Contents

require 'spec_helper'

module SecureHeaders
  describe XFrameOptions do
    specify{ XFrameOptions.new.name.should == "X-FRAME-OPTIONS" }

    describe "#value" do
      specify { XFrameOptions.new.value.should == XFrameOptions::Constants::DEFAULT_VALUE}
      specify { XFrameOptions.new("SAMEORIGIN").value.should == "SAMEORIGIN"}
      specify { XFrameOptions.new(:value => 'DENY').value.should == "DENY"}

      context "with invalid configuration" do
        it "allows SAMEORIGIN" do
          lambda {
            XFrameOptions.new("SAMEORIGIN").value
          }.should_not raise_error(XFOBuildError)
        end

        it "allows DENY" do
          lambda {
            XFrameOptions.new("DENY").value
          }.should_not raise_error(XFOBuildError)
        end

        it "allows ALLOW-FROM*" do
          lambda {
            XFrameOptions.new("ALLOW-FROM: example.com").value
          }.should_not raise_error(XFOBuildError)
        end
        it "does not allow garbage" do
          lambda {
            XFrameOptions.new("I like turtles").value
          }.should raise_error(XFOBuildError)
        end
      end
    end
  end
end

Version data entries

9 entries across 9 versions & 1 rubygems

Version	Path
secure_headers-0.4.3	spec/lib/secure_headers/headers/x_frame_options_spec.rb
secure_headers-0.4.2	spec/lib/secure_headers/headers/x_frame_options_spec.rb
secure_headers-0.4.1	spec/lib/secure_headers/headers/x_frame_options_spec.rb
secure_headers-0.4.0	spec/lib/secure_headers/headers/x_frame_options_spec.rb
secure_headers-0.3.0	spec/lib/secure_headers/headers/x_frame_options_spec.rb
secure_headers-0.2.1	spec/lib/secure_headers/headers/x_frame_options_spec.rb
secure_headers-0.2.0	spec/lib/secure_headers/headers/x_frame_options_spec.rb
secure_headers-0.1.1	spec/lib/secure_headers/headers/x_frame_options_spec.rb
secure_headers-0.1.0	spec/lib/secure_headers/headers/x_frame_options_spec.rb