X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;f=test%2Fpleroma%2Fweb%2Fplugs%2Fhttp_security_plug_test.exs;h=d88d4624f201206f2e30e964e7ec34411dcb3e45;hb=9464d505628d9f9dc20e54055d8853bea1d6722b;hp=7f85f4a11352776c9f4555309c54241957eee4c7;hpb=ac0c00cdee239e6bc37c0df2bfdb9f0ec1d24606;p=akkoma

diff --git a/test/pleroma/web/plugs/http_security_plug_test.exs b/test/pleroma/web/plugs/http_security_plug_test.exs
index 7f85f4a11..d88d4624f 100644
--- a/test/pleroma/web/plugs/http_security_plug_test.exs
+++ b/test/pleroma/web/plugs/http_security_plug_test.exs
@@ -17,7 +17,6 @@ defmodule Pleroma.Web.Plugs.HTTPSecurityPlugTest do
       refute Conn.get_resp_header(conn, "x-permitted-cross-domain-policies") == []
       refute Conn.get_resp_header(conn, "x-frame-options") == []
       refute Conn.get_resp_header(conn, "x-content-type-options") == []
-      refute Conn.get_resp_header(conn, "x-download-options") == []
       refute Conn.get_resp_header(conn, "referrer-policy") == []
       refute Conn.get_resp_header(conn, "content-security-policy") == []
     end
@@ -28,7 +27,6 @@ defmodule Pleroma.Web.Plugs.HTTPSecurityPlugTest do
       conn = get(conn, "/api/v1/instance")
 
       refute Conn.get_resp_header(conn, "strict-transport-security") == []
-      refute Conn.get_resp_header(conn, "expect-ct") == []
     end
 
     test "it does not send STS headers when disabled", %{conn: conn} do
@@ -37,7 +35,6 @@ defmodule Pleroma.Web.Plugs.HTTPSecurityPlugTest do
       conn = get(conn, "/api/v1/instance")
 
       assert Conn.get_resp_header(conn, "strict-transport-security") == []
-      assert Conn.get_resp_header(conn, "expect-ct") == []
     end
 
     test "referrer-policy header reflects configured value", %{conn: conn} do
@@ -143,7 +140,7 @@ defmodule Pleroma.Web.Plugs.HTTPSecurityPlugTest do
   defp assert_connect_src(conn, url) do
     conn = get(conn, "/api/v1/instance")
     [csp] = Conn.get_resp_header(conn, "content-security-policy")
-    assert csp =~ ~r/connect-src 'self' blob: [^;]+ #{url}/
+    assert csp =~ ~r/connect-src 'self' [^;]+ #{url}/
   end
 
   test "it does not send CSP headers when disabled", %{conn: conn} do
@@ -155,7 +152,6 @@ defmodule Pleroma.Web.Plugs.HTTPSecurityPlugTest do
     assert Conn.get_resp_header(conn, "x-permitted-cross-domain-policies") == []
     assert Conn.get_resp_header(conn, "x-frame-options") == []
     assert Conn.get_resp_header(conn, "x-content-type-options") == []
-    assert Conn.get_resp_header(conn, "x-download-options") == []
     assert Conn.get_resp_header(conn, "referrer-policy") == []
     assert Conn.get_resp_header(conn, "content-security-policy") == []
   end