Passive scan unit tests

[psiinon]

I've just submitted PR #471 which adds a rule for testing for SameSite cookies.
As part of that I've implemented some unit tests for that class: https://github.com/psiinon/zap-extensions/blob/edf5af2df7bfbb8affd0eef1146e78068407c76e/test/org/zaproxy/zap/extension/pscanrulesAlpha/CookieSameSiteScannerUnitTest.java
These are the first unit tests we have for passive scan rules, and as I'd like this to become standard practice I'd like feedback on them.
Are they easy enough to understand?
Could the implementation be improved in any way?
Any other comments or suggestions?

Volunteers to write similar tests for our existing passive scan rules also much appreciated ;)

Cheers,

Simon

[psiinon]

I've updated the PR and now the direct link to the unit test file has changed :(
Best just find the file in the PR: https://github.com/zaproxy/zap-extensions/pull/471 :)

[psiinon]

One of the comments on https://github.com/zaproxy/zap-extensions/pull/473 (now outdated, so I dont think I can link to it directly) was a suggestion to introduce a helper method for setting the response headers rather than repeating the same info each time.
I must admit I kind of like seeing the full headers as plain text, but maybe thats because I'm used to looking at them in ZAP ;)
Any preferences for or against using such helper methods?
I'm happy to go with the flow...

[psiinon]

I've updated https://github.com/zaproxy/zap-extensions/pull/473 based on more comments received, and also updated the X-Frame-Options rule to only report issues at LOW threshold if the CSP 'frame-ancestors' element is present.