RubygemsResearch

Sha256: 32baaa15025067cdfdbe4fb0a96ba5a595f7b3250883b96e76fc05ebcd011ec8

Contents?: true

Size: 1.67 KB

Versions: 33

Compression:

Stored size: 1.67 KB

# frozen_string_literal: true
require "spec_helper"

module SecureHeaders
  describe XXssProtection do
    specify { expect(XXssProtection.make_header).to eq([XXssProtection::HEADER_NAME, XXssProtection::DEFAULT_VALUE]) }
    specify { expect(XXssProtection.make_header("1; mode=block; report=https://www.secure.com/reports")).to eq([XXssProtection::HEADER_NAME, "1; mode=block; report=https://www.secure.com/reports"]) }

    context "with invalid configuration" do
      it "should raise an error when providing a string that is not valid" do
        expect do
          XXssProtection.validate_config!("asdf")
        end.to raise_error(XXssProtectionConfigError)

        expect do
          XXssProtection.validate_config!("asdf; mode=donkey")
        end.to raise_error(XXssProtectionConfigError)
      end

      context "when using a hash value" do
        it "should allow string values ('1' or '0' are the only valid strings)" do
          expect do
            XXssProtection.validate_config!("1")
          end.not_to raise_error
        end

        it "should raise an error if no value key is supplied" do
          expect do
            XXssProtection.validate_config!("mode=block")
          end.to raise_error(XXssProtectionConfigError)
        end

        it "should raise an error if an invalid key is supplied" do
          expect do
            XXssProtection.validate_config!("123")
          end.to raise_error(XXssProtectionConfigError)
        end

        it "should raise an error if mode != block" do
          expect do
            XXssProtection.validate_config!("1; mode=donkey")
          end.to raise_error(XXssProtectionConfigError)
        end
      end
    end
  end
end

Version data entries

33 entries across 33 versions & 1 rubygems

Version	Path
secure_headers-7.0.0	spec/lib/secure_headers/headers/x_xss_protection_spec.rb
secure_headers-6.7.0	spec/lib/secure_headers/headers/x_xss_protection_spec.rb
secure_headers-6.6.0	spec/lib/secure_headers/headers/x_xss_protection_spec.rb
secure_headers-6.5.0	spec/lib/secure_headers/headers/x_xss_protection_spec.rb
secure_headers-6.4.0	spec/lib/secure_headers/headers/x_xss_protection_spec.rb
secure_headers-6.3.4	spec/lib/secure_headers/headers/x_xss_protection_spec.rb
secure_headers-6.3.3	spec/lib/secure_headers/headers/x_xss_protection_spec.rb
secure_headers-6.3.2	spec/lib/secure_headers/headers/x_xss_protection_spec.rb
secure_headers-6.3.1	spec/lib/secure_headers/headers/x_xss_protection_spec.rb
secure_headers-5.2.0	spec/lib/secure_headers/headers/x_xss_protection_spec.rb
secure_headers-6.3.0	spec/lib/secure_headers/headers/x_xss_protection_spec.rb
secure_headers-5.1.0	spec/lib/secure_headers/headers/x_xss_protection_spec.rb
secure_headers-6.2.0	spec/lib/secure_headers/headers/x_xss_protection_spec.rb
secure_headers-6.1.2	spec/lib/secure_headers/headers/x_xss_protection_spec.rb
secure_headers-6.1.1	spec/lib/secure_headers/headers/x_xss_protection_spec.rb
secure_headers-6.1.0	spec/lib/secure_headers/headers/x_xss_protection_spec.rb
secure_headers-6.0.0	spec/lib/secure_headers/headers/x_xss_protection_spec.rb
secure_headers-6.0.0.alpha03	spec/lib/secure_headers/headers/x_xss_protection_spec.rb
secure_headers-6.0.0.alpha02	spec/lib/secure_headers/headers/x_xss_protection_spec.rb
secure_headers-6.0.0.alpha01	spec/lib/secure_headers/headers/x_xss_protection_spec.rb