View source
<?php
namespace Drupal\Tests\csp\Unit;
use Drupal\csp\Csp;
use Drupal\Tests\UnitTestCase;
class CspFirefoxBugTest extends UnitTestCase {
public function testEmptyDefault() {
$policy = new Csp();
$policy
->setDirective('script-src', [
Csp::POLICY_STRICT_DYNAMIC,
"'nonce-abc'",
]);
$policy
->setDirective('style-src', [
Csp::POLICY_SELF,
"'hash-abc'",
]);
$this
->assertEquals("script-src 'strict-dynamic' 'nonce-abc'; style-src 'self' 'hash-abc'", $policy
->getHeaderValue());
}
public function testStrictDynamic() {
$policy = new Csp();
$policy
->setDirective('default-src', [
Csp::POLICY_STRICT_DYNAMIC,
"'nonce-abc'",
]);
$this
->assertEquals("default-src 'strict-dynamic' 'nonce-abc'; script-src 'strict-dynamic' 'nonce-abc'; style-src 'nonce-abc'", $policy
->getHeaderValue());
}
public function testNonce() {
$policy = new Csp();
$policy
->setDirective('default-src', [
Csp::POLICY_SELF,
"'nonce-abc'",
]);
$this
->assertEquals("default-src 'self' 'nonce-abc'; script-src 'self' 'nonce-abc'; style-src 'self' 'nonce-abc'", $policy
->getHeaderValue());
}
public function testHash() {
$policy = new Csp();
$policy
->setDirective('default-src', [
Csp::POLICY_SELF,
"'hash-abc'",
]);
$this
->assertEquals("default-src 'self' 'hash-abc'; script-src 'self' 'hash-abc'; style-src 'self' 'hash-abc'", $policy
->getHeaderValue());
}
public function testSetScriptSrc() {
$policy = new Csp();
$policy
->setDirective('default-src', [
Csp::POLICY_SELF,
"'hash-abc'",
]);
$policy
->setDirective('script-src', [
Csp::POLICY_STRICT_DYNAMIC,
"'nonce-abc'",
]);
$this
->assertEquals("default-src 'self' 'hash-abc'; script-src 'strict-dynamic' 'nonce-abc'; style-src 'self' 'hash-abc'", $policy
->getHeaderValue());
}
public function testSetStyleSrc() {
$policy = new Csp();
$policy
->setDirective('default-src', [
Csp::POLICY_SELF,
Csp::POLICY_STRICT_DYNAMIC,
"'hash-abc'",
]);
$policy
->setDirective('style-src', [
Csp::POLICY_SELF,
]);
$this
->assertEquals("default-src 'self' 'strict-dynamic' 'hash-abc'; script-src 'self' 'strict-dynamic' 'hash-abc'; style-src 'self'", $policy
->getHeaderValue());
}
}