|
41 | 41 | (let [handler (wrap-frame-options (constantly nil) :deny)] |
42 | 42 | (is (nil? (handler (request :get "/")))))))) |
43 | 43 |
|
| 44 | +(deftest test-frame-options-response |
| 45 | + (testing "deny" |
| 46 | + (is (= (frame-options-response (response "hello") :deny) |
| 47 | + {:status 200, :headers {"X-Frame-Options" "DENY"}, :body "hello"}))) |
| 48 | + |
| 49 | + (testing "nil response" |
| 50 | + (is (nil? (frame-options-response nil :deny))))) |
| 51 | + |
44 | 52 | (deftest test-wrap-frame-options-cps |
45 | 53 | (testing "deny" |
46 | 54 | (let [handler (-> (fn [_ respond _] (respond (response "hello"))) |
|
77 | 85 | (let [handler (wrap-content-type-options (constantly nil) :nosniff)] |
78 | 86 | (is (nil? (handler (request :get "/")))))))) |
79 | 87 |
|
| 88 | +(deftest test-content-type-options-response |
| 89 | + (testing "nosniff" |
| 90 | + (is (= (content-type-options-response |
| 91 | + (-> (response "hello") (content-type "text/plain")) |
| 92 | + :nosniff) |
| 93 | + {:status 200 |
| 94 | + :headers {"X-Content-Type-Options" "nosniff" |
| 95 | + "Content-Type" "text/plain"} |
| 96 | + :body "hello"}))) |
| 97 | + |
| 98 | + (testing "nil response" |
| 99 | + (is (nil? (content-type-options-response nil :nosniff))))) |
| 100 | + |
80 | 101 | (deftest test-wrap-content-type-options-cps |
81 | 102 | (testing "nosniff" |
82 | 103 | (let [handler (-> (fn [_ respond _] |
|
131 | 152 | (let [handler (wrap-xss-protection (constantly nil) true)] |
132 | 153 | (is (nil? (handler (request :get "/")))))))) |
133 | 154 |
|
| 155 | +(deftest test-xss-protection-response |
| 156 | + (testing "enable" |
| 157 | + (is (= (xss-protection-response (response "hello") :deny) |
| 158 | + {:status 200, :headers {"X-XSS-Protection" "1"}, :body "hello"}))) |
| 159 | + |
| 160 | + (testing "nil response" |
| 161 | + (is (nil? (frame-options-response nil :deny))))) |
| 162 | + |
134 | 163 | (deftest test-wrap-xss-protection-cps |
135 | 164 | (testing "nosniff" |
136 | 165 | (let [handler (-> (fn [_ respond _] (respond (response "hello"))) |
|
0 commit comments