X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;f=test%2Fplugs%2Fhttp_security_plug_test.exs;h=63b4d3f31fefe5a0ec8edfd43fbac8ded7ebb73a;hb=59bdef0c337f1892282e245c5a236680af8e0318;hp=7dfd50c1febd9a6a6f5ace616c853725bb16cf39;hpb=557f0e33a7de7ef89c72441ffc3a9c09c56fe9a7;p=akkoma
diff --git a/test/plugs/http_security_plug_test.exs b/test/plugs/http_security_plug_test.exs
index 7dfd50c1f..63b4d3f31 100644
--- a/test/plugs/http_security_plug_test.exs
+++ b/test/plugs/http_security_plug_test.exs
@@ -1,5 +1,5 @@
# Pleroma: A lightweight social networking server
-# Copyright © 2017-2018 Pleroma Authors
+# Copyright © 2017-2020 Pleroma Authors
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.Plugs.HTTPSecurityPlugTest do
@@ -7,17 +7,13 @@ defmodule Pleroma.Web.Plugs.HTTPSecurityPlugTest do
alias Pleroma.Config
alias Plug.Conn
+ setup do: clear_config([:http_securiy, :enabled])
+ setup do: clear_config([:http_security, :sts])
+ setup do: clear_config([:http_security, :referrer_policy])
+
describe "http security enabled" do
setup do
- enabled = Config.get([:http_securiy, :enabled])
-
Config.put([:http_security, :enabled], true)
-
- on_exit(fn ->
- Config.put([:http_security, :enabled], enabled)
- end)
-
- :ok
end
test "it sends CSP headers when enabled", %{conn: conn} do
@@ -71,7 +67,7 @@ defmodule Pleroma.Web.Plugs.HTTPSecurityPlugTest do
[csp] = Conn.get_resp_header(conn, "content-security-policy")
- assert csp =~ ~r|report-uri https://endpoint.com; report-to csp-endpoint;|
+ assert csp =~ ~r|report-uri https://endpoint.com;report-to csp-endpoint;|
[reply_to] = Conn.get_resp_header(conn, "reply-to")
@@ -81,14 +77,8 @@ defmodule Pleroma.Web.Plugs.HTTPSecurityPlugTest do
end
test "it does not send CSP headers when disabled", %{conn: conn} do
- enabled = Config.get([:http_securiy, :enabled])
-
Config.put([:http_security, :enabled], false)
- on_exit(fn ->
- Config.put([:http_security, :enabled], enabled)
- end)
-
conn = get(conn, "/api/v1/instance")
assert Conn.get_resp_header(conn, "x-xss-protection") == []