class TestSecureHeadersMiddleware(TestCase):
def setUp(self):
super().setUp()
self.request = Request(generate_wsgi())
self.middleware = SecureHeadersMiddleware(self.request)
self.container.bind('Request', self.request.load_app(self.container))
self.request = self.container.make('Request')
def test_secure_headers_middleware(self):
self.middleware.after()
self.assertEqual(self.request.header('Strict-Transport-Security'),
'max-age=63072000; includeSubdomains')
self.assertEqual(self.request.header('X-Frame-Options'), 'SAMEORIGIN')
def test_secure_headers_gets_middleware_from_the_config(self):
self.request = self.container.make('Request')
self.middleware.after()
self.assertEqual(self.request.header('X-Content-Type-Options'),
'sniff-test')
def change_header(self, request: Request):
request.header('Content-Type', 'application/xml')
return 'test'
