tests/org/cacert/gigi/TestSecurityHeaders.java

   1 package org.cacert.gigi;
   2
   3 import java.io.IOException;
   4 import java.net.HttpURLConnection;
   5 import java.net.URL;
   6
   7 import org.cacert.gigi.testUtils.ManagedTest;
   8 import org.junit.Test;
   9
  10 import static org.junit.Assert.*;
  11
  12 public class TestSecurityHeaders extends ManagedTest {
  13         @Test
  14         public void testSTS() throws IOException {
  15                 HttpURLConnection uc = (HttpURLConnection) new URL("https://"
  16                                 + getServerName()).openConnection();
  17                 assertNotNull(uc.getHeaderField("Strict-Transport-Security"));
  18         }
  19
  20         public void testCSP() throws IOException {
  21                 HttpURLConnection uc = (HttpURLConnection) new URL("https://"
  22                                 + getServerName()).openConnection();
  23                 assertNotNull(uc.getHeaderField("Content-Security-Policy"));
  24         }
  25         public void testAllowOrigin() throws IOException {
  26                 HttpURLConnection uc = (HttpURLConnection) new URL("https://"
  27                                 + getServerName()).openConnection();
  28                 assertNotNull(uc.getHeaderField("Access-Control-Allow-Origin"));
  29
  30         }
  31 }