You are here

Home » API reference » Content-Security-Policy 8 » CspFirefoxBugTest.php

class CspFirefoxBugTest in Content-Security-Policy 8

Test Csp handling of Firefox bug #1313937.

@coversDefaultClass \Drupal\csp\Csp @group csp

Hierarchy

Expanded class hierarchy of CspFirefoxBugTest

See also

https://bugzilla.mozilla.org/show_bug.cgi?id=1313937

File

tests/src/Unit/CspFirefoxBugTest.php, line 16

Namespace

Drupal\Tests\csp\Unit
View source 
class CspFirefoxBugTest extends UnitTestCase {

  /**
   * Test that no modifications are made if default-src isn't set.
   *
   * @covers ::ff1313937
   */
  public function testEmptyDefault() {
    $policy = new Csp();
    $policy
      ->setDirective('script-src', [
      Csp::POLICY_STRICT_DYNAMIC,
      "'nonce-abc'",
    ]);
    $policy
      ->setDirective('style-src', [
      Csp::POLICY_SELF,
      "'hash-abc'",
    ]);
    $this
      ->assertEquals("script-src 'strict-dynamic' 'nonce-abc'; style-src 'self' 'hash-abc'", $policy
      ->getHeaderValue());
  }

  /**
   * Test that 'strict-dynamic' directive is copied from default-src.
   *
   * @covers ::ff1313937
   */
  public function testStrictDynamic() {
    $policy = new Csp();
    $policy
      ->setDirective('default-src', [
      Csp::POLICY_STRICT_DYNAMIC,
      "'nonce-abc'",
    ]);
    $this
      ->assertEquals("default-src 'strict-dynamic' 'nonce-abc'; script-src 'strict-dynamic' 'nonce-abc'; style-src 'nonce-abc'", $policy
      ->getHeaderValue());
  }

  /**
   * Test that nonce directives are copied from default-src.
   *
   * @covers ::ff1313937
   */
  public function testNonce() {
    $policy = new Csp();
    $policy
      ->setDirective('default-src', [
      Csp::POLICY_SELF,
      "'nonce-abc'",
    ]);
    $this
      ->assertEquals("default-src 'self' 'nonce-abc'; script-src 'self' 'nonce-abc'; style-src 'self' 'nonce-abc'", $policy
      ->getHeaderValue());
  }

  /**
   * Test that hash directives are copied from default-src.
   *
   * @covers ::ff1313937
   */
  public function testHash() {
    $policy = new Csp();
    $policy
      ->setDirective('default-src', [
      Csp::POLICY_SELF,
      "'hash-abc'",
    ]);
    $this
      ->assertEquals("default-src 'self' 'hash-abc'; script-src 'self' 'hash-abc'; style-src 'self' 'hash-abc'", $policy
      ->getHeaderValue());
  }

  /**
   * Test that directives are not copied if more specific directive set.
   *
   * @covers ::ff1313937
   */
  public function testSetScriptSrc() {
    $policy = new Csp();
    $policy
      ->setDirective('default-src', [
      Csp::POLICY_SELF,
      "'hash-abc'",
    ]);
    $policy
      ->setDirective('script-src', [
      Csp::POLICY_STRICT_DYNAMIC,
      "'nonce-abc'",
    ]);
    $this
      ->assertEquals("default-src 'self' 'hash-abc'; script-src 'strict-dynamic' 'nonce-abc'; style-src 'self' 'hash-abc'", $policy
      ->getHeaderValue());
  }

  /**
   * Test that directives are not copied if more specific directive set.
   *
   * @covers ::ff1313937
   */
  public function testSetStyleSrc() {
    $policy = new Csp();
    $policy
      ->setDirective('default-src', [
      Csp::POLICY_SELF,
      Csp::POLICY_STRICT_DYNAMIC,
      "'hash-abc'",
    ]);
    $policy
      ->setDirective('style-src', [
      Csp::POLICY_SELF,
    ]);
    $this
      ->assertEquals("default-src 'self' 'strict-dynamic' 'hash-abc'; script-src 'self' 'strict-dynamic' 'hash-abc'; style-src 'self'", $policy
      ->getHeaderValue());
  }

}

Members

Namesort descending Modifiers Type Description Overrides
CspFirefoxBugTest::testEmptyDefault public function Test that no modifications are made if default-src isn't set.
CspFirefoxBugTest::testHash public function Test that hash directives are copied from default-src.
CspFirefoxBugTest::testNonce public function Test that nonce directives are copied from default-src.
CspFirefoxBugTest::testSetScriptSrc public function Test that directives are not copied if more specific directive set.
CspFirefoxBugTest::testSetStyleSrc public function Test that directives are not copied if more specific directive set.
CspFirefoxBugTest::testStrictDynamic public function Test that 'strict-dynamic' directive is copied from default-src.
PhpunitCompatibilityTrait::getMock Deprecated public function Returns a mock object for the specified class using the available method.
PhpunitCompatibilityTrait::setExpectedException Deprecated public function Compatibility layer for PHPUnit 6 to support PHPUnit 4 code.
UnitTestCase::$randomGenerator protected property The random generator.
UnitTestCase::$root protected property The app root. 1
UnitTestCase::assertArrayEquals protected function Asserts if two arrays are equal by sorting them first.
UnitTestCase::getBlockMockWithMachineName Deprecated protected function Mocks a block with a block plugin. 1
UnitTestCase::getClassResolverStub protected function Returns a stub class resolver.
UnitTestCase::getConfigFactoryStub public function Returns a stub config factory that behaves according to the passed array.
UnitTestCase::getConfigStorageStub public function Returns a stub config storage that returns the supplied configuration.
UnitTestCase::getContainerWithCacheTagsInvalidator protected function Sets up a container with a cache tags invalidator.
UnitTestCase::getRandomGenerator protected function Gets the random generator for the utility methods.
UnitTestCase::getStringTranslationStub public function Returns a stub translation manager that just returns the passed string.
UnitTestCase::randomMachineName public function Generates a unique random string containing letters and numbers.
UnitTestCase::setUp protected function 340