use of org.springframework.security.web.header.writers.frameoptions.XFrameOptionsHeaderWriter in project spring-security by spring-projects.
the class FrameOptionsHeaderWriterTests method writeHeadersSameOrigin.
@Test
public void writeHeadersSameOrigin() {
writer = new XFrameOptionsHeaderWriter(XFrameOptionsMode.SAMEORIGIN);
writer.writeHeaders(request, response);
assertThat(response.getHeaderNames().size()).isEqualTo(1);
assertThat(response.getHeader(XFrameOptionsHeaderWriter.XFRAME_OPTIONS_HEADER)).isEqualTo("SAMEORIGIN");
}
use of org.springframework.security.web.header.writers.frameoptions.XFrameOptionsHeaderWriter in project spring-security by spring-projects.
the class FrameOptionsHeaderWriterTests method writeHeadersAllowFromReturnsNull.
@Test
public void writeHeadersAllowFromReturnsNull() {
writer = new XFrameOptionsHeaderWriter(strategy);
writer.writeHeaders(request, response);
assertThat(response.getHeaderNames().isEmpty()).isTrue();
}
use of org.springframework.security.web.header.writers.frameoptions.XFrameOptionsHeaderWriter in project spring-security by spring-projects.
the class FrameOptionsHeaderWriterTests method writeHeadersDeny.
@Test
public void writeHeadersDeny() {
writer = new XFrameOptionsHeaderWriter(XFrameOptionsMode.DENY);
writer.writeHeaders(request, response);
assertThat(response.getHeaderNames().size()).isEqualTo(1);
assertThat(response.getHeader(XFrameOptionsHeaderWriter.XFRAME_OPTIONS_HEADER)).isEqualTo("DENY");
}
use of org.springframework.security.web.header.writers.frameoptions.XFrameOptionsHeaderWriter in project spring-security by spring-projects.
the class FrameOptionsHeaderWriterTests method writeHeadersTwiceLastWins.
@Test
public void writeHeadersTwiceLastWins() {
writer = new XFrameOptionsHeaderWriter(XFrameOptionsMode.SAMEORIGIN);
writer.writeHeaders(request, response);
writer = new XFrameOptionsHeaderWriter(XFrameOptionsMode.DENY);
writer.writeHeaders(request, response);
assertThat(response.getHeaderNames().size()).isEqualTo(1);
assertThat(response.getHeader(XFrameOptionsHeaderWriter.XFRAME_OPTIONS_HEADER)).isEqualTo("DENY");
}
use of org.springframework.security.web.header.writers.frameoptions.XFrameOptionsHeaderWriter in project spring-security by spring-projects.
the class FrameOptionsHeaderWriterTests method writeHeadersAllowFrom.
@Test
public void writeHeadersAllowFrom() {
String allowFromValue = "https://example.com/";
when(strategy.getAllowFromValue(request)).thenReturn(allowFromValue);
writer = new XFrameOptionsHeaderWriter(strategy);
writer.writeHeaders(request, response);
assertThat(response.getHeaderNames().size()).isEqualTo(1);
assertThat(response.getHeader(XFrameOptionsHeaderWriter.XFRAME_OPTIONS_HEADER)).isEqualTo("ALLOW-FROM " + allowFromValue);
}
Aggregations