With SECURE_HSTS_SECONDS non-zero and SECURE_HSTS_PRELOAD False, the middleware adds a "Strict-Transport-Security" header without the "preload" directive to the response.
(self)
| 142 | |
| 143 | @override_settings(SECURE_HSTS_SECONDS=10886400, SECURE_HSTS_PRELOAD=False) |
| 144 | def test_sts_no_preload(self): |
| 145 | """ |
| 146 | With SECURE_HSTS_SECONDS non-zero and SECURE_HSTS_PRELOAD |
| 147 | False, the middleware adds a "Strict-Transport-Security" header without |
| 148 | the "preload" directive to the response. |
| 149 | """ |
| 150 | response = self.process_response(secure=True) |
| 151 | self.assertEqual( |
| 152 | response.headers["Strict-Transport-Security"], |
| 153 | "max-age=10886400", |
| 154 | ) |
| 155 | |
| 156 | @override_settings(SECURE_CONTENT_TYPE_NOSNIFF=True) |
| 157 | def test_content_type_on(self): |
nothing calls this directly
no test coverage detected