Search in sources :

Example 1 with XFrameOptionsHeaderWriter

use of org.springframework.security.web.header.writers.frameoptions.XFrameOptionsHeaderWriter in project spring-security by spring-projects.

the class FrameOptionsHeaderWriterTests method writeHeadersSameOrigin.

@Test
public void writeHeadersSameOrigin() {
    writer = new XFrameOptionsHeaderWriter(XFrameOptionsMode.SAMEORIGIN);
    writer.writeHeaders(request, response);
    assertThat(response.getHeaderNames().size()).isEqualTo(1);
    assertThat(response.getHeader(XFrameOptionsHeaderWriter.XFRAME_OPTIONS_HEADER)).isEqualTo("SAMEORIGIN");
}
Also used : XFrameOptionsHeaderWriter(org.springframework.security.web.header.writers.frameoptions.XFrameOptionsHeaderWriter) Test(org.junit.Test)

Example 2 with XFrameOptionsHeaderWriter

use of org.springframework.security.web.header.writers.frameoptions.XFrameOptionsHeaderWriter in project spring-security by spring-projects.

the class FrameOptionsHeaderWriterTests method writeHeadersAllowFromReturnsNull.

@Test
public void writeHeadersAllowFromReturnsNull() {
    writer = new XFrameOptionsHeaderWriter(strategy);
    writer.writeHeaders(request, response);
    assertThat(response.getHeaderNames().isEmpty()).isTrue();
}
Also used : XFrameOptionsHeaderWriter(org.springframework.security.web.header.writers.frameoptions.XFrameOptionsHeaderWriter) Test(org.junit.Test)

Example 3 with XFrameOptionsHeaderWriter

use of org.springframework.security.web.header.writers.frameoptions.XFrameOptionsHeaderWriter in project spring-security by spring-projects.

the class FrameOptionsHeaderWriterTests method writeHeadersDeny.

@Test
public void writeHeadersDeny() {
    writer = new XFrameOptionsHeaderWriter(XFrameOptionsMode.DENY);
    writer.writeHeaders(request, response);
    assertThat(response.getHeaderNames().size()).isEqualTo(1);
    assertThat(response.getHeader(XFrameOptionsHeaderWriter.XFRAME_OPTIONS_HEADER)).isEqualTo("DENY");
}
Also used : XFrameOptionsHeaderWriter(org.springframework.security.web.header.writers.frameoptions.XFrameOptionsHeaderWriter) Test(org.junit.Test)

Example 4 with XFrameOptionsHeaderWriter

use of org.springframework.security.web.header.writers.frameoptions.XFrameOptionsHeaderWriter in project spring-security by spring-projects.

the class FrameOptionsHeaderWriterTests method writeHeadersTwiceLastWins.

@Test
public void writeHeadersTwiceLastWins() {
    writer = new XFrameOptionsHeaderWriter(XFrameOptionsMode.SAMEORIGIN);
    writer.writeHeaders(request, response);
    writer = new XFrameOptionsHeaderWriter(XFrameOptionsMode.DENY);
    writer.writeHeaders(request, response);
    assertThat(response.getHeaderNames().size()).isEqualTo(1);
    assertThat(response.getHeader(XFrameOptionsHeaderWriter.XFRAME_OPTIONS_HEADER)).isEqualTo("DENY");
}
Also used : XFrameOptionsHeaderWriter(org.springframework.security.web.header.writers.frameoptions.XFrameOptionsHeaderWriter) Test(org.junit.Test)

Example 5 with XFrameOptionsHeaderWriter

use of org.springframework.security.web.header.writers.frameoptions.XFrameOptionsHeaderWriter in project spring-security by spring-projects.

the class FrameOptionsHeaderWriterTests method writeHeadersAllowFrom.

@Test
public void writeHeadersAllowFrom() {
    String allowFromValue = "https://example.com/";
    when(strategy.getAllowFromValue(request)).thenReturn(allowFromValue);
    writer = new XFrameOptionsHeaderWriter(strategy);
    writer.writeHeaders(request, response);
    assertThat(response.getHeaderNames().size()).isEqualTo(1);
    assertThat(response.getHeader(XFrameOptionsHeaderWriter.XFRAME_OPTIONS_HEADER)).isEqualTo("ALLOW-FROM " + allowFromValue);
}
Also used : XFrameOptionsHeaderWriter(org.springframework.security.web.header.writers.frameoptions.XFrameOptionsHeaderWriter) Test(org.junit.Test)

Aggregations

Test (org.junit.Test)5 XFrameOptionsHeaderWriter (org.springframework.security.web.header.writers.frameoptions.XFrameOptionsHeaderWriter)5