Test HSTS header
This commit is contained in:
parent
42f5af27f0
commit
e16075a702
2 changed files with 13 additions and 2 deletions
|
@ -29,7 +29,9 @@ export default function createServer(opts : Options) : express.Application {
|
|||
|
||||
if (!opts.allowHttp) {
|
||||
app.use(helmet.hsts({
|
||||
maxAge: 5184000
|
||||
maxAge: 5184000,
|
||||
setIf: () => true,
|
||||
includeSubdomains: false
|
||||
}));
|
||||
}
|
||||
|
||||
|
|
|
@ -49,7 +49,8 @@ describe('Server', function () {
|
|||
dirList: false,
|
||||
serveDir: 'site/',
|
||||
opbeat: false,
|
||||
open: false
|
||||
open: false,
|
||||
allowHttp: false
|
||||
} as Options;
|
||||
|
||||
it('Should have no powered by header', function (done) {
|
||||
|
@ -119,5 +120,13 @@ describe('Server', function () {
|
|||
done();
|
||||
});
|
||||
});
|
||||
|
||||
it('Should have HSTS header', function (done) {
|
||||
runServer(SERVER_SETTINGS, '/index.html', function (response : any) {
|
||||
expect(response.status).to.equal(200);
|
||||
expect(response.headers.get('strict-transport-security')).to.contain('5184000');
|
||||
done();
|
||||
});
|
||||
});
|
||||
});
|
||||
});
|
||||
|
|
Reference in a new issue