tests/org/cacert/gigi/TestSecurityHeaders.java

   1 package org.cacert.gigi;
   2
   3 import java.io.IOException;
   4 import java.net.HttpURLConnection;
   5 import java.net.URL;
   6
   7 import org.cacert.gigi.testUtils.ManagedTest;
   8 import org.junit.Test;
   9
  10 import static org.junit.Assert.*;
  11
  12 public class TestSecurityHeaders extends ManagedTest {
  13         @Test
  14         public void testSTS() throws IOException {
  15                 HttpURLConnection uc = (HttpURLConnection) new URL("https://" + getServerName()).openConnection();
  16                 assertNotNull(uc.getHeaderField("Strict-Transport-Security"));
  17         }
  18
  19         public void testCSP() throws IOException {
  20                 HttpURLConnection uc = (HttpURLConnection) new URL("https://" + getServerName()).openConnection();
  21                 assertNotNull(uc.getHeaderField("Content-Security-Policy"));
  22         }
  23
  24         public void testAllowOrigin() throws IOException {
  25                 HttpURLConnection uc = (HttpURLConnection) new URL("https://" + getServerName()).openConnection();
  26                 assertNotNull(uc.getHeaderField("Access-Control-Allow-Origin"));
  27
  28         }
  29 }