1 package org.cacert.gigi;
3 import static org.junit.Assert.*;
5 import java.io.IOException;
6 import java.net.HttpURLConnection;
8 import org.cacert.gigi.testUtils.ManagedTest;
11 public class TestSecurityHeaders extends ManagedTest {
14 public void testSTS() throws IOException {
15 HttpURLConnection uc = get(null, "/");
16 assertNotNull(uc.getHeaderField("Strict-Transport-Security"));
19 public void testCSP() throws IOException {
20 HttpURLConnection uc = get(null, "/");
21 assertNotNull(uc.getHeaderField("Content-Security-Policy"));
24 public void testAllowOrigin() throws IOException {
25 HttpURLConnection uc = get(null, "/");
26 assertNotNull(uc.getHeaderField("Access-Control-Allow-Origin"));