HttpHeaderSecurityIT (Camunda Platform Javadocs 7.21.5-ee)

java.lang.Object

org.camunda.bpm.AbstractWebIntegrationTest

org.camunda.bpm.HttpHeaderSecurityIT

public class HttpHeaderSecurityIT extends AbstractWebIntegrationTest

Field Summary

Fields

Modifier and Type

Field

Description

static final String

CSP_VALUE

Fields inherited from class org.camunda.bpm.AbstractWebIntegrationTest
appBasePath, appUrl, client, COOKIE_HEADER, csrfToken, HOST_NAME, httpPort, JSESSIONID_IDENTIFIER, service, sessionId, TASKLIST_PATH, testProperties, testUtil, X_XSRF_TOKEN_HEADER, XSRF_TOKEN_IDENTIFIER
Constructor Summary

Constructors

Constructor

Description

HttpHeaderSecurityIT()
Method Summary

Modifier and Type

Method

Description

protected void

assertHeaderPresent(String expectedName, String expectedValue, com.sun.jersey.api.client.ClientResponse response)

void

createClient()

void

shouldCheckAbsenceOfHsts()

void

shouldCheckPresenceOfContentSecurityPolicyHeader()

void

shouldCheckPresenceOfContentTypeOptions()

void

shouldCheckPresenceOfXssProtectionHeader()

Methods inherited from class org.camunda.bpm.AbstractWebIntegrationTest
before, createClient, createCookieHeader, createCookieHeader, destroyClient, getCookie, getCookieHeaders, getCookieValue, getCookieValue, getRestCtxPath, getTokens, getWebappCtxPath, getXsrfCookieValue, getXsrfTokenHeader, preventRaceConditions

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details
- CSP_VALUE
  
  public static final String CSP_VALUE
  See Also:
  
  Constant Field Values
Constructor Details
- HttpHeaderSecurityIT
  
  public HttpHeaderSecurityIT()
Method Details
- createClient
  
  public void createClient() throws Exception
  
  Throws:
  
  Exception
- shouldCheckPresenceOfXssProtectionHeader
  
  public void shouldCheckPresenceOfXssProtectionHeader()
- shouldCheckPresenceOfContentSecurityPolicyHeader
  
  public void shouldCheckPresenceOfContentSecurityPolicyHeader()
- shouldCheckPresenceOfContentTypeOptions
  
  public void shouldCheckPresenceOfContentTypeOptions()
- shouldCheckAbsenceOfHsts
  
  public void shouldCheckAbsenceOfHsts()
- assertHeaderPresent
  
  protected void assertHeaderPresent(String expectedName, String expectedValue, com.sun.jersey.api.client.ClientResponse response)