/**
* Performs request method with HttpContext. HttpContext typically contains cookie store with all
* cookies to include with request
*
* @param method request method
* @param context httpcontext
* @return request response
* @throws Exception
*/
protected HttpResponse perform(HttpRequestBase method, HttpContext context) throws Exception {
HttpResponse response = getHttpClient().execute(method, context);
Header cspHeaders[] = response.getHeaders(CSP.Header.REPORT_ONLY);
if (response.getStatusLine().getStatusCode() == 200) {
// TODO(fabbott): Although a request for e.g. moment.js from testSetRunner.app
// does have a header, the same request from AuraFrameworkServletHttpTest does
// not. I suspect this is because the test has no UID, but the "real life" one
// does... but for now, let's validate the CSP header only if it's actually there.
if (cspHeaders.length != 0) {
assertEquals(1, cspHeaders.length);
assertTrue(
"No connect-src in default CSP",
cspHeaders[0].getValue().contains("; connect-src 'self';"));
}
}
return response;
}
/**
* Gets status code of response
*
* @param response request response
* @return status code
*/
protected static int getStatusCode(HttpResponse response) {
return response.getStatusLine().getStatusCode();
}