phonecalls: remove X-Frame-Options on newtab (#76162)
gitea/passerelle/pipeline/head This commit looks good
Details
gitea/passerelle/pipeline/head This commit looks good
Details
This commit is contained in:
parent
8f707e90cb
commit
d0c271ac41
|
@ -72,7 +72,8 @@ class PhoneCalls(BaseResource):
|
||||||
|
|
||||||
# open agent's portal in a new tab
|
# open agent's portal in a new tab
|
||||||
if newtab and redirect_url:
|
if newtab and redirect_url:
|
||||||
return render(request, 'phonecalls/start_call_newtab.html', {'redirect_url': redirect_url})
|
response = render(request, 'phonecalls/start_call_newtab.html', {'redirect_url': redirect_url})
|
||||||
|
response.xframe_options_exempt = True
|
||||||
return response
|
return response
|
||||||
|
|
||||||
@endpoint(
|
@endpoint(
|
||||||
|
|
|
@ -193,6 +193,7 @@ def test_phonecalls_start_newtab(app, phonecalls):
|
||||||
params={'apikey': '123', 'callee': '42', 'caller': '0612345678', 'newtab': '1'},
|
params={'apikey': '123', 'callee': '42', 'caller': '0612345678', 'newtab': '1'},
|
||||||
)
|
)
|
||||||
assert resp.content_type == 'text/html'
|
assert resp.content_type == 'text/html'
|
||||||
|
assert 'X-Frame-Options' not in resp.headers
|
||||||
assert 'window.open("https://portail\\u002Dagent.publik/?callee\\u003D42")' in resp.text
|
assert 'window.open("https://portail\\u002Dagent.publik/?callee\\u003D42")' in resp.text
|
||||||
assert Call.objects.filter(callee='42', caller='0612345678').count() == 1
|
assert Call.objects.filter(callee='42', caller='0612345678').count() == 1
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue