Example #1
0
    def test_frame_deny_exempt(self):
        """
        If the response has the _frame_deny_exempt attribute set to True, the
        middleware does not add an "x-frame-options" header to the response.

        """
        response = HttpResponse()
        response._frame_deny_exempt = True
        response = self.middleware.process_response("not used", response)
        self.assertFalse("x-frame-options" in response)