summaryrefslogtreecommitdiff
path: root/tests/check_framework
diff options
context:
space:
mode:
Diffstat (limited to 'tests/check_framework')
-rw-r--r--tests/check_framework/test_security.py25
1 files changed, 25 insertions, 0 deletions
diff --git a/tests/check_framework/test_security.py b/tests/check_framework/test_security.py
index 3a3b9cf774..774ba068f9 100644
--- a/tests/check_framework/test_security.py
+++ b/tests/check_framework/test_security.py
@@ -504,3 +504,28 @@ class CSRFFailureViewTest(SimpleTestCase):
csrf.check_csrf_failure_view(None),
[Error(msg, id='security.E101')],
)
+
+
+class CheckCrossOriginOpenerPolicyTest(SimpleTestCase):
+ @override_settings(
+ MIDDLEWARE=['django.middleware.security.SecurityMiddleware'],
+ SECURE_CROSS_ORIGIN_OPENER_POLICY=None,
+ )
+ def test_no_coop(self):
+ self.assertEqual(base.check_cross_origin_opener_policy(None), [])
+
+ @override_settings(MIDDLEWARE=['django.middleware.security.SecurityMiddleware'])
+ def test_with_coop(self):
+ tests = ['same-origin', 'same-origin-allow-popups', 'unsafe-none']
+ for value in tests:
+ with self.subTest(value=value), override_settings(
+ SECURE_CROSS_ORIGIN_OPENER_POLICY=value,
+ ):
+ self.assertEqual(base.check_cross_origin_opener_policy(None), [])
+
+ @override_settings(
+ MIDDLEWARE=['django.middleware.security.SecurityMiddleware'],
+ SECURE_CROSS_ORIGIN_OPENER_POLICY='invalid-value',
+ )
+ def test_with_invalid_coop(self):
+ self.assertEqual(base.check_cross_origin_opener_policy(None), [base.E024])