yujunjun/strapi
1
0
Fork 0
mirror of https://github.com/strapi/strapi.git synced 2025-10-31 09:56:44 +00:00
Code Issues Packages Projects Releases Wiki Activity
strapi/test/middlewares/lusca/xssprotection.js

87 lines
1.7 KiB
JavaScript
Raw Normal View History

Initial release
2015-10-01 00:30:16 +02:00
'use strict';
const request = require('supertest');
const assert = require('assert');
const strapi = require('../../..');
const mock = require('./mocks/app');
describe('xssProtection', function () {
it('method', function () {
assert(typeof strapi.middlewares.lusca.xssProtection === 'function');
});
it('xssProtection = 1', function (done) {
const config = {
xssProtection: 1
};
const app = mock(config);
request(app.listen())
.get('/')
.expect('X-XSS-Protection', '1; mode=block')
.expect(200, done);
});
it('header (enabled)', function (done) {
const config = {
xssProtection: true
};
const app = mock(config);
request(app.listen())
.get('/')
.expect('X-XSS-Protection', '1; mode=block')
.expect(200, done);
});
it('header (enabled; custom mode)', function (done) {
const config = {
xssProtection: {
enabled: 1,
mode: 'foo'
}
};
const app = mock(config);
request(app.listen())
.get('/')
.expect('X-XSS-Protection', '1; mode=foo')
.expect(200, done);
});
it('header (enabled is boolean; custom mode)', function (done) {
const config = {
xssProtection: {
enabled: true
}
};
const app = mock(config);
request(app.listen())
.get('/')
.expect('X-XSS-Protection', '1; mode=block')
.expect(200, done);
});
it('header (!enabled)', function (done) {
const config = {
xssProtection: {
enabled: 0
}
};
const app = mock(config);
request(app.listen())
.get('/')
.expect('X-XSS-Protection', '0; mode=block')
.expect(200, done);
});
});
Reference in New Issue Copy Permalink