Introduce HSTS header for https_only conf
Change-Id: If2aafcda5478cdfc91a65220542e420ca6893e07
diff --git a/t/subfolder.t b/t/subfolder.t
index 5731e13..d13fdc1 100644
--- a/t/subfolder.t
+++ b/t/subfolder.t
@@ -27,6 +27,7 @@
->element_exists('input[name=handle][value=test]')
->element_exists_not('div.button.top a')
->attr_is('body','data-korap-url','')
+ ->header_exists_not('Strict-Transport-Security')
;
is('kalamar',$t->app->sessions->cookie_name);
@@ -41,7 +42,9 @@
$t->post_ok('/user/login' => form => { handle => 'test', pwd => 'fail' })
->status_is(302)
- ->header_is('Location' => '/');
+ ->header_is('Location' => '/')
+ ->header_is('Strict-Transport-Security', 'max-age=3600; includeSubDomains')
+ ;
$t->get_ok('/')
->status_is(200)