From 8155db669baff9aac5617a7aaf68dd35823ed7c9 Mon Sep 17 00:00:00 2001
From: Chocobozzz <me@florianbigard.com>
Date: Mon, 12 Apr 2021 15:33:54 +0200
Subject: Dissociate frameguard from csp

---
 server/tests/api/server/config.ts | 34 ++++++++++++++++++++++++++++++++++
 1 file changed, 34 insertions(+)

(limited to 'server/tests/api')

diff --git a/server/tests/api/server/config.ts b/server/tests/api/server/config.ts
index 0b0f48d22..1d9ea31df 100644
--- a/server/tests/api/server/config.ts
+++ b/server/tests/api/server/config.ts
@@ -12,6 +12,7 @@ import {
   getConfig,
   getCustomConfig,
   killallServers,
+  makeGetRequest,
   parallelTests,
   registerUser,
   reRunServer,
@@ -508,6 +509,39 @@ describe('Test config', function () {
     checkInitialConfig(server, data)
   })
 
+  it('Should enable frameguard', async function () {
+    this.timeout(25000)
+
+    {
+      const res = await makeGetRequest({
+        url: server.url,
+        path: '/api/v1/config',
+        statusCodeExpected: 200
+      })
+
+      expect(res.headers['x-frame-options']).to.exist
+    }
+
+    killallServers([ server ])
+
+    const config = {
+      security: {
+        frameguard: { enabled: false }
+      }
+    }
+    server = await reRunServer(server, config)
+
+    {
+      const res = await makeGetRequest({
+        url: server.url,
+        path: '/api/v1/config',
+        statusCodeExpected: 200
+      })
+
+      expect(res.headers['x-frame-options']).to.not.exist
+    }
+  })
+
   after(async function () {
     await cleanupTests([ server ])
   })
-- 
cgit v1.2.3