[libsoup/hsts: 87/101] Add test to check that no HSTS header does not remove a policy



commit c28b7966b7848d1e5b2814b3866f16ce28233797
Author: Claudio Saavedra <csaavedra igalia com>
Date:   Wed Aug 29 16:46:15 2018 +0300

    Add test to check that no HSTS header does not remove a policy

 tests/hsts-test.c | 15 +++++++++++++++
 1 file changed, 15 insertions(+)
---
diff --git a/tests/hsts-test.c b/tests/hsts-test.c
index 3562615f..79a2b6f2 100644
--- a/tests/hsts-test.c
+++ b/tests/hsts-test.c
@@ -57,6 +57,8 @@ server_callback  (SoupServer *server, SoupMessage *msg,
                        soup_message_headers_append (msg->response_headers,
                                                     "Strict-Transport-Security",
                                                     "max-age=31536000; includeSubDomains");
+               } else if (strcmp (path, "/no-sts-header") == 0) {
+                       /* Do not add anything */
                } else if (strcmp (path, "/multiple-headers") == 0) {
                        soup_message_headers_append (msg->response_headers,
                                                     "Strict-Transport-Security",
@@ -244,6 +246,18 @@ do_hsts_set_and_delete_test (void)
        soup_test_session_abort_unref (session);
 }
 
+static void
+do_hsts_no_hsts_header_test (void)
+{
+       SoupSession *session = hsts_session_new (NULL);
+       session_get_uri (session, "https://localhost/long-lasting";, SOUP_STATUS_OK);
+       session_get_uri (session, "http://localhost";, SOUP_STATUS_OK);
+       session_get_uri (session, "https://localhost/no-sts-header";, SOUP_STATUS_OK);
+       session_get_uri (session, "http://localhost";, SOUP_STATUS_OK);
+
+       soup_test_session_abort_unref (session);
+}
+
 static void
 do_hsts_persistency_test (void)
 {
@@ -397,6 +411,7 @@ main (int argc, char **argv)
        g_test_add_func ("/hsts/replace", do_hsts_replace_test);
        g_test_add_func ("/hsts/update", do_hsts_update_test);
        g_test_add_func ("/hsts/set_and_delete", do_hsts_set_and_delete_test);
+       g_test_add_func ("/hsts/no_hsts_header", do_hsts_no_hsts_header_test);
        g_test_add_func ("/hsts/persistency", do_hsts_persistency_test);
        g_test_add_func ("/hsts/subdomains", do_hsts_subdomains_test);
        g_test_add_func ("/hsts/multiple-headers", do_hsts_multiple_headers_test);


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]