mirror of
https://github.com/rails/rails.git
synced 2022-11-09 12:12:34 -05:00
31 lines
871 B
Ruby
31 lines
871 B
Ruby
|
require "abstract_unit"
|
||
|
|
||
|
class MetalControllerInstanceTests < ActiveSupport::TestCase
|
||
|
class SimpleController < ActionController::Metal
|
||
|
def hello
|
||
|
self.response_body = "hello"
|
||
|
end
|
||
|
end
|
||
|
|
||
|
def test_response_has_default_headers
|
||
|
original_default_headers = ActionDispatch::Response.default_headers
|
||
|
|
||
|
ActionDispatch::Response.default_headers = {
|
||
|
"X-Frame-Options" => "DENY",
|
||
|
"X-Content-Type-Options" => "nosniff",
|
||
|
"X-XSS-Protection" => "1;"
|
||
|
}
|
||
|
|
||
|
response_headers = SimpleController.action("hello").call(
|
||
|
"REQUEST_METHOD" => "GET",
|
||
|
"rack.input" => -> {}
|
||
|
)[1]
|
||
|
|
||
|
refute response_headers.key?("X-Frame-Options")
|
||
|
refute response_headers.key?("X-Content-Type-Options")
|
||
|
refute response_headers.key?("X-XSS-Protection")
|
||
|
ensure
|
||
|
ActionDispatch::Response.default_headers = original_default_headers
|
||
|
end
|
||
|
end
|