1 package org.cacert.gigi;
3 import java.io.IOException;
4 import java.net.HttpURLConnection;
7 import org.cacert.gigi.testUtils.ManagedTest;
10 import static org.junit.Assert.*;
12 public class TestSecurityHeaders extends ManagedTest {
14 public void testSTS() throws IOException {
15 HttpURLConnection uc = (HttpURLConnection) new URL("https://"
16 + getServerName()).openConnection();
17 assertNotNull(uc.getHeaderField("Strict-Transport-Security"));
20 public void testCSP() throws IOException {
21 HttpURLConnection uc = (HttpURLConnection) new URL("https://"
22 + getServerName()).openConnection();
23 assertNotNull(uc.getHeaderField("Content-Security-Policy"));
25 public void testAllowOrigin() throws IOException {
26 HttpURLConnection uc = (HttpURLConnection) new URL("https://"
27 + getServerName()).openConnection();
28 assertNotNull(uc.getHeaderField("Access-Control-Allow-Origin"));