Mercurial > hg > orthanc-tests
comparison Tests/Tests.py @ 591:3cb7c6162c77
new test for XSS
| author | Alain Mazy <am@osimis.io> |
|---|---|
| date | Tue, 12 Dec 2023 10:14:37 +0100 |
| parents | 47b87c87213b |
| children | b6c1f0c9ca15 |
comparison
equal
deleted
inserted
replaced
| 590:c28bd957cb93 | 591:3cb7c6162c77 |
|---|---|
| 10021 tags = DoGet(_REMOTE, '/instances/%s/tags?simplify' % i) | 10021 tags = DoGet(_REMOTE, '/instances/%s/tags?simplify' % i) |
| 10022 self.assertFalse('PatientName' in tags) | 10022 self.assertFalse('PatientName' in tags) |
| 10023 self.assertEqual('M3D', tags['Modality']) | 10023 self.assertEqual('M3D', tags['Modality']) |
| 10024 self.assertEqual('model/obj', tags['MIMETypeOfEncapsulatedDocument']) | 10024 self.assertEqual('model/obj', tags['MIMETypeOfEncapsulatedDocument']) |
| 10025 self.assertEqual('1.2.840.10008.5.1.4.1.1.104.4', tags['SOPClassUID']) | 10025 self.assertEqual('1.2.840.10008.5.1.4.1.1.104.4', tags['SOPClassUID']) |
| 10026 | |
| 10027 | |
| 10028 def test_error_codes_content_type(self): | |
| 10029 | |
| 10030 # from 1.12.2, check that a ContentType header is included in errors with an error description (ex: 404) | |
| 10031 (headers, body) = DoGetRaw(_REMOTE, '/rnm94%3Cscript%3Ealert(1)%3C/script%3Ejdtkc/explorer.html') | |
| 10032 self.assertEqual('404', headers['status']) | |
| 10033 | |
| 10034 if IsOrthancVersionAbove(_REMOTE, 1, 12, 2): | |
| 10035 self.assertEqual('application/json', headers['content-type']) | |
| 10036 | |
| 10037 (headers, body) = DoPutRaw(_REMOTE, '/system', 'hello') | |
| 10038 self.assertEqual('405', headers['status']) | |
| 10039 # when there is no body, there is no content-type | |
| 10040 self.assertNotIn('content-type', headers) | |
| 10041 | |
| 10042 # responses with bodies contain x-content-type-options | |
| 10043 if IsOrthancVersionAbove(_REMOTE, 1, 12, 2): | |
| 10044 (headers, body) = DoGetRaw(_REMOTE, '/system') | |
| 10045 self.assertIn('nosniff', headers['x-content-type-options']) |