ensure that hpkp is set when provided

github · Sep 23, 2015 · 6ed1c41 · 6ed1c41
1 parent 1a47c6a
commit 6ed1c41
Showing 1 changed file with 12 additions and 0 deletions.
diff --git a/spec/lib/secure_headers_spec.rb b/spec/lib/secure_headers_spec.rb
@@ -178,16 +178,28 @@ def expect_default_values(hash)
     it "produces a hash with a mix of config values, override values, and default values" do
       ::SecureHeaders::Configuration.configure do |config|
         config.hsts = { :max_age => '123456'}
+        config.hpkp = {
+          :enforce => true,
+          :max_age => 1000000,
+          :include_subdomains => true,
+          :report_uri => '//example.com/uri-directive',
+          :pins => [
+            {:sha256 => 'abc'},
+            {:sha256 => '123'}
+          ]
+        }
       end
 
       hash = SecureHeaders::header_hash(:csp => {:default_src => 'none', :img_src => "data:", :disable_fill_missing => true})
       ::SecureHeaders::Configuration.configure do |config|
         config.hsts = nil
+        config.hpkp = nil
       end
 
       expect(hash['Content-Security-Policy-Report-Only']).to eq("default-src 'none'; img-src data:;")
       expect(hash[XFO_HEADER_NAME]).to eq(SecureHeaders::XFrameOptions::Constants::DEFAULT_VALUE)
       expect(hash[HSTS_HEADER_NAME]).to eq("max-age=123456")
+      expect(hash[HPKP_HEADER_NAME]).to eq(%{max-age=1000000; pin-sha256="abc"; pin-sha256="123"; report-uri="//example.com/uri-directive"; includeSubDomains})
     end
 
     it "produces a hash of headers with default config" do