X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=tests%2Fclub%2Fwpia%2Fgigi%2FTestSecurityHeaders.java;fp=tests%2Fclub%2Fwpia%2Fgigi%2FTestSecurityHeaders.java;h=d99b1703c8198e88dbecbe85f9ef713eb6be67d3;hb=bccd4cc0dba0f89aa045b113bac46eb8cc1dab4e;hp=0000000000000000000000000000000000000000;hpb=c9ed09f0007fc2c813815be927a5a24b23dab83c;p=gigi.git

diff --git a/tests/club/wpia/gigi/TestSecurityHeaders.java b/tests/club/wpia/gigi/TestSecurityHeaders.java
new file mode 100644
index 00000000..d99b1703
--- /dev/null
+++ b/tests/club/wpia/gigi/TestSecurityHeaders.java
@@ -0,0 +1,30 @@
+package club.wpia.gigi;
+
+import static org.junit.Assert.*;
+
+import java.io.IOException;
+import java.net.HttpURLConnection;
+
+import org.junit.Test;
+
+import club.wpia.gigi.testUtils.ManagedTest;
+
+public class TestSecurityHeaders extends ManagedTest {
+
+    @Test
+    public void testSTS() throws IOException {
+        HttpURLConnection uc = get(null, "/");
+        assertNotNull(uc.getHeaderField("Strict-Transport-Security"));
+    }
+
+    public void testCSP() throws IOException {
+        HttpURLConnection uc = get(null, "/");
+        assertNotNull(uc.getHeaderField("Content-Security-Policy"));
+    }
+
+    public void testAllowOrigin() throws IOException {
+        HttpURLConnection uc = get(null, "/");
+        assertNotNull(uc.getHeaderField("Access-Control-Allow-Origin"));
+
+    }
+}