vhad/DefinitelyTyped
1
0
Fork 0
mirror of https://github.com/gosticks/DefinitelyTyped.git synced 2025-10-16 12:05:41 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
fix-react-test-merge-conflict
DefinitelyTyped/types/helmet/helmet-tests.ts
chdanielmueller e06aadbe40
Including both options
2019-03-07 16:45:40 +01:00

247 lines
6.3 KiB
TypeScript
Raw Permalink Blame History

import express = require("express")
import helmet = require("helmet");
var app = express();
/**
* @summary Test for {@see helmet}.
*/
function helmetTest() {
app.use(helmet());
app.use(helmet({}));
app.use(helmet({ frameguard: false }));
app.use(helmet({ frameguard: true }));
app.use(helmet({
frameguard: {
action: 'deny'
}
}));
}
/**
* @summary Test for {@see helmet#contentSecurityPolicy} function.
*/
function contentSecurityPolicyTest() {
const emptyArray: string[] = [];
const config: helmet.IHelmetContentSecurityPolicyConfiguration = {
directives: {
baseUri: ['base.example.com'],
blockAllMixedContent: true,
childSrc: ['child.example.com'],
connectSrc: ['connect.example.com'],
defaultSrc: ['*'],
fontSrc: ['font.example.com'],
formAction: ['formaction.example.com'],
frameAncestors: ["'none'"],
frameSrc: emptyArray,
imgSrc: ['images.example.com'],
mediaSrc: ['media.example.com'],
manifestSrc: ['manifest.example.com'],
objectSrc: ['objects.example.com'],
pluginTypes: emptyArray,
prefetchSrc: ['prefetch.example.com'],
reportUri: '/some-url',
reportTo: 'report.example.com',
requireSriFor: emptyArray,
sandbox: ['allow-presentation'],
scriptSrc: ['scripts.example.com', function (req: express.Request, res: express.Response) {
return "'nonce-abc123'";
}],
styleSrc: ['css.example.com'],
upgradeInsecureRequests: true,
workerSrc: ['worker.example.com']
},
reportOnly: false,
setAllHeaders: false,
disableAndroid: false
};
function reportUriCb(req: express.Request, res: express.Response) { return '/some-uri'; }
function reportOnlyCb(req: express.Request, res: express.Response) { return false; }
app.use(helmet.contentSecurityPolicy());
app.use(helmet.contentSecurityPolicy({}));
app.use(helmet.contentSecurityPolicy(config));
app.use(helmet.contentSecurityPolicy({
directives: {
defaultSrc: ["'self'"],
reportUri: reportUriCb,
'report-uri': reportUriCb,
reportTo: reportUriCb,
'report-to': reportUriCb
},
reportOnly: reportOnlyCb,
loose: false,
setAllHeaders: true
}));
}
/**
* @summary Test for {@see helmet#dnsPrefetchControl} function.
*/
function dnsPrefetchControlTest() {
app.use(helmet.dnsPrefetchControl());
app.use(helmet.dnsPrefetchControl({ allow: false }));
app.use(helmet.dnsPrefetchControl({ allow: true }));
}
/**
* @summary Test for {@see helmet#frameguard} function.
*/
function frameguardTest() {
app.use(helmet.frameguard());
app.use(helmet.frameguard({}));
app.use(helmet.frameguard({ action: 'deny' }));
app.use(helmet.frameguard({ action: 'sameorigin' }));
app.use(helmet.frameguard({
action: 'allow-from',
domain: 'http://example.com'
}));
}
/**
* @summary Test for {@see helmet#hidePoweredBy} function.
*/
function hidePoweredBy() {
app.use(helmet.hidePoweredBy());
app.use(helmet.hidePoweredBy({}));
app.use(helmet.hidePoweredBy({ setTo: 'PHP 4.2.0' }));
}
/**
* @summary Test for {@see helmet#hpkp} function.
*/
function hpkpTest() {
app.use(helmet.hpkp({
maxAge: 7776000000,
sha256s: ['AbCdEf123=', 'ZyXwVu456='],
}));
app.use(helmet.hpkp({
maxAge: 7776000000,
sha256s: ['AbCdEf123=', 'ZyXwVu456='],
includeSubDomains: false
}));
// Deprecated: Use includeSubDomains instead. (Uppercase "D")
app.use(helmet.hpkp({
maxAge: 7776000000,
sha256s: ['AbCdEf123=', 'ZyXwVu456='],
includeSubdomains: false
}));
app.use(helmet.hpkp({
maxAge: 7776000000,
sha256s: ['AbCdEf123=', 'ZyXwVu456='],
includeSubDomains: true
}));
app.use(helmet.hpkp({
maxAge: 7776000000,
sha256s: ['AbCdEf123=', 'ZyXwVu456='],
reportUri: 'http://example.com'
}));
app.use(helmet.hpkp({
maxAge: 7776000000,
sha256s: ['AbCdEf123=', 'ZyXwVu456='],
reportOnly: true
}));
app.use(helmet.hpkp({
maxAge: 7776000000,
sha256s: ['AbCdEf123=', 'ZyXwVu456='],
setIf: function (req, res) { return true; }
}));
}
/**
* @summary Test for {@see helmet#hsts} function.
*/
function hstsTest() {
app.use(helmet.hsts());
app.use(helmet.hsts({ maxAge: 7776000000 }));
app.use(helmet.hsts({
maxAge: 7776000000,
}));
app.use(helmet.hsts({
maxAge: 7776000000,
includeSubDomains: true
}));
// Deprecated: Use includeSubDomains instead. (Uppercase "D")
app.use(helmet.hsts({
maxAge: 7776000000,
includeSubdomains: true
}));
app.use(helmet.hsts({
maxAge: 7776000000,
preload: true
}));
app.use(helmet.hsts({
maxAge: 7776000000,
force: true
}));
app.use(helmet.hsts({
maxAge: 7776000000,
setIf: function (req, res) { return true; }
}));
}
/**
* @summary Test for {@see helmet#ieNoOpen} function.
*/
function ieNoOpenTest() {
app.use(helmet.ieNoOpen());
}
/**
* @summary Test for {@see helmet#noCache} function.
*/
function noCacheTest() {
app.use(helmet.noCache());
app.use(helmet.noCache({}));
app.use(helmet.noCache({ noEtag: true }));
}
/**
* @summary Test for {@see helmet#noSniff} function.
*/
function noSniffTest() {
app.use(helmet.noSniff());
}
/**
* @summary Test for {@see helmet#referrerPolicy} function.
*/
function referrerPolicyTest() {
app.use(helmet.referrerPolicy({ policy: 'same-origin' }))
}
/**
* @summary Test for {@see helmet#xssFilter} function.
*/
function xssFilterTest() {
app.use(helmet.xssFilter());
app.use(helmet.xssFilter({}));
app.use(helmet.xssFilter({ setOnOldIE: false }));
app.use(helmet.xssFilter({ setOnOldIE: true }));
}
/**
* @summary Test for {@see helmet#permittedCrossDomainPolicies} function.
*/
function permittedCrossDomainPoliciesTest() {
app.use(helmet.permittedCrossDomainPolicies());
app.use(helmet.permittedCrossDomainPolicies({}));
app.use(helmet.permittedCrossDomainPolicies({ permittedPolicies: 'none' }));
}
Reference in New Issue View Git Blame Copy Permalink