@Test public void headersWhenHstsCustomThenCustomHstsWritten() { this.expectedHeaders.remove(StrictTransportSecurityServerHttpHeadersWriter.STRICT_TRANSPORT_SECURITY); this.expectedHeaders.add(StrictTransportSecurityServerHttpHeadersWriter.STRICT_TRANSPORT_SECURITY, "max-age=60"); this.headers.hsts() .maxAge(Duration.ofSeconds(60)) .includeSubdomains(false); assertHeaders(); }
@Test public void headersWhenHstsCustomWithPreloadThenCustomHstsWritten() { this.expectedHeaders.remove(StrictTransportSecurityServerHttpHeadersWriter.STRICT_TRANSPORT_SECURITY); this.expectedHeaders.add(StrictTransportSecurityServerHttpHeadersWriter.STRICT_TRANSPORT_SECURITY, "max-age=60 ; includeSubDomains ; preload"); this.headers.hsts() .maxAge(Duration.ofSeconds(60)) .preload(true); assertHeaders(); }
/** * Configures the Strict Transport Security response headers * @return the {@link HstsSpec} to configure */ public HstsSpec hsts() { return new HstsSpec(); }
/** * Configures the Strict Transport Security response headers * @return the {@link HstsSpec} to configure */ public HstsSpec hsts() { return new HstsSpec(); }
@Test public void headersWhenHstsDisableThenHstsNotWritten() { expectHeaderNamesNotPresent(StrictTransportSecurityServerHttpHeadersWriter.STRICT_TRANSPORT_SECURITY); this.headers.hsts().disable(); assertHeaders(); }
/** * Configures the Strict Transport Security response headers * @return the {@link HstsSpec} to configure */ public HstsSpec hsts() { return new HstsSpec(); }