thenatog commented on a change in pull request #3273: NIFI-5968 - Added the X-XSS-Protection and Strict-Transport-Security … URL: https://github.com/apache/nifi/pull/3273#discussion_r250238788
########## File path: nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-jetty/src/test/java/org/apache/nifi/web/server/JettyServerTest.java ########## @@ -155,29 +155,4 @@ public void testConfigureSslContextFactoryWithPkcsTrustStore() { verify(contextFactory).setTrustStoreType(trustStoreType); verify(contextFactory).setTrustStoreProvider(BouncyCastleProvider.PROVIDER_NAME); } - - @Test - public void testNoDuplicateXFrameOptions() throws NoSuchFieldException, IllegalAccessException, ServletException, IOException { Review comment: Removed. I think this was simply a bad test and that what it was checking for is handled by another unit test in HTTPHeaderFiltersTest. I also think I should probably add some integration tests to check for these HTTP headers in actual responses from JettyServer? But I didn't know where to get an example on how we do that. At the least, the tests in HTTPHeaderFiltersTest checks that each individual filter adds the headers we expect. ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services