thenatog commented on a change in pull request #3273: NIFI-5968 - Added the
X-XSS-Protection and Strict-Transport-Security …
URL: https://github.com/apache/nifi/pull/3273#discussion_r250238788
##########
File path:
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-jetty/src/test/java/org/apache/nifi/web/server/JettyServerTest.java
##########
@@ -155,29 +155,4 @@ public void
testConfigureSslContextFactoryWithPkcsTrustStore() {
verify(contextFactory).setTrustStoreType(trustStoreType);
verify(contextFactory).setTrustStoreProvider(BouncyCastleProvider.PROVIDER_NAME);
}
-
- @Test
- public void testNoDuplicateXFrameOptions() throws NoSuchFieldException,
IllegalAccessException, ServletException, IOException {
Review comment:
Removed. I think this was simply a bad test and that what it was checking
for is handled by another unit test in HTTPHeaderFiltersTest.
I also think I should probably add some integration tests to check for these
HTTP headers in actual responses from JettyServer? But I didn't know where to
get an example on how we do that. At the least, the tests in
HTTPHeaderFiltersTest checks that each individual filter adds the headers we
expect.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
