-
Notifications
You must be signed in to change notification settings - Fork 368
/
cross-origin-embedder-policy.test.ts
44 lines (41 loc) · 1.37 KB
/
cross-origin-embedder-policy.test.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
import { check } from "./helpers";
import crossOriginEmbedderPolicy from "../middlewares/cross-origin-embedder-policy";
describe("Cross-Origin-Embedder-Policy middleware", () => {
it('sets "Cross-Origin-Embedder-Policy: same-origin" when called with no policy', async () => {
const expectedHeaders = {
"cross-origin-embedder-policy": "require-corp",
};
await check(crossOriginEmbedderPolicy(), expectedHeaders);
await check(crossOriginEmbedderPolicy({}), expectedHeaders);
await check(
crossOriginEmbedderPolicy(Object.create(null)),
expectedHeaders
);
await check(
crossOriginEmbedderPolicy({ policy: undefined }),
expectedHeaders
);
});
(["require-corp", "credentialless"] as const).forEach((policy) => {
it(`sets "Cross-Origin-Embedder-Policy: ${policy}" when told to`, async () => {
await check(crossOriginEmbedderPolicy({ policy }), {
"cross-origin-embedder-policy": policy,
});
});
});
it("throws when setting the policy to an invalid value", () => {
const invalidValues = [
"",
"foo",
"CREDENTIALLESS",
123,
null,
new String("credentialless"),
];
for (const policy of invalidValues) {
expect(() =>
crossOriginEmbedderPolicy({ policy: policy as any })
).toThrow(/^Cross-Origin-Embedder-Policy does not support /);
}
});
});