X-Git-Url: https://git.squeep.com/?a=blobdiff_plain;f=test%2Fpleroma%2Fweb%2Fplugs%2Fhttp_security_plug_test.exs;h=eb94cd665ae8964197bd330eeb1a966d36affa4b;hb=4d0a51221a392b8effe7f2e7dec9f95e5a694802;hp=2297e3dac3d1106a83aa02844b14adf2b5193e73;hpb=7d8f610720abdadeff9238aa8a345a91e473e0fa;p=akkoma
diff --git a/test/pleroma/web/plugs/http_security_plug_test.exs b/test/pleroma/web/plugs/http_security_plug_test.exs
index 2297e3dac..eb94cd665 100644
--- a/test/pleroma/web/plugs/http_security_plug_test.exs
+++ b/test/pleroma/web/plugs/http_security_plug_test.exs
@@ -1,11 +1,10 @@
# Pleroma: A lightweight social networking server
-# Copyright © 2017-2020 Pleroma Authors
+# Copyright © 2017-2021 Pleroma Authors
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.Plugs.HTTPSecurityPlugTest do
use Pleroma.Web.ConnCase
- alias Pleroma.Config
alias Plug.Conn
describe "http security enabled" do
@@ -60,9 +59,9 @@ defmodule Pleroma.Web.Plugs.HTTPSecurityPlugTest do
assert csp =~ ~r|report-uri https://endpoint.com;report-to csp-endpoint;|
- [reply_to] = Conn.get_resp_header(conn, "reply-to")
+ [report_to] = Conn.get_resp_header(conn, "report-to")
- assert reply_to ==
+ assert report_to ==
"{\"endpoints\":[{\"url\":\"https://endpoint.com\"}],\"group\":\"csp-endpoint\",\"max-age\":10886400}"
end
@@ -73,6 +72,21 @@ defmodule Pleroma.Web.Plugs.HTTPSecurityPlugTest do
assert csp =~ "media-src 'self' https:;"
assert csp =~ "img-src 'self' data: blob: https:;"
end
+
+ test "it sets the Service-Worker-Allowed header", %{conn: conn} do
+ clear_config([:http_security, :enabled], true)
+ clear_config([:frontends, :primary], %{"name" => "fedi-fe", "ref" => "develop"})
+
+ clear_config([:frontends, :available], %{
+ "fedi-fe" => %{
+ "name" => "fedi-fe",
+ "custom-http-headers" => [{"service-worker-allowed", "/"}]
+ }
+ })
+
+ conn = get(conn, "/api/v1/instance")
+ assert Conn.get_resp_header(conn, "service-worker-allowed") == ["/"]
+ end
end
describe "img-src and media-src" do