Source Code of org.springframework.security.web.header.writers.frameoptions.WhiteListedAllowFromStrategyTests

package org.springframework.security.web.header.writers.frameoptions;


import org.junit.Test;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.security.web.header.writers.frameoptions.WhiteListedAllowFromStrategy;


import java.util.ArrayList;
import java.util.List;


import static org.hamcrest.CoreMatchers.is;
import static org.springframework.test.util.MatcherAssertionErrors.assertThat;


/**
 * Test for the {@code WhiteListedAllowFromStrategy}.
 *
 * @author Marten Deinum
 * @since 3.2
 */
public class WhiteListedAllowFromStrategyTests {


    @Test(expected = IllegalArgumentException.class)
    public void emptyListShouldThrowException() {
        new WhiteListedAllowFromStrategy(new ArrayList<String>());
    }


    @Test(expected = IllegalArgumentException.class)
    public void nullListShouldThrowException() {
        new WhiteListedAllowFromStrategy(null);
    }


    @Test
    public void listWithSingleElementShouldMatch() {
        List<String> allowed = new ArrayList<String>();
        allowed.add("http://www.test.com");
        WhiteListedAllowFromStrategy strategy = new WhiteListedAllowFromStrategy(allowed);
        strategy.setAllowFromParameterName("from");
        MockHttpServletRequest request = new MockHttpServletRequest();
        request.setParameter("from", "http://www.test.com");


        String result = strategy.getAllowFromValue(request);
        assertThat(result, is("http://www.test.com"));
    }


    @Test
    public void listWithMultipleElementShouldMatch() {
        List<String> allowed = new ArrayList<String>();
        allowed.add("http://www.test.com");
        allowed.add("http://www.springsource.org");
        WhiteListedAllowFromStrategy strategy = new WhiteListedAllowFromStrategy(allowed);
        strategy.setAllowFromParameterName("from");
        MockHttpServletRequest request = new MockHttpServletRequest();
        request.setParameter("from", "http://www.test.com");


        String result = strategy.getAllowFromValue(request);
        assertThat(result, is("http://www.test.com"));
    }


    @Test
    public void listWithSingleElementShouldNotMatch() {
        List<String> allowed = new ArrayList<String>();
        allowed.add("http://www.test.com");
        WhiteListedAllowFromStrategy strategy = new WhiteListedAllowFromStrategy(allowed);
        strategy.setAllowFromParameterName("from");
        MockHttpServletRequest request = new MockHttpServletRequest();
        request.setParameter("from", "http://www.test123.com");


        String result = strategy.getAllowFromValue(request);
        assertThat(result, is("DENY"));
    }


    @Test
    public void requestWithoutParameterShouldNotMatch() {
        List<String> allowed = new ArrayList<String>();
        allowed.add("http://www.test.com");
        WhiteListedAllowFromStrategy strategy = new WhiteListedAllowFromStrategy(allowed);
        strategy.setAllowFromParameterName("from");
        MockHttpServletRequest request = new MockHttpServletRequest();


        String result = strategy.getAllowFromValue(request);
        assertThat(result, is("DENY"));


    }




}
Source Code of org.springframework.security.web.header.writers.frameoptions.WhiteListedAllowFromStrategyTests

Related Classes of org.springframework.security.web.header.writers.frameoptions.WhiteListedAllowFromStrategyTests
