External/securelens-backend
1
0
Fork 0
mirror of https://github.com/Rarebuffalo/securelens-backend.git synced 2026-06-19 07:00:30 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
main
securelens-backend/tests/test_transport.py
rarebuffalo 8330060e86 updated the architecture
2026-04-07 18:13:43 +05:30

76 lines
2.3 KiB
Python
Raw Permalink Blame History

from unittest.mock import MagicMock
import pytest
from app.services.scanner.transport import TransportScanner
scanner = TransportScanner()
def _make_response(headers: dict) -> MagicMock:
response = MagicMock()
response.headers = headers
return response
@pytest.mark.asyncio
async def test_detects_no_https():
response = _make_response({})
issues = await scanner.scan("http://example.com", response)
assert any("HTTPS" in i.issue for i in issues)
assert len(issues) == 1
@pytest.mark.asyncio
async def test_detects_missing_hsts():
response = _make_response({})
issues = await scanner.scan("https://example.com", response)
assert any("HSTS" in i.issue for i in issues)
@pytest.mark.asyncio
async def test_detects_short_hsts_max_age():
response = _make_response({
"Strict-Transport-Security": "max-age=3600; includeSubDomains; preload"
})
issues = await scanner.scan("https://example.com", response)
assert any("max-age" in i.issue.lower() for i in issues)
@pytest.mark.asyncio
async def test_detects_missing_includesubdomains():
response = _make_response({
"Strict-Transport-Security": "max-age=31536000; preload"
})
issues = await scanner.scan("https://example.com", response)
assert any("includeSubDomains" in i.issue for i in issues)
@pytest.mark.asyncio
async def test_detects_missing_preload():
response = _make_response({
"Strict-Transport-Security": "max-age=31536000; includeSubDomains"
})
issues = await scanner.scan("https://example.com", response)
assert any("preload" in i.issue for i in issues)
@pytest.mark.asyncio
async def test_detects_missing_upgrade_insecure_requests():
response = _make_response({
"Strict-Transport-Security": "max-age=31536000; includeSubDomains; preload",
"Content-Security-Policy": "default-src 'self'",
})
issues = await scanner.scan("https://example.com", response)
assert any("upgrade-insecure-requests" in i.issue for i in issues)
@pytest.mark.asyncio
async def test_good_hsts_no_transport_issues():
response = _make_response({
"Strict-Transport-Security": "max-age=31536000; includeSubDomains; preload",
"Content-Security-Policy": "default-src 'self'; upgrade-insecure-requests",
})
issues = await scanner.scan("https://example.com", response)
assert len(issues) == 0
Reference in New Issue View Git Blame Copy Permalink