MCPcopy
hub / github.com/django/django / test_response_exempt

Method test_response_exempt

tests/middleware/tests.py:842–863  ·  view source on GitHub ↗

If the response has an xframe_options_exempt attribute set to False then it still sets the header, but if it's set to True then it doesn't.

(self)

Source from the content-addressed store, hash-verified

840 self.assertEqual(r.headers["X-Frame-Options"], "DENY")
841
842 def test_response_exempt(self):
843 """
844 If the response has an xframe_options_exempt attribute set to False
845 then it still sets the header, but if it's set to True then it doesn't.
846 """
847
848 def xframe_exempt_response(request):
849 response = HttpResponse()
850 response.xframe_options_exempt = True
851 return response
852
853 def xframe_not_exempt_response(request):
854 response = HttpResponse()
855 response.xframe_options_exempt = False
856 return response
857
858 with override_settings(X_FRAME_OPTIONS="SAMEORIGIN"):
859 r = XFrameOptionsMiddleware(xframe_not_exempt_response)(HttpRequest())
860 self.assertEqual(r.headers["X-Frame-Options"], "SAMEORIGIN")
861
862 r = XFrameOptionsMiddleware(xframe_exempt_response)(HttpRequest())
863 self.assertIsNone(r.headers.get("X-Frame-Options"))
864
865 def test_is_extendable(self):
866 """

Callers

nothing calls this directly

Calls 4

override_settingsClass · 0.90
HttpRequestClass · 0.90
getMethod · 0.45

Tested by

no test coverage detected