github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-03-30 15:40:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

tests: cover media nosniff header

Browse Source
This commit is contained in:
George Pickett
2026-03-03 12:59:16 -08:00
parent 452698b209
commit bb501cfcb1
2 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
changelog/fragments/pr-30356.md Normal file
View File

@@ -0,0 +1 @@
- Security/Media route: add `X-Content-Type-Options: nosniff` header regression assertions for successful and not-found media responses (#30356) (thanks @13otKmdr)

2
src/media/server.test.ts
View File

@@ -61,6 +61,7 @@ describe("media server", () => {
const file = await writeMediaFile("file1", "hello");
const res = await fetch(mediaUrl("file1"));
expect(res.status).toBe(200);
expect(res.headers.get("x-content-type-options")).toBe("nosniff");
expect(await res.text()).toBe("hello");
await waitForFileRemoval(file);
});
@@ -113,6 +114,7 @@ describe("media server", () => {
it("returns not found for missing media IDs", async () => {
const res = await fetch(mediaUrl("missing-file"));
expect(res.status).toBe(404);
expect(res.headers.get("x-content-type-options")).toBe("nosniff");
expect(await res.text()).toBe("not found");
});