diff options
author | Ed Tanous <edtanous@google.com> | 2023-09-02 00:20:50 +0300 |
---|---|---|
committer | Ed Tanous <ed@tanous.net> | 2023-12-05 21:54:28 +0300 |
commit | 4fa45dffd1ece21a468ed32850428b3b41bc8093 (patch) | |
tree | da14af66150c4b652c8aeb5c42d1e5789ac04cdd /include | |
parent | 7164bc62dd26ec92b01985aaae97ecc48276dea5 (diff) | |
download | bmcweb-4fa45dffd1ece21a468ed32850428b3b41bc8093.tar.xz |
Unit test Connection
Boost asio provides a test stream object that we can use to begin unit
testing the connection object. This patchset uses it to re-enable
some simple http1.1 tests. There's some features that have snuck into
the connection class that aren't compatible with a stream (like ip
address getting), so unfortunately we do need the connection class to
be aware if it's in test mode, but that tradeoff seems worthwhile.
Tested: Unit test pass.
Change-Id: Id8b1f8866582b58502dbafe6139f841bf64b8ef3
Signed-off-by: Ed Tanous <edtanous@google.com>
Diffstat (limited to 'include')
-rw-r--r-- | include/security_headers.hpp | 3 |
1 files changed, 0 insertions, 3 deletions
diff --git a/include/security_headers.hpp b/include/security_headers.hpp index 1b9e984dd2..236b367fac 100644 --- a/include/security_headers.hpp +++ b/include/security_headers.hpp @@ -56,13 +56,10 @@ inline void addSecurityHeaders(const crow::Request& req [[maybe_unused]], "screen-wak-lock=()," "web-share=()," "xr-spatial-tracking=()"); - res.addHeader("X-Permitted-Cross-Domain-Policies", "none"); - res.addHeader("Cross-Origin-Embedder-Policy", "require-corp"); res.addHeader("Cross-Origin-Opener-Policy", "same-origin"); res.addHeader("Cross-Origin-Resource-Policy", "same-origin"); - if (bmcwebInsecureDisableXssPrevention == 0) { res.addHeader("Content-Security-Policy", "default-src 'none'; " |