Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

update tests for HttpOnly protection against XSS

  • Loading branch information...
commit 665d4f8b6ebfbcbdef90be0e402e6a1170997769 1 parent a2e5c87
@caolan authored
Showing with 5 additions and 5 deletions.
  1. +5 −5 test/test-cookie-sessions.js
View
10 test/test-cookie-sessions.js
@@ -351,7 +351,7 @@ exports['writeHead'] = function(test){
headers['Set-Cookie'],
'_node=serialized_session; ' +
'expires=expiry_date; ' +
- 'path=/'
+ 'path=/; HttpOnly'
);
test.equals(headers['original'], 'header');
}
@@ -422,7 +422,7 @@ exports['writeHead writes empty cookie with immediate expiration if session is u
headers['Set-Cookie'],
'_node=; ' +
'expires=now; ' +
- 'path=/'
+ 'path=/; HttpOnly'
);
test.equals(headers['original'], 'header');
}
@@ -494,7 +494,7 @@ exports['set multiple cookies'] = function(test){
['Set-Cookie', 'testcookie=testvalue'],
['Set-Cookie', '_node=session_data; ' +
'expires=expiry_date; ' +
- 'path=/']
+ 'path=/; HttpOnly']
]);
sessions.serialize = _serialize;
sessions.expires = _expires;
@@ -530,7 +530,7 @@ exports['set single cookie'] = function(test){
'other_header': 'val',
'Set-Cookie': '_node=session_data; ' +
'expires=expiry_date; ' +
- 'path=/'
+ 'path=/; HttpOnly'
});
sessions.serialize = _serialize;
sessions.expires = _expires;
@@ -563,7 +563,7 @@ exports['handle headers as array'] = function(test){
['header2', 'val2'],
['Set-Cookie', '_node=session_data; ' +
'expires=expiry_date; ' +
- 'path=/']
+ 'path=/; HttpOnly']
]);
sessions.serialize = _serialize;
test.done();
Please sign in to comment.
Something went wrong with that request. Please try again.