Select Git revision
index.test.js 11.02 KiB
const security = require('./index')
const express = require('express')
const superagent = require("superagent")
let app
let server
const mockReq = {
originalUrl: '/',
_setUrl: function (url) {
this.originalUrl = url
},
method: 'GET',
_setMethod: function(method) {
this.method = method
},
app: {
_router: {
stack: [{
route: {
path: '/'
}
}]
}
}
}
const mockRes = {
_headers: {
'X-Powered-By': 'my-server'
},
set: function(header, value) {
this._headers[header] = value
},
removeHeader: function(header) {
delete this._headers[header]
},
_status: 200,
status: function(status) {
this._status = status
return this
},
end: function() {
return undefined
}
}
describe('Unit Tests', () => {
beforeEach(() => {
mockRes._headers = { 'X-Powered-By': 'my-server'}
mockRes._status = 200
mockReq.originalUrl = '/'
mockReq.method = 'GET'
})
headerUnitTest('Cache-Control', 'CacheControl', 'no-cache, no-store, must-revalidate')
headerUnitTest('Pragma', 'Pragma', 'no-cache')
headerUnitTest('Expires', 'Expires', '0')
headerUnitTest('Content-Security-Policy', 'ContentSecurityPolicy', 'default-src \'self\'; frame-ancestors \'none\'')
headerUnitTest('X-XSS-Protection', 'XXSSProtection', '1; mode=block')
headerUnitTest('X-DNS-Prefetch-Control', 'XDNSPrefetchControl', 'off')
headerUnitTest('Expect-CT', 'ExpectCT', 'enforce; max-age=30; report-uri="/_report"')
headerUnitTest('X-Frame-Options', 'XFrameOptions', 'deny')
describe('Header: X-Powered-By', () => {
it('should remove Header if not defined', (done) => {
let sec = security()
sec(mockReq, mockRes, () => {
expect(mockRes._headers['X-Powered-By']).toBeUndefined()
done()
})
})
it('should not remove Header if set to false', (done) => {