tests/org/cacert/gigi/TestSecurityHeaders.java

   1 package org.cacert.gigi;
   2
   3 import static org.junit.Assert.*;
   4
   5 import java.io.IOException;
   6 import java.net.HttpURLConnection;
   7 import java.net.URL;
   8
   9 import org.cacert.gigi.testUtils.ManagedTest;
  10 import org.junit.Test;
  11
  12 public class TestSecurityHeaders extends ManagedTest {
  13
  14     @Test
  15     public void testSTS() throws IOException {
  16         HttpURLConnection uc = (HttpURLConnection) new URL("https://" + getServerName()).openConnection();
  17         assertNotNull(uc.getHeaderField("Strict-Transport-Security"));
  18     }
  19
  20     public void testCSP() throws IOException {
  21         HttpURLConnection uc = (HttpURLConnection) new URL("https://" + getServerName()).openConnection();
  22         assertNotNull(uc.getHeaderField("Content-Security-Policy"));
  23     }
  24
  25     public void testAllowOrigin() throws IOException {
  26         HttpURLConnection uc = (HttpURLConnection) new URL("https://" + getServerName()).openConnection();
  27         assertNotNull(uc.getHeaderField("Access-Control-Allow-Origin"));
  28
  29     }
  30 }