diff options
author | Tor Brede Vekterli <vekterli@verizonmedia.com> | 2019-08-19 12:49:58 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-08-19 12:49:58 +0200 |
commit | 41ef9280799fc63cf1d7db934c7b3ea771099d7b (patch) | |
tree | 01197f8e52f90755d2ee371b693e7dfcddedb832 /storage | |
parent | cf9c4139ea1167ff1a4656772f5e689356a70568 (diff) | |
parent | d0e2b5082708cdf5044509dc242cfadc6ee68461 (diff) |
Merge pull request #10261 from vespa-engine/vekterli/set-status-page-basic-http-security-headers
Set basic HTTP security headers on status pages served from backend
Diffstat (limited to 'storage')
-rw-r--r-- | storage/src/tests/frameworkimpl/status/statustest.cpp | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/storage/src/tests/frameworkimpl/status/statustest.cpp b/storage/src/tests/frameworkimpl/status/statustest.cpp index e7d0d496cc8..81d91e2f08a 100644 --- a/storage/src/tests/frameworkimpl/status/statustest.cpp +++ b/storage/src/tests/frameworkimpl/status/statustest.cpp @@ -115,6 +115,12 @@ TEST_F(StatusTest, index_status_page) { "Connection: close\r\n" "Content-Type: text\\/html\r\n" "Content-Length: [0-9]+\r\n" + "X-XSS-Protection: 1; mode=block\r\n" + "X-Frame-Options: DENY\r\n" + "Content-Security-Policy: default-src 'none'\r\n" + "X-Content-Type-Options: nosniff\r\n" + "Cache-Control: no-store\r\n" + "Pragma: no-cache\r\n" "\r\n" "<html>\n" "<head>\n" @@ -144,6 +150,12 @@ TEST_F(StatusTest, html_status) { "Connection: close\r\n" "Content-Type: text/html\r\n" "Content-Length: 117\r\n" + "X-XSS-Protection: 1; mode=block\r\n" + "X-Frame-Options: DENY\r\n" + "Content-Security-Policy: default-src 'none'\r\n" + "X-Content-Type-Options: nosniff\r\n" + "Cache-Control: no-store\r\n" + "Pragma: no-cache\r\n" "\r\n" "<html>\n" "<head>\n" @@ -170,6 +182,12 @@ TEST_F(StatusTest, xml_sStatus) { "Connection: close\r\n" "Content-Type: application/xml\r\n" "Content-Length: 100\r\n" + "X-XSS-Protection: 1; mode=block\r\n" + "X-Frame-Options: DENY\r\n" + "Content-Security-Policy: default-src 'none'\r\n" + "X-Content-Type-Options: nosniff\r\n" + "Cache-Control: no-store\r\n" + "Pragma: no-cache\r\n" "\r\n" "<?xml version=\"1.0\"?>\n" "<status id=\"fooid\" name=\"Foo impl\">\n" |