Description
Need to add the property falcon.security.csrf.header to startup properties when testing custom header for CSRF filter.
Tests run: 5, Failures: 2, Errors: 0, Skipped: 0, Time elapsed: 1.186 sec <<< FAILURE! - in org.apache.falcon.security.FalconCSRFFilterTest
testCSRFEnabledIncludeCustomHeaderFromBrowser(org.apache.falcon.security.FalconCSRFFilterTest) Time elapsed: 0.012 sec <<< FAILURE!
org.mockito.exceptions.verification.NeverWantedButInvoked:
mockResponse.sendError(
403,
"Missing Required Header for CSRF Vulnerability Protection"
);
Never wanted here:
-> at org.apache.falcon.security.FalconCSRFFilterTest.testCSRFEnabledIncludeCustomHeaderFromBrowser(FalconCSRFFilterTest.java:83)
But invoked here:
-> at org.apache.falcon.security.RestCsrfPreventionFilter$ServletFilterHttpInteraction.sendError(RestCsrfPreventionFilter.java:173)
at org.apache.falcon.security.FalconCSRFFilterTest.testCSRFEnabledIncludeCustomHeaderFromBrowser(FalconCSRFFilterTest.java:83)
testCSRFEnabledNoCustomHeaderFromBrowser(org.apache.falcon.security.FalconCSRFFilterTest) Time elapsed: 0.003 sec <<< FAILURE!
org.mockito.exceptions.verification.TooManyActualInvocations:
mockResponse.sendError(
403,
"Missing Required Header for CSRF Vulnerability Protection"
);
Wanted 1 time:
-> at org.apache.falcon.security.FalconCSRFFilterTest.testCSRFEnabledNoCustomHeaderFromBrowser(FalconCSRFFilterTest.java:73)
But was 2 times. Undesired invocation:
-> at org.apache.falcon.security.RestCsrfPreventionFilter$ServletFilterHttpInteraction.sendError(RestCsrfPreventionFilter.java:173)
at org.apache.falcon.security.FalconCSRFFilterTest.testCSRFEnabledNoCustomHeaderFromBrowser(FalconCSRFFilterTest.java:73)
Attachments
Issue Links
- relates to
-
FALCON-2082 Add CSRF filter for REST APIs
- Resolved
- links to