claw/flaskpaste
1
0
Fork 1
forked from username/flaskpaste
Code Pull Requests Activity

refactor: code consistency and best practices

Browse Source 
- add type hints to error handlers in app/__init__.py
- add docstrings to nested callback functions
- remove deprecated X-XSS-Protection header (superseded by CSP)
- fix typo in cleanup log message (entr(ies) -> entries)
- standardize loop variable naming in fpaste CLI
- update test for intentional header removal
This commit is contained in:
Username
2025-12-22 00:25:18 +01:00
parent 028367d803
commit 680b068c00
4 changed files with 30 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
tests/test_security.py
View File

@@ -16,10 +16,10 @@ class TestSecurityHeaders:
response = client.get("/")
assert response.headers.get("X-Frame-Options") == "DENY"
def test_x_xss_protection(self, client):
"""X-XSS-Protection header is set."""
def test_x_xss_protection_not_present(self, client):
"""X-XSS-Protection header is not set (deprecated, superseded by CSP)."""
response = client.get("/")
assert response.headers.get("X-XSS-Protection") == "1; mode=block"
assert response.headers.get("X-XSS-Protection") is None
def test_content_security_policy(self, client):
"""Content-Security-Policy header is set."""