Contains the Concourse pipeline definition for building a line-server container
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

52 lines
1.3 KiB

9 years ago
9 years ago
9 years ago
9 years ago
  1. package main
  2. import (
  3. "net/http"
  4. "net/http/httptest"
  5. "os"
  6. "path"
  7. "testing"
  8. "github.com/zenazn/goji"
  9. )
  10. var testCSPHeaders = map[string]string{
  11. "Content-Security-Policy": "default-src 'none'; style-src 'self';",
  12. "Referrer-Policy": "strict-origin-when-cross-origin",
  13. "X-Frame-Options": "SAMEORIGIN",
  14. }
  15. func TestContentSecurityPolicy(t *testing.T) {
  16. Config.siteURL = "http://linx.example.org/"
  17. Config.filesDir = path.Join(os.TempDir(), generateBarename())
  18. Config.metaDir = Config.filesDir + "_meta"
  19. Config.maxSize = 1024 * 1024 * 1024
  20. Config.noLogs = true
  21. Config.siteName = "linx"
  22. Config.selifPath = "selif"
  23. Config.contentSecurityPolicy = testCSPHeaders["Content-Security-Policy"]
  24. Config.referrerPolicy = testCSPHeaders["Referrer-Policy"]
  25. Config.xFrameOptions = testCSPHeaders["X-Frame-Options"]
  26. mux := setup()
  27. w := httptest.NewRecorder()
  28. req, err := http.NewRequest("GET", "/", nil)
  29. if err != nil {
  30. t.Fatal(err)
  31. }
  32. goji.Use(ContentSecurityPolicy(CSPOptions{
  33. policy: testCSPHeaders["Content-Security-Policy"],
  34. referrerPolicy: testCSPHeaders["Referrer-Policy"],
  35. frame: testCSPHeaders["X-Frame-Options"],
  36. }))
  37. mux.ServeHTTP(w, req)
  38. for k, v := range testCSPHeaders {
  39. if w.HeaderMap[k][0] != v {
  40. t.Fatalf("%s header did not match expected value set by middleware", k)
  41. }
  42. }
  43. }