summaryrefslogtreecommitdiff
path: root/tests/check_framework
diff options
context:
space:
mode:
authorbankc <bankc@google.com>2020-08-26 12:09:19 -0400
committerMariusz Felisiak <felisiak.mariusz@gmail.com>2021-03-30 19:59:24 +0200
commitdb5b75f10fe211af9fab9094f937436760db8488 (patch)
tree8a1ba3eb35bc2e16b68b2bbb195881774a8abbc2 /tests/check_framework
parentf6018c1e63a04e0c12e2ca759e76e05ccf5e09de (diff)
downloaddjango-db5b75f10fe211af9fab9094f937436760db8488.tar.gz
Fixed #31840 -- Added support for Cross-Origin Opener Policy header.
Thanks Adam Johnson and Tim Graham for the reviews. Co-authored-by: Tim Graham <timograham@gmail.com>
Diffstat (limited to 'tests/check_framework')
-rw-r--r--tests/check_framework/test_security.py25
1 files changed, 25 insertions, 0 deletions
diff --git a/tests/check_framework/test_security.py b/tests/check_framework/test_security.py
index 3a3b9cf774..774ba068f9 100644
--- a/tests/check_framework/test_security.py
+++ b/tests/check_framework/test_security.py
@@ -504,3 +504,28 @@ class CSRFFailureViewTest(SimpleTestCase):
csrf.check_csrf_failure_view(None),
[Error(msg, id='security.E101')],
)
+
+
+class CheckCrossOriginOpenerPolicyTest(SimpleTestCase):
+ @override_settings(
+ MIDDLEWARE=['django.middleware.security.SecurityMiddleware'],
+ SECURE_CROSS_ORIGIN_OPENER_POLICY=None,
+ )
+ def test_no_coop(self):
+ self.assertEqual(base.check_cross_origin_opener_policy(None), [])
+
+ @override_settings(MIDDLEWARE=['django.middleware.security.SecurityMiddleware'])
+ def test_with_coop(self):
+ tests = ['same-origin', 'same-origin-allow-popups', 'unsafe-none']
+ for value in tests:
+ with self.subTest(value=value), override_settings(
+ SECURE_CROSS_ORIGIN_OPENER_POLICY=value,
+ ):
+ self.assertEqual(base.check_cross_origin_opener_policy(None), [])
+
+ @override_settings(
+ MIDDLEWARE=['django.middleware.security.SecurityMiddleware'],
+ SECURE_CROSS_ORIGIN_OPENER_POLICY='invalid-value',
+ )
+ def test_with_invalid_coop(self):
+ self.assertEqual(base.check_cross_origin_opener_policy(None), [base.E024])
View Lorry Controller Status