Merge pull request #46 from alphagov/add-useful-headers

Add some useful owasp suggested headers
2026-02-05 02:42:26 -05:00 · 2016-01-07 15:39:51 +00:00
parent cce3c91c4a 4345eea9f9
commit afd03ea5bf
2 changed files with 18 additions and 0 deletions
--- a/tests/app/main/views/test_headers.py
+++ b/tests/app/main/views/test_headers.py
@@ -0,0 +1,8 @@
+
+def test_owasp_useful_headers_set(notifications_admin):
+    with notifications_admin.test_request_context():
+        response = notifications_admin.test_client().get('/')
+    assert response.status_code == 200
+    assert response.headers['X-Frame-Options'] == 'deny'
+    assert response.headers['X-Content-Type-Options'] == 'nosniff'
+    assert response.headers['X-XSS-Protection'] == '1; mode=block'