lfatty
commented
7 years ago i just realized that using https will make the headers scenario to pass the test without any error. This seems like a bug because it should be able to handle http headers.
Open lfatty opened 8 years ago
lfatty
commented
7 years ago i just realized that using https will make the headers scenario to pass the test without any error. This seems like a bug because it should be able to handle http headers.
@continuumsecurity Http_header kept failing even though my application has all security headers configured.
java.lang.RuntimeException: No HTTP requests-responses recorded at net.continuumsecurity.steps.WebApplicationSteps.recordFirstHarEntry(WebApplicationSteps.java:513) at net.continuumsecurity.steps.WebApplicationSteps.accessSecureBaseUrlAndRecordHTTPResponse(WebApplicationSteps.java:543) at ✽.When the following URLs are visited and their HTTP responses recorded(http_headers.feature:7)Given a new browser or client instance......................................passed When the following URLs are visited and their HTTP responses recorded.......failed Then the X-Frame-Options header is either SAMEORIGIN or DENY................skipped