Test Case => resourceSharing for Embedded & API application types

darkmsph1t / _spartan

npm project to package & configure common security middleware && add security.js file to code repo

5 stars 0 forks source link

Test Case => resourceSharing for Embedded & API application types #46

Closed darkmsph1t closed 6 years ago

darkmsph1t commented 6 years ago

Does tmp.securityHeaders get overwritten correctly when the user selects Embedded/IoT or API?

darkmsph1t commented 6 years ago

done

  "securityHeaders": {
    "enabled": true,
    "compensatingControl": false,
    "config": {
      "csp": {
        "directives": {
          "default": "none",
          "upgradeInsecureRequests": true,
          "blockAllMixedContent": true,
          "subResourceIntegrity": {
            "scripts": false,
            "styles": false
          }
        },
        "reportOnly": true,
        "useNonce": false,
        "useHash": false
      },

and

"resourceSharingPolicy": {
    "default": "same-origin",
    "compensatingControl": false,
    "corsSettings": {
      "enabled": false,
      "config": {}
    }
  },