1+ /**
2+ * Licensed to the Apache Software Foundation (ASF) under one or more
3+ * contributor license agreements. See the NOTICE file distributed with this
4+ * work for additional information regarding copyright ownership. The ASF
5+ * licenses this file to you under the Apache License, Version 2.0 (the
6+ * "License"); you may not use this file except in compliance with the License.
7+ * You may obtain a copy of the License at
8+ * <p>
9+ * http://www.apache.org/licenses/LICENSE-2.0
10+ * <p>
11+ * Unless required by applicable law or agreed to in writing, software
12+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
13+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
14+ * License for the specific language governing permissions and limitations under
15+ * the License.
16+ */
17+
18+ package org .apache .hadoop .hdfs .qjournal .server ;
19+
20+ import java .io .IOException ;
21+ import java .net .HttpURLConnection ;
22+ import java .net .URL ;
23+
24+ import org .junit .After ;
25+ import org .junit .Assert ;
26+ import org .junit .Test ;
27+
28+ import org .apache .hadoop .conf .Configuration ;
29+ import org .apache .hadoop .hdfs .DFSConfigKeys ;
30+ import org .apache .hadoop .hdfs .qjournal .MiniJournalCluster ;
31+ import org .apache .hadoop .http .HttpServer2 ;
32+
33+ /**
34+ * Test that X-Frame-Options works correctly with JournalNodeHttpServer.
35+ */
36+ public class TestJournalNodeHttpServerXFrame {
37+
38+ private static final int NUM_JN = 1 ;
39+
40+ private MiniJournalCluster cluster ;
41+
42+ @ Test
43+ public void testJournalNodeXFrameOptionsEnabled () throws Exception {
44+ boolean xFrameEnabled = true ;
45+ cluster = createCluster (xFrameEnabled );
46+ HttpURLConnection conn = getConn (cluster );
47+ String xfoHeader = conn .getHeaderField ("X-FRAME-OPTIONS" );
48+ Assert .assertTrue ("X-FRAME-OPTIONS is absent in the header" , xfoHeader != null );
49+ Assert .assertTrue (xfoHeader .endsWith (HttpServer2 .XFrameOption .SAMEORIGIN .toString ()));
50+ }
51+
52+ @ Test
53+ public void testJournalNodeXFrameOptionsDisabled () throws Exception {
54+ boolean xFrameEnabled = false ;
55+ cluster = createCluster (xFrameEnabled );
56+ HttpURLConnection conn = getConn (cluster );
57+ String xfoHeader = conn .getHeaderField ("X-FRAME-OPTIONS" );
58+ System .out .println (xfoHeader );
59+ Assert .assertTrue ("unexpected X-FRAME-OPTION in header" , xfoHeader == null );
60+ }
61+
62+ @ After
63+ public void cleanup () throws IOException {
64+ if (cluster != null ) {
65+ cluster .shutdown ();
66+ cluster = null ;
67+ }
68+ }
69+
70+ private static MiniJournalCluster createCluster (boolean enabled ) throws IOException {
71+ Configuration conf = new Configuration ();
72+ conf .setBoolean (DFSConfigKeys .DFS_XFRAME_OPTION_ENABLED , enabled );
73+ MiniJournalCluster jCluster =
74+ new MiniJournalCluster .Builder (conf ).format (true ).numJournalNodes (NUM_JN ).build ();
75+ jCluster .waitActive ();
76+ return jCluster ;
77+ }
78+
79+ private static HttpURLConnection getConn (MiniJournalCluster journalCluster ) throws IOException {
80+ JournalNode journalNode = journalCluster .getJournalNode (0 );
81+ URL newURL = new URL (journalNode .getHttpServerURI ());
82+ HttpURLConnection conn = (HttpURLConnection ) newURL .openConnection ();
83+ conn .connect ();
84+ return conn ;
85+ }
86+ }
0 commit comments