wicket git commit: WICKET-6274 Add origin header to ajax requests in BaseWicketTester

Mon, 14 Nov 2016 12:11:19 -0800 

Repository: wicket
Updated Branches:
  refs/heads/wicket-7.x 8effc799a -> 9aff085e4


WICKET-6274 Add origin header to ajax requests in BaseWicketTester


Project: http://git-wip-us.apache.org/repos/asf/wicket/repo
Commit: http://git-wip-us.apache.org/repos/asf/wicket/commit/9aff085e
Tree: http://git-wip-us.apache.org/repos/asf/wicket/tree/9aff085e
Diff: http://git-wip-us.apache.org/repos/asf/wicket/diff/9aff085e

Branch: refs/heads/wicket-7.x
Commit: 9aff085e4387222ac48ea5984d7e5141f5c0faa8
Parents: 8effc79
Author: Artur Michałowski <[email protected]>
Authored: Sun Nov 6 15:33:04 2016 +0100
Committer: Martin Tzvetanov Grigorov <[email protected]>
Committed: Mon Nov 14 21:10:20 2016 +0100

----------------------------------------------------------------------
 .../protocol/http/CsrfPreventionRequestCycleListenerTest.java  | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/wicket/blob/9aff085e/wicket-core/src/test/java/org/apache/wicket/protocol/http/CsrfPreventionRequestCycleListenerTest.java
----------------------------------------------------------------------
diff --git 
a/wicket-core/src/test/java/org/apache/wicket/protocol/http/CsrfPreventionRequestCycleListenerTest.java
 
b/wicket-core/src/test/java/org/apache/wicket/protocol/http/CsrfPreventionRequestCycleListenerTest.java
index 3db62ab..50dc656 100644
--- 
a/wicket-core/src/test/java/org/apache/wicket/protocol/http/CsrfPreventionRequestCycleListenerTest.java
+++ 
b/wicket-core/src/test/java/org/apache/wicket/protocol/http/CsrfPreventionRequestCycleListenerTest.java
@@ -82,8 +82,10 @@ public class CsrfPreventionRequestCycleListenerTest extends 
WicketTestCase
        @Test
        public void withoutOriginAllowed()
        {
+               csrfListener.setNoOriginAction(CsrfAction.ALLOW);
+               tester.addRequestHeader(WebRequest.HEADER_ORIGIN, null);
                tester.clickLink("link");
-               assertConflictingOriginsRequestAborted();
+               assertConflictingOriginsRequestAllowed();
        }
 
        /** Tests the alternative action of suppressing a request without 
Origin header */
@@ -91,6 +93,7 @@ public class CsrfPreventionRequestCycleListenerTest extends 
WicketTestCase
        public void withoutOriginSuppressed()
        {
                csrfListener.setNoOriginAction(CsrfAction.SUPPRESS);
+               tester.addRequestHeader(WebRequest.HEADER_ORIGIN, null);
                tester.clickLink("link");
                tester.assertRenderedPage(FirstPage.class);
                assertConflictingOriginsRequestSuppressed();
@@ -101,6 +104,7 @@ public class CsrfPreventionRequestCycleListenerTest extends 
WicketTestCase
        public void withoutOriginAborted()
        {
                csrfListener.setNoOriginAction(CsrfAction.ABORT);
+               tester.addRequestHeader(WebRequest.HEADER_ORIGIN, null);
                tester.clickLink("link");
                assertConflictingOriginsRequestAborted();
        }

Reply via email to