wicket git commit: WICKET-6274 Add origin header to ajax requests in BaseWicketTester

Mon, 14 Nov 2016 12:13:17 -0800 

Repository: wicket
Updated Branches:
  refs/heads/wicket-6.x a05bffd88 -> 0884cddd3


WICKET-6274 Add origin header to ajax requests in BaseWicketTester


Project: http://git-wip-us.apache.org/repos/asf/wicket/repo
Commit: http://git-wip-us.apache.org/repos/asf/wicket/commit/0884cddd
Tree: http://git-wip-us.apache.org/repos/asf/wicket/tree/0884cddd
Diff: http://git-wip-us.apache.org/repos/asf/wicket/diff/0884cddd

Branch: refs/heads/wicket-6.x
Commit: 0884cddd3c77263d53f1148c4b651ed3c1eeab9c
Parents: a05bffd
Author: Artur Michałowski <[email protected]>
Authored: Sun Nov 6 15:33:04 2016 +0100
Committer: Martin Tzvetanov Grigorov <[email protected]>
Committed: Mon Nov 14 21:12:35 2016 +0100

----------------------------------------------------------------------
 .../protocol/http/CsrfPreventionRequestCycleListenerTest.java  | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/wicket/blob/0884cddd/wicket-core/src/test/java/org/apache/wicket/protocol/http/CsrfPreventionRequestCycleListenerTest.java
----------------------------------------------------------------------
diff --git 
a/wicket-core/src/test/java/org/apache/wicket/protocol/http/CsrfPreventionRequestCycleListenerTest.java
 
b/wicket-core/src/test/java/org/apache/wicket/protocol/http/CsrfPreventionRequestCycleListenerTest.java
index 4448175..a20aec1 100644
--- 
a/wicket-core/src/test/java/org/apache/wicket/protocol/http/CsrfPreventionRequestCycleListenerTest.java
+++ 
b/wicket-core/src/test/java/org/apache/wicket/protocol/http/CsrfPreventionRequestCycleListenerTest.java
@@ -82,8 +82,10 @@ public class CsrfPreventionRequestCycleListenerTest extends 
WicketTestCase
        @Test
        public void withoutOriginAllowed()
        {
+               csrfListener.setNoOriginAction(CsrfAction.ALLOW);
+               tester.addRequestHeader(WebRequest.HEADER_ORIGIN, null);
                tester.clickLink("link");
-               assertConflictingOriginsRequestAborted();
+               assertConflictingOriginsRequestAllowed();
        }
 
        /** Tests the alternative action of suppressing a request without 
Origin header */
@@ -91,6 +93,7 @@ public class CsrfPreventionRequestCycleListenerTest extends 
WicketTestCase
        public void withoutOriginSuppressed()
        {
                csrfListener.setNoOriginAction(CsrfAction.SUPPRESS);
+               tester.addRequestHeader(WebRequest.HEADER_ORIGIN, null);
                tester.clickLink("link");
                tester.assertRenderedPage(FirstPage.class);
                assertConflictingOriginsRequestSuppressed();
@@ -101,6 +104,7 @@ public class CsrfPreventionRequestCycleListenerTest extends 
WicketTestCase
        public void withoutOriginAborted()
        {
                csrfListener.setNoOriginAction(CsrfAction.ABORT);
+               tester.addRequestHeader(WebRequest.HEADER_ORIGIN, null);
                tester.clickLink("link");
                assertConflictingOriginsRequestAborted();
        }

Reply via email to