| 14 | ) |
| 15 | |
| 16 | func Test_Default(t *testing.T) { |
| 17 | app := fiber.New() |
| 18 | |
| 19 | app.Use(New()) |
| 20 | |
| 21 | app.Get("/", func(c fiber.Ctx) error { |
| 22 | return c.SendString("Hello, World!") |
| 23 | }) |
| 24 | |
| 25 | resp, err := app.Test(httptest.NewRequest(fiber.MethodGet, "/", http.NoBody)) |
| 26 | require.NoError(t, err) |
| 27 | require.Equal(t, "0", resp.Header.Get(fiber.HeaderXXSSProtection)) |
| 28 | require.Equal(t, "nosniff", resp.Header.Get(fiber.HeaderXContentTypeOptions)) |
| 29 | require.Equal(t, "SAMEORIGIN", resp.Header.Get(fiber.HeaderXFrameOptions)) |
| 30 | require.Empty(t, resp.Header.Get(fiber.HeaderContentSecurityPolicy)) |
| 31 | require.Equal(t, "no-referrer", resp.Header.Get(fiber.HeaderReferrerPolicy)) |
| 32 | require.Empty(t, resp.Header.Get(fiber.HeaderPermissionsPolicy)) |
| 33 | require.Equal(t, "require-corp", resp.Header.Get("Cross-Origin-Embedder-Policy")) |
| 34 | require.Equal(t, "same-origin", resp.Header.Get("Cross-Origin-Opener-Policy")) |
| 35 | require.Equal(t, "same-origin", resp.Header.Get("Cross-Origin-Resource-Policy")) |
| 36 | require.Equal(t, "?1", resp.Header.Get("Origin-Agent-Cluster")) |
| 37 | require.Equal(t, "off", resp.Header.Get("X-DNS-Prefetch-Control")) |
| 38 | require.Equal(t, "noopen", resp.Header.Get("X-Download-Options")) |
| 39 | require.Equal(t, "none", resp.Header.Get("X-Permitted-Cross-Domain-Policies")) |
| 40 | } |
| 41 | |
| 42 | func Test_CustomValues_AllHeaders(t *testing.T) { |
| 43 | app := fiber.New() |