Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-20 02:52:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

SEC-2511: Remove double ALLOW-FROM in X-Frame-Options header

Browse Source
This commit is contained in:
Rob Winch 2014-03-06 21:58:35 -06:00
parent f02b77794f
commit 60704eb50e
3 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
web/src/test/java/org/springframework/security/web/header/writers/frameoptions/AbstractRequestParameterAllowFromStrategyTests.java
View File

@ -73,7 +73,7 @@ public class AbstractRequestParameterAllowFromStrategyTests {
assertThat( assertThat(
strategy strategy
.getAllowFromValue(request)).isEqualTo("ALLOW-FROM "+value); .getAllowFromValue(request)).isEqualTo(value);
} }
@Test @Test

4
web/src/test/java/org/springframework/security/web/header/writers/frameoptions/RegExpAllowFromStrategyTests.java
View File

@ -33,11 +33,11 @@ public class RegExpAllowFromStrategyTests {
request.setParameter("from", "http://abc.test.com"); request.setParameter("from", "http://abc.test.com");
String result1 = strategy.getAllowFromValue(request); String result1 = strategy.getAllowFromValue(request);
assertThat(result1, is("ALLOW-FROM http://abc.test.com")); assertThat(result1, is("http://abc.test.com"));
request.setParameter("from", "http://foo.test.com"); request.setParameter("from", "http://foo.test.com");
String result2 = strategy.getAllowFromValue(request); String result2 = strategy.getAllowFromValue(request);
assertThat(result2, is("ALLOW-FROM http://foo.test.com")); assertThat(result2, is("http://foo.test.com"));
request.setParameter("from", "http://test.foobar.com"); request.setParameter("from", "http://test.foobar.com");
String result3 = strategy.getAllowFromValue(request); String result3 = strategy.getAllowFromValue(request);

4
web/src/test/java/org/springframework/security/web/header/writers/frameoptions/WhiteListedAllowFromStrategyTests.java
View File

@ -38,7 +38,7 @@ public class WhiteListedAllowFromStrategyTests {
request.setParameter("from", "http://www.test.com"); request.setParameter("from", "http://www.test.com");
String result = strategy.getAllowFromValue(request); String result = strategy.getAllowFromValue(request);
assertThat(result, is("ALLOW-FROM http://www.test.com")); assertThat(result, is("http://www.test.com"));
} }
@Test @Test
@ -52,7 +52,7 @@ public class WhiteListedAllowFromStrategyTests {
request.setParameter("from", "http://www.test.com"); request.setParameter("from", "http://www.test.com");
String result = strategy.getAllowFromValue(request); String result = strategy.getAllowFromValue(request);
assertThat(result, is("ALLOW-FROM http://www.test.com")); assertThat(result, is("http://www.test.com"));
} }
@Test @Test