X-Frame-Options removed.

This commit is contained in:
Tomasz Drwięga 2017-07-10 09:42:35 +02:00
parent ad67ea0eb5
commit b0f1f8307d
No known key found for this signature in database
GPG Key ID: D066F497E62CAF66

View File

@ -102,12 +102,7 @@ pub fn request(address: &SocketAddr, request: &str) -> Response {
/// Check if all required security headers are present /// Check if all required security headers are present
pub fn assert_security_headers_present(headers: &[String], port: Option<u16>) { pub fn assert_security_headers_present(headers: &[String], port: Option<u16>) {
if let Some(port) = port { if let None = port {
assert!(
headers.iter().find(|header| header.as_str() == &format!("X-Frame-Options: ALLOW-FROM http://127.0.0.1:{}", port)).is_some(),
"X-Frame-Options: ALLOW-FROM missing: {:?}", headers
);
} else {
assert!( assert!(
headers.iter().find(|header| header.as_str() == "X-Frame-Options: SAMEORIGIN").is_some(), headers.iter().find(|header| header.as_str() == "X-Frame-Options: SAMEORIGIN").is_some(),
"X-Frame-Options: SAMEORIGIN missing: {:?}", headers "X-Frame-Options: SAMEORIGIN missing: {:?}", headers