玩! 框架1.2.5:如何测试响应是否安全?
[英]Play! framework 1.2.5: How to test if response is secure?
问题描述
A test case for my contact formular page is to make sure it's always in a secure context respectively using SSL. 
我的联系表单页面的测试用例是确保它始终使用SSL分别处于安全上下文中。 Basically, all I want to know, is that I have a given request where request.secure = true; 基本上,我想知道的是,我有一个请求,其中request.secure = true;
The following response does not contain any information about this and its headers are empty: 以下响应不包含任何有关此信息的信息,其标题为空:
@Test
public void shouldShowContactForm() {
Response response = GET("/contact");
// How can I ask the response, if the complete URL is in HTTPS?
}
Even if I explicitly set my own request, I cant see the right way to do this: 即使我明确地设置了自己的请求,我也看不到正确的方法:
@Test
public void shouldShowContactFormInSSLContext() {
Request request = newRequest();
request.secure = true;
Response response = GET(request, "/contact");
// Is it now possible?
}
Is this even the right approach to test this or am I simply missing something important about the request/response? 这甚至是测试这个的正确方法,还是我只是遗漏了一些关于请求/响应的重要信息?
1 个解决方案
解决方案1
2 2013-12-04 22:05:32
For this question I think what I've done for my apps in the past is have a @before interceptor on all my controllers that looks like this. 对于这个问题,我认为我过去为我的应用程序所做的是在我的所有控制器上都有一个@before拦截器,看起来像这样。
@Before
static void checkSSL(){
if(Play.mode.equals(Play.Mode.PROD)){
if(!request.secure) {
Router.ActionDefinition cashTicketDefinition = Router.reverse(request.controller + "." + request.actionMethod);
cashTicketDefinition.absolute();
String url = cashTicketDefinition.url.replaceFirst( "http:", "https:");
redirect(url, true);
}
}
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.