inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-08-14 17:58:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merged 5.1.N (5.1.3) to 5.2.N (5.2.1)

Browse Source 
135682 jvonka: Merged 5.0.N (5.0.5) to 5.1.N (5.1.3)
      135680 jvonka: Merged V4.2-BUG-FIX (4.2.8) to 5.0.N (5.0.5)
         135657 jvonka: Merged 5.0.N (5.0.5) to V4.2-BUG-FIX (4.2.8)
             REPO-2110 / MNT-17477: CMIS: SXSS+CSRF vulnerability (browser binding)
                  - tweak test (for unexpected NPE in 4.2)
                  - resolve backport conflict


git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/BRANCHES/DEV/5.2.N/root@135684 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Jan Vonka
2017-03-07 16:26:57 +00:00
parent 33d670788f
commit 32f51213e7
1 changed files with 12 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
source/test-java/org/alfresco/rest/api/tests/TestCMIS.java
View File

@@ -2381,22 +2381,22 @@ public class TestCMIS extends EnterpriseTestApi
// note: Content-Disposition can be "inline or "attachment" for content types that are white-listed (eg. specific image types & pdf)
HttpResponse response = publicApiClient.get(network1.getId()+"/public/cmis/versions/1.1/browser/root/Shared/"+name, null);
assertTrue(response.getHeaders().get("Content-Disposition").startsWith("inline"));
HttpResponse response = publicApiClient.get("/"+network1.getId()+"/public/cmis/versions/1.1/browser/root/Shared/"+name, null);
assertEquals(200, response.getStatusCode());
response = publicApiClient.get(network1.getId()+"/public/cmis/versions/1.1/browser/root/Shared/"+name+"?download=inline", null);
assertTrue(response.getHeaders().get("Content-Disposition").startsWith("inline"));
assertEquals(200, response.getStatusCode());
response = publicApiClient.get(network1.getId()+"/public/cmis/versions/1.1/browser/root/Shared/"+name+"?download=attachment", null);
response = publicApiClient.get("/"+network1.getId()+"/public/cmis/versions/1.1/browser/root/Shared/"+name+"?download=inline", null);
assertEquals(200, response.getStatusCode());
assertTrue(response.getHeaders().get("Content-Disposition").startsWith("inline"));
response = publicApiClient.get("/"+network1.getId()+"/public/cmis/versions/1.1/browser/root/Shared/"+name+"?download=attachment", null);
assertEquals(200, response.getStatusCode());
assertTrue(response.getHeaders().get("Content-Disposition").startsWith("attachment"));
assertEquals(200, response.getStatusCode());
// note: AtomPub binding (via OpenCMIS) does not support "download" query parameter
response = publicApiClient.get(network1.getId()+"/public/cmis/versions/1.1/atom/content?id="+docId, null);
assertTrue(response.getHeaders().get("Content-Disposition").startsWith("attachment"));
response = publicApiClient.get("/"+network1.getId()+"/public/cmis/versions/1.1/atom/content?id="+docId, null);
assertEquals(200, response.getStatusCode());
assertTrue(response.getHeaders().get("Content-Disposition").startsWith("attachment"));
//
// Create test HTML document
@@ -2423,16 +2423,16 @@ public class TestCMIS extends EnterpriseTestApi
// note: Content-Disposition will always be "attachment" for content types that are not white-listed
response = publicApiClient.get(network1.getId()+"/public/cmis/versions/1.1/browser/root/Shared/"+name, null);
response = publicApiClient.get("/"+network1.getId()+"/public/cmis/versions/1.1/browser/root/Shared/"+name, null);
assertTrue(response.getHeaders().get("Content-Disposition").startsWith("attachment;"));
assertEquals(200, response.getStatusCode());
response = publicApiClient.get(network1.getId()+"/public/cmis/versions/1.1/browser/root/Shared/"+name+"?download=inline", null);
response = publicApiClient.get("/"+network1.getId()+"/public/cmis/versions/1.1/browser/root/Shared/"+name+"?download=inline", null);
assertTrue(response.getHeaders().get("Content-Disposition").startsWith("attachment;"));
assertEquals(200, response.getStatusCode());
// note: AtomPub binding (via OpenCMIS) does not support "download" query parameter
response = publicApiClient.get(network1.getId()+"/public/cmis/versions/1.1/atom/content?id="+docId, null);
response = publicApiClient.get("/"+network1.getId()+"/public/cmis/versions/1.1/atom/content?id="+docId, null);
assertTrue(response.getHeaders().get("Content-Disposition").startsWith("attachment;"));
assertEquals(200, response.getStatusCode());
}