Commit 55d33b04 authored by Sutton's avatar Sutton
Browse files

Updating CORS Test

parent 30d3d0fb
...@@ -87,17 +87,17 @@ public abstract class BaseTestTemplate extends TestBase { ...@@ -87,17 +87,17 @@ public abstract class BaseTestTemplate extends TestBase {
ClientResponse response = descriptor.run(getArg(), testUtils.getOpsToken()); ClientResponse response = descriptor.run(getArg(), testUtils.getOpsToken());
assertEquals(error(response.getStatus() == 204 ? "" : response.getEntity(String.class)), expectedOkResponseCode(), response.getStatus()); assertEquals(error(response.getStatus() == 204 ? "" : response.getEntity(String.class)), expectedOkResponseCode(), response.getStatus());
assertEquals("[GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH]", response.getHeaders().getFirst("Access-Control-Allow-Methods")); assertEquals("GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH", response.getHeaders().getFirst("Access-Control-Allow-Methods"));
assertEquals("[origin, content-type, accept, authorization, data-partition-id, correlation-id, appkey]", response.getHeaders().getFirst("Access-Control-Allow-Headers")); assertEquals("origin, content-type, accept, authorization, data-partition-id, correlation-id, appkey", response.getHeaders().getFirst("Access-Control-Allow-Headers"));
assertEquals("[*]", response.getHeaders().getFirst("Access-Control-Allow-Origin")); assertEquals("*", response.getHeaders().getFirst("Access-Control-Allow-Origin"));
assertEquals("[true]", response.getHeaders().getFirst("Access-Control-Allow-Credentials")); assertEquals("true", response.getHeaders().getFirst("Access-Control-Allow-Credentials"));
assertEquals("DENY", response.getHeaders().getFirst("X-Frame-Options")); assertEquals("DENY", response.getHeaders().getFirst("X-Frame-Options"));
assertEquals("1; mode=block", response.getHeaders().getFirst("X-XSS-Protection")); assertEquals("1; mode=block", response.getHeaders().getFirst("X-XSS-Protection"));
assertEquals("nosniff", response.getHeaders().getFirst("X-Content-Type-Options")); assertEquals("nosniff", response.getHeaders().getFirst("X-Content-Type-Options"));
assertEquals("[no-cache, no-store, must-revalidate]", response.getHeaders().getFirst("Cache-Control")); assertEquals("no-cache, no-store, must-revalidate", response.getHeaders().getFirst("Cache-Control"));
assertEquals("[default-src 'self']", response.getHeaders().getFirst("Content-Security-Policy")); assertEquals("default-src 'self'", response.getHeaders().getFirst("Content-Security-Policy"));
assertEquals("[max-age=31536000; includeSubDomains]", response.getHeaders().getFirst("Strict-Transport-Security")); assertEquals("max-age=31536000; includeSubDomains", response.getHeaders().getFirst("Strict-Transport-Security"));
assertEquals("[0]", response.getHeaders().getFirst("Expires")); assertEquals("0", response.getHeaders().getFirst("Expires"));
} finally { } finally {
deleteResource(); deleteResource();
} }
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment