def test_cache_override(self): """ Check each part of the cache-control instruction can be overridden individually, or nullified """ with create_test_app().test_client() as client: # all 3 values are overriden, and "public" is added all_response = client.get("cache/all") all_cache = all_response.headers.get("Cache-Control") self.assertIn("public", all_cache) self.assertIn("max-age=4321", all_cache) self.assertIn("stale-while-revalidate=4321", all_cache) self.assertIn("stale-if-error=4321", all_cache) # all values are nullified, leading no cache-control header none_response = client.get("cache/none") none_cache = none_response.headers.get("Cache-Control") self.assertIsNone(none_cache) # only max-age is overridden, so the "stale" instructions remain max_age_response = client.get("cache/max-age") max_age_cache = max_age_response.headers.get("Cache-Control") self.assertNotIn("public", max_age_cache) self.assertIn("max-age=4321", max_age_cache) self.assertIn("stale-while-revalidate=86400", max_age_cache) self.assertIn("stale-if-error=300", max_age_cache) # only "stale-while-revalidate" is overridden stale_response = client.get("cache/stale") stale_cache = stale_response.headers.get("Cache-Control") self.assertNotIn("public", stale_cache) self.assertIn("max-age=60", stale_cache) self.assertIn("stale-while-revalidate=4321", stale_cache) self.assertIn("stale-if-error=300", stale_cache)
def test_security_headers(self): with create_test_app().test_client() as client: response = client.get("page") self.assertEqual( response.headers.get("X-Frame-Options"), "SAMEORIGIN", )
def test_status_endpoints(self): with create_test_app().test_client() as client: os.environ["TALISKER_REVISION_ID"] = "a-build-id" response = client.get("_status/check") self.assertEqual(response.status_code, 200) self.assertEqual(response.data.decode(), "a-build-id") self.assertEqual(response.headers.get("Cache-Control"), "no-store")
def test_cache_does_not_overide(self): with create_test_app().test_client() as client: cached_response = client.get("cache") self.assertEqual( cached_response.headers.get("Cache-Control"), "public, max-age=1000", )
def test_default_cache_headers(self): with create_test_app().test_client() as client: cached_response = client.get("page") self.assertEqual( cached_response.headers.get("Cache-Control"), "public, max-age=300, stale-while-revalidate=360", )
def test_static_files(self): flask_app = create_test_app() with flask_app.test_client() as client: # Check basic serving of static files works # status is 200, contents matches and cache is as expected plain_response = client.get("static/test.json") plain_cache = plain_response.headers.get("Cache-Control") self.assertEqual(plain_response.status_code, 200) self.assertEqual(plain_response.json["fish"], "chips") self.assertIn("public", plain_cache) max_age = flask_app.config["SEND_FILE_MAX_AGE_DEFAULT"] if max_age: self.assertIn(f"max-age={max_age.seconds}", plain_cache) else: self.assertIn("max-age=60", plain_cache) # Check hashed content is served with a year-long cache hash_response = client.get("static/test.json?v=527d233") hash_cache = hash_response.headers.get("Cache-Control") self.assertEqual(hash_response.status_code, 200) self.assertEqual(hash_response.json["fish"], "chips") self.assertIn("public", hash_cache) self.assertIn("max-age=31536000", hash_cache) # Check when hash doesn't match, we get a 404 not_found_response = client.get("static/test.json?v=527d234") self.assertEqual(not_found_response.status_code, 404)
def test_default_cache_headers(self): with create_test_app().test_client() as client: cached_response = client.get("page") cache = cached_response.headers.get("Cache-Control") self.assertNotIn("public", cache) self.assertIn("max-age=60", cache) self.assertIn("stale-while-revalidate=86400", cache) self.assertIn("stale-if-error=300", cache)
def test_favicon_serve(self): """ If `favicon_url` is provided, check requests to `/favicon.ico` receive a redirect """ local_app = create_test_app() with local_app.test_client() as client: response = client.get("/favicon.ico") self.assertEqual(200, response.status_code)
def test_clear_trailing_slash(self): with create_test_app().test_client() as client: response = client.get("/") self.assertEqual(200, response.status_code) response = client.get("/page") self.assertEqual(200, response.status_code) response = client.get("/page/") self.assertEqual(302, response.status_code) self.assertEqual("http://localhost/page", response.headers.get("Location"))
def test_error_pages(self): """ If "404.html" and "500.html" are provided as templates, check we get the response from those templates when we get an error """ with create_test_app().test_client() as client: response = client.get("non-existent-page") self.assertEqual(404, response.status_code) self.assertEqual(response.data, b"error 404") response = client.get("error") self.assertEqual(500, response.status_code) self.assertEqual(response.data, b"error 500")
def test_robots_humans(self): """ If `robots.txt` and `humans.txt` are provided at the root of the project, check requests to `/robots.txt` load the content """ with create_test_app().test_client() as client: warnings.simplefilter("ignore", ResourceWarning) robots_response = client.get("robots.txt") humans_response = client.get("humans.txt") self.assertEqual(200, robots_response.status_code) self.assertEqual(200, humans_response.status_code) self.assertEqual(robots_response.data, b"robots!") self.assertEqual(humans_response.data, b"humans!")
def test_text_files(self): """ If `robots.txt`, `humans.txt`, `security.txt` are provided at the root of the project, check requests to `/robots.txt` load the content """ with create_test_app().test_client() as client: warnings.simplefilter("ignore", ResourceWarning) robots_response = client.get("robots.txt") humans_response = client.get("humans.txt") security_response = client.get("/.well-known/security.txt") self.assertEqual(200, robots_response.status_code) self.assertEqual(200, humans_response.status_code) self.assertEqual(200, security_response.status_code) self.assertEqual(robots_response.data, b"robots!") self.assertEqual(humans_response.data, b"humans!") self.assertEqual(security_response.data, b"security is very important!")
def test_redirects_deleted(self): """ Check test_app/{redirects,permanent-redirects,deleted}.yaml are processed correctly """ with create_test_app().test_client() as client: redirect_response = client.get("redirect") self.assertEqual(302, redirect_response.status_code) self.assertEqual( redirect_response.headers.get("Location"), "https://httpbin.org/", ) permanent_response = client.get("permanent-redirect") self.assertEqual(301, permanent_response.status_code) self.assertEqual( permanent_response.headers.get("Location"), "https://example.com/", ) deleted_response = client.get("deleted") self.assertEqual(410, deleted_response.status_code) self.assertEqual(deleted_response.data, b"Deleted")
def test_vary_cookie_when_session(self): with create_test_app().test_client() as client: cached_response_with_session = client.get("auth") self.assertEqual( cached_response_with_session.headers.get("Vary"), "Cookie" )
def test_redirects_have_no_cache_headers(self): with create_test_app().test_client() as client: soft_redirect = client.get("soft-redirect") hard_redirect = client.get("hard-redirect") self.assertTrue("Cache-Control" not in soft_redirect.headers) self.assertTrue("Cache-Control" not in hard_redirect.headers)
def test_status_endpoints(self): with create_test_app().test_client() as client: response = client.get("_status/check") self.assertEqual(response.status_code, 200) self.assertEqual(response.data.decode(), "OK") self.assertEqual(response.headers.get("Cache-Control"), "no-store")