/
x-permitted-cross-domain-policies.test.ts
48 lines (45 loc) · 1.56 KB
/
x-permitted-cross-domain-policies.test.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
import { check } from "./helpers";
import xPermittedCrossDomainPolicies from "../middlewares/x-permitted-cross-domain-policies";
describe("X-Permitted-Cross-Domain-Policies middleware", () => {
it('sets "X-Permitted-Cross-Domain-Policies: none" when called with no permitted policies', async () => {
const expectedHeaders = {
"x-permitted-cross-domain-policies": "none",
};
await check(xPermittedCrossDomainPolicies(), expectedHeaders);
await check(xPermittedCrossDomainPolicies({}), expectedHeaders);
await check(
xPermittedCrossDomainPolicies(Object.create(null)),
expectedHeaders
);
await check(
xPermittedCrossDomainPolicies({ permittedPolicies: undefined }),
expectedHeaders
);
});
(["none", "master-only", "by-content-type", "all"] as const).forEach(
(permittedPolicies) => {
it(`sets "X-Permitted-Cross-Domain-Policies: ${permittedPolicies}" when told to`, async () => {
await check(xPermittedCrossDomainPolicies({ permittedPolicies }), {
"x-permitted-cross-domain-policies": permittedPolicies,
});
});
}
);
it("throws when setting the policy to an invalid value", () => {
const invalidValues = [
"",
"NONE",
"by-ftp-filename",
123,
null,
new String("none"),
];
for (const permittedPolicies of invalidValues) {
expect(() =>
xPermittedCrossDomainPolicies({
permittedPolicies: permittedPolicies as any,
})
).toThrow(/^X-Permitted-Cross-Domain-Policies does not support /);
}
});
});