MCPcopy
hub / github.com/django/django / test_dont_set_if_set

Method test_dont_set_if_set

tests/middleware/tests.py:818–840  ·  view source on GitHub ↗

If the X-Frame-Options header is already set then the middleware does not attempt to override it.

(self)

Source from the content-addressed store, hash-verified

816 self.assertEqual(r.headers["X-Frame-Options"], "DENY")
817
818 def test_dont_set_if_set(self):
819 """
820 If the X-Frame-Options header is already set then the middleware does
821 not attempt to override it.
822 """
823
824 def same_origin_response(request):
825 response = HttpResponse()
826 response.headers["X-Frame-Options"] = "SAMEORIGIN"
827 return response
828
829 def deny_response(request):
830 response = HttpResponse()
831 response.headers["X-Frame-Options"] = "DENY"
832 return response
833
834 with override_settings(X_FRAME_OPTIONS="DENY"):
835 r = XFrameOptionsMiddleware(same_origin_response)(HttpRequest())
836 self.assertEqual(r.headers["X-Frame-Options"], "SAMEORIGIN")
837
838 with override_settings(X_FRAME_OPTIONS="SAMEORIGIN"):
839 r = XFrameOptionsMiddleware(deny_response)(HttpRequest())
840 self.assertEqual(r.headers["X-Frame-Options"], "DENY")
841
842 def test_response_exempt(self):
843 """

Callers

nothing calls this directly

Calls 3

override_settingsClass · 0.90
HttpRequestClass · 0.90

Tested by

no test coverage detected