entrouvert
/
passerelle
15
0
Fork 0
Code Issues Pull Requests 14 Releases Activity

phonecalls: remove X-Frame-Options on newtab (#76162)
gitea/passerelle/pipeline/head This commit looks good Details

This commit is contained in:
Thomas NOËL 2023-04-04 10:57:13 +02:00 committed by Thomas NOËL
parent 8f707e90cb
commit d0c271ac41
2 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
passerelle/apps/phonecalls/models.py
View File

@ -72,7 +72,8 @@ class PhoneCalls(BaseResource):
# open agent's portal in a new tab
if newtab and redirect_url:
return render(request, 'phonecalls/start_call_newtab.html', {'redirect_url': redirect_url})
response = render(request, 'phonecalls/start_call_newtab.html', {'redirect_url': redirect_url})
response.xframe_options_exempt = True
return response
@endpoint(

1
tests/test_phonecalls.py
View File

@ -193,6 +193,7 @@ def test_phonecalls_start_newtab(app, phonecalls):
params={'apikey': '123', 'callee': '42', 'caller': '0612345678', 'newtab': '1'},
)
assert resp.content_type == 'text/html'
assert 'X-Frame-Options' not in resp.headers
assert 'window.open("https://portail\\u002Dagent.publik/?callee\\u003D42")' in resp.text
assert Call.objects.filter(callee='42', caller='0612345678').count() == 1