgsCustomConstructorWriteHeaders.

@Test
public void allArgsCustomConstructorWriteHeaders() {
    request.setSecure(false);
    writer = new HstsHeaderWriter(AnyRequestMatcher.INSTANCE, 15768000, false);
    writer.writeHeaders(request, response);
    assertThat(response.getHeaderNames().size()).isEqualTo(1);
    assertThat(response.getHeader("Strict-Transport-Security")).isEqualTo("max-age=15768000");
}
Also used : HstsHeaderWriter(org.springframework.security.web.header.writers.HstsHeaderWriter) Test(org.junit.Test)

Example 5 with HstsHeaderWriter

use of org.springframework.security.web.header.writers.HstsHeaderWriter in project spring-security by spring-projects.

the class HstsHeaderWriterTests method includeSubDomainsCustomConstructorWriteHeaders.

@Test
public void includeSubDomainsCustomConstructorWriteHeaders() {
    writer = new HstsHeaderWriter(false);
    writer.writeHeaders(request, response);
    assertThat(response.getHeaderNames().size()).isEqualTo(1);
    assertThat(response.getHeader("Strict-Transport-Security")).isEqualTo("max-age=31536000");
}
Also used : HstsHeaderWriter(org.springframework.security.web.header.writers.HstsHeaderWriter) Test(org.junit.Test)

Aggregations

HstsHeaderWriter (org.springframework.security.web.header.writers.HstsHeaderWriter)6 Test (org.junit.Test)4 Before (org.junit.Before)1 ContentSecurityPolicyMode (org.springframework.boot.autoconfigure.security.SecurityProperties.Headers.ContentSecurityPolicyMode)1 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)1 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)1