ayoho
commented
3 years ago Bill provided confirmation that there are tests for comma-separated values, hostnames with leading wildcards, and IPv6 formatting for the relevant properties.
In that case, the coverage looks good to me. 👍
For #9809
1) These changes were first tested and extensively validated using unit tests. For those changes, see https://github.com/OpenLiberty/open-liberty/pull/14661/files#diff-89039d92ea2128b9cf7deaf36dffcde040d7928b75f6a03a8a3a3b23ab4356ac
FAT cases have been added to the
webcontainer_fatbucket; these changes will also be ported to tWAS, so it is convenient to have these tests inwebcontainer_fatsince that bucket is largely common between tWAS and Liberty. Those FAT changes can be seen directly at https://github.ibm.com/websphere/WS-CD-Open/pull/22595In general, those tests were updated to validate the new config available in #9808.
trustedHeaderOrigin_HostNameMatchvalidatestrustedHeaderOrigin="<localHostName>"trustedSensitiveHeaderOrigin_HostNameMatch_trustedHeaderOrigin_nonevalidates:trustedSensitiveHeaderOrigin="<localHostName>"andtrustedHeaderOrigin="none"trustedSensitiveHeaderOrigin_WildcardMatch_trustedHeaderOrigin_nonevalidates:trustedSensitiveHeaderOrigin="127.0.0.*"andtrustedHeaderOrigin="none"trustedSensitiveHeaderOrigin_none_trustedHeaderOrigin_invalidvalidates:trustedSensitiveHeaderOrigin="noneandtrustedHeaderOrigin=invalidtrustedSensitiveHeaderOrigin_invalid_trustedHeaderOrigin_nonevalidates:trustedSensitiveHeaderOrigin=invalidandtrustedHeaderOrigin="none"In summary, these new tests (in addition to the existing tests) validate the following config cases:
2) 4 - We have delivered all automated testing we believe is needed for the golden paths of this feature and have good coverage of the error/outlying scenarios. While more testing of the error/outlying scenarios could be added we believe there is minimal risk here and the cost of providing these is considered higher than the benefit they would provide.