/**
* Copyright 2007-2015, Kaazing Corporation. All rights reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.kaazing.specification.httpxe;
import static java.util.concurrent.TimeUnit.SECONDS;
import static org.junit.rules.RuleChain.outerRule;
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.DisableOnDebug;
import org.junit.rules.TestRule;
import org.junit.rules.Timeout;
import org.kaazing.k3po.junit.annotation.Specification;
import org.kaazing.k3po.junit.rules.K3poRule;
public class OriginSecurityIT {
private final K3poRule k3po = new K3poRule().setScriptRoot("org/kaazing/specification/httpxe/origin");
private final TestRule timeout = new DisableOnDebug(new Timeout(5, SECONDS));
@Rule
public final TestRule chain = outerRule(k3po).around(timeout);
@Test
@Specification({
"request.with.origin.header/request",
"request.with.origin.header/response"})
public void shouldPassWithOriginRequestHeader() throws Exception {
k3po.finish();
}
@Test
@Specification({
"unauthorized.request.with.origin.header/request",
"unauthorized.request.with.origin.header/response"})
public void shouldFailWithOriginRequestHeader() throws Exception {
k3po.finish();
}
@Test
@Specification({
"request.with.origin.header.and.x.origin.header/request",
"request.with.origin.header.and.x.origin.header/response"})
public void shouldPassWithOriginAndXoriginRequests() throws Exception {
k3po.finish();
}
@Test
@Specification({
"unauthorized.request.with.origin.header.and.x.origin.header/request",
"unauthorized.request.with.origin.header.and.x.origin.header/response"})
public void shouldFailWithOriginAndXoriginRequests() throws Exception {
k3po.finish();
}
@Test
@Specification({
"origin.request.using.ko.parameter/request",
"origin.request.using.ko.parameter/response"})
public void shouldPassWhenUsingKoParameter() throws Exception {
k3po.finish();
}
@Test
@Specification({
"origin.request.using.referer/request",
"origin.request.using.referer/response"})
public void shouldPassWithOnlyRefererAndXoriginRequest() throws Exception {
k3po.finish();
}
@Test
@Specification({
"unauthorized.origin.request.using.referer/request",
"unauthorized.origin.request.using.referer/response"})
public void shouldFailWithOnlyRefererAndXoriginRequest() throws Exception {
k3po.finish();
}
@Test
@Specification({
"x.origin.header.not.identical.to.origin.header/request",
"x.origin.header.not.identical.to.origin.header/response"})
public void shouldPassWhenXoriginHeaderDiffersFromOriginHeader() throws Exception {
k3po.finish();
}
@Test
@Specification({
"unauthorized.x.origin.header.not.identical.to.origin.header/request",
"unauthorized.x.origin.header.not.identical.to.origin.header/response"})
public void shouldFailWhenXoriginHeaderDiffersFromOriginHeader() throws Exception {
k3po.finish();
}
@Test
@Specification({
"request.with.kac.parameter/request",
"request.with.kac.parameter/response"})
public void shouldPassWithAccessControlWithKacParameter() throws Exception {
k3po.finish();
}
@Test
@Specification({
"x.origin.encoded.request.header/request",
"x.origin.encoded.request.header/response"})
public void shouldPassWithEncodedXoriginRequest() throws Exception {
k3po.finish();
}
@Test
@Specification({
"unauthorized.x.origin.encoded.request.header/request",
"unauthorized.x.origin.encoded.request.header/response"})
public void shouldFailWithEncodedXoriginRequest() throws Exception {
k3po.finish();
}
@Test
@Specification({
"unauthorized.x.origin.encoded.request.header.1/request",
"unauthorized.x.origin.encoded.request.header.1/response"})
public void shouldFailWithEncodedXoriginRequest1() throws Exception {
k3po.finish();
}
@Test
@Specification({
"unauthorized.x.origin.encoded.request.header.2/request",
"unauthorized.x.origin.encoded.request.header.2/response"})
public void shouldFailWithEncodedXoriginRequest2() throws Exception {
k3po.finish();
}
}