mirrors
/
gitea
mirror of https://github.com/go-gitea/gitea.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 211 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
11346 Commits
17 Branches
Tree: c29620c05f
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'c29620c05f'
${ noResults }
gitea/integrations/download_test.go

download_test.go 2.0KB
Raw Blame History

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364 
  1. // Copyright 2018 The Gitea Authors. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package integrations

  6. 

  7. import (

  8. 	"net/http"

  9. 	"testing"

  10. 

  11. 	"github.com/stretchr/testify/assert"

  12. )

  13. 

  14. func TestDownloadByID(t *testing.T) {

  15. 	defer prepareTestEnv(t)()

  16. 

  17. 	session := loginUser(t, "user2")

  18. 

  19. 	// Request raw blob

  20. 	req := NewRequest(t, "GET", "/user2/repo1/raw/blob/4b4851ad51df6a7d9f25c979345979eaeb5b349f")

  21. 	resp := session.MakeRequest(t, req, http.StatusOK)

  22. 

  23. 	assert.Equal(t, "# repo1\n\nDescription for repo1", resp.Body.String())

  24. }

  25. 

  26. func TestDownloadByIDForSVGUsesSecureHeaders(t *testing.T) {

  27. 	defer prepareTestEnv(t)()

  28. 

  29. 	session := loginUser(t, "user2")

  30. 

  31. 	// Request raw blob

  32. 	req := NewRequest(t, "GET", "/user2/repo2/raw/blob/6395b68e1feebb1e4c657b4f9f6ba2676a283c0b")

  33. 	resp := session.MakeRequest(t, req, http.StatusOK)

  34. 

  35. 	assert.Equal(t, "default-src 'none'; style-src 'unsafe-inline'; sandbox", resp.HeaderMap.Get("Content-Security-Policy"))

  36. 	assert.Equal(t, "image/svg+xml", resp.HeaderMap.Get("Content-Type"))

  37. 	assert.Equal(t, "nosniff", resp.HeaderMap.Get("X-Content-Type-Options"))

  38. }

  39. 

  40. func TestDownloadByIDMedia(t *testing.T) {

  41. 	defer prepareTestEnv(t)()

  42. 

  43. 	session := loginUser(t, "user2")

  44. 

  45. 	// Request raw blob

  46. 	req := NewRequest(t, "GET", "/user2/repo1/media/blob/4b4851ad51df6a7d9f25c979345979eaeb5b349f")

  47. 	resp := session.MakeRequest(t, req, http.StatusOK)

  48. 

  49. 	assert.Equal(t, "# repo1\n\nDescription for repo1", resp.Body.String())

  50. }

  51. 

  52. func TestDownloadByIDMediaForSVGUsesSecureHeaders(t *testing.T) {

  53. 	defer prepareTestEnv(t)()

  54. 

  55. 	session := loginUser(t, "user2")

  56. 

  57. 	// Request raw blob

  58. 	req := NewRequest(t, "GET", "/user2/repo2/media/blob/6395b68e1feebb1e4c657b4f9f6ba2676a283c0b")

  59. 	resp := session.MakeRequest(t, req, http.StatusOK)

  60. 

  61. 	assert.Equal(t, "default-src 'none'; style-src 'unsafe-inline'; sandbox", resp.HeaderMap.Get("Content-Security-Policy"))

  62. 	assert.Equal(t, "image/svg+xml", resp.HeaderMap.Get("Content-Type"))

  63. 	assert.Equal(t, "nosniff", resp.HeaderMap.Get("X-Content-Type-Options"))

  64. }