Test HSTS header
This commit is contained in:
parent
42f5af27f0
commit
e16075a702
GPG key ID:
57AFB45680EDD477
2 changed files with 13 additions and 2 deletions
|
|
@ -29,7 +29,9 @@ export default function createServer(opts : Options) : express.Application {
|
||||||
|
|
||||||
if (!opts.allowHttp) {
|
if (!opts.allowHttp) {
|
||||||
app.use(helmet.hsts({
|
app.use(helmet.hsts({
|
||||||
maxAge: 5184000
|
maxAge: 5184000,
|
||||||
|
setIf: () => true,
|
||||||
|
includeSubdomains: false
|
||||||
}));
|
}));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -49,7 +49,8 @@ describe('Server', function () {
|
||||||
dirList: false,
|
dirList: false,
|
||||||
serveDir: 'site/',
|
serveDir: 'site/',
|
||||||
opbeat: false,
|
opbeat: false,
|
||||||
open: false
|
open: false,
|
||||||
|
allowHttp: false
|
||||||
} as Options;
|
} as Options;
|
||||||
|
|
||||||
it('Should have no powered by header', function (done) {
|
it('Should have no powered by header', function (done) {
|
||||||
|
|
@ -119,5 +120,13 @@ describe('Server', function () {
|
||||||
done();
|
done();
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
|
it('Should have HSTS header', function (done) {
|
||||||
|
runServer(SERVER_SETTINGS, '/index.html', function (response : any) {
|
||||||
|
expect(response.status).to.equal(200);
|
||||||
|
expect(response.headers.get('strict-transport-security')).to.contain('5184000');
|
||||||
|
done();
|
||||||
|
});
|
||||||
|
});
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
|
||||||
Reference in a new issue