/** * Performs request method with HttpContext. HttpContext typically contains cookie store with all * cookies to include with request * * @param method request method * @param context httpcontext * @return request response * @throws Exception */ protected HttpResponse perform(HttpRequestBase method, HttpContext context) throws Exception { HttpResponse response = getHttpClient().execute(method, context); Header cspHeaders[] = response.getHeaders(CSP.Header.REPORT_ONLY); if (response.getStatusLine().getStatusCode() == 200) { // TODO(fabbott): Although a request for e.g. moment.js from testSetRunner.app // does have a header, the same request from AuraFrameworkServletHttpTest does // not. I suspect this is because the test has no UID, but the "real life" one // does... but for now, let's validate the CSP header only if it's actually there. if (cspHeaders.length != 0) { assertEquals(1, cspHeaders.length); assertTrue( "No connect-src in default CSP", cspHeaders[0].getValue().contains("; connect-src 'self';")); } } return response; }
/** * Gets status code of response * * @param response request response * @return status code */ protected static int getStatusCode(HttpResponse response) { return response.getStatusLine().getStatusCode(); }