Contains the Concourse pipeline definition for building a line-server container
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

48 lines
1.1 KiB

9 years ago
9 years ago
9 years ago
  1. package main
  2. import (
  3. "net/http"
  4. "net/http/httptest"
  5. "os"
  6. "path"
  7. "testing"
  8. "github.com/zenazn/goji"
  9. )
  10. var testCSPHeaders = map[string]string{
  11. "Content-Security-Policy": "default-src 'none'; style-src 'self';",
  12. "X-Frame-Options": "SAMEORIGIN",
  13. }
  14. func TestContentSecurityPolicy(t *testing.T) {
  15. Config.siteURL = "http://linx.example.org/"
  16. Config.filesDir = path.Join(os.TempDir(), generateBarename())
  17. Config.metaDir = Config.filesDir + "_meta"
  18. Config.maxSize = 1024 * 1024 * 1024
  19. Config.noLogs = true
  20. Config.siteName = "linx"
  21. Config.contentSecurityPolicy = "default-src 'none'; style-src 'self';"
  22. Config.xFrameOptions = "SAMEORIGIN"
  23. setup()
  24. w := httptest.NewRecorder()
  25. req, err := http.NewRequest("GET", "/", nil)
  26. if err != nil {
  27. t.Fatal(err)
  28. }
  29. goji.Use(ContentSecurityPolicy(CSPOptions{
  30. policy: testCSPHeaders["Content-Security-Policy"],
  31. frame: testCSPHeaders["X-Frame-Options"],
  32. }))
  33. goji.DefaultMux.ServeHTTP(w, req)
  34. for k, v := range testCSPHeaders {
  35. if w.HeaderMap[k][0] != v {
  36. t.Fatalf("%s header did not match expected value set by middleware", k)
  37. }
  38. }
  39. }