public function CspOptimizationTest::testDefaultSrcFallback in Content-Security-Policy 8
Test optimizing policy based on directives which fallback to default-src.
@covers ::getHeaderValue @covers ::getDirectiveFallbackList @covers ::reduceSourceList
File
- tests/
src/ Unit/ CspOptimizationTest.php, line 46
Class
- CspOptimizationTest
- Test optimization of CSP directives.
Namespace
Drupal\Tests\csp\UnitCode
public function testDefaultSrcFallback() {
$policy = new Csp();
$policy
->setDirective('default-src', Csp::POLICY_SELF);
// Directives which fallback to default-src.
$policy
->setDirective('script-src', Csp::POLICY_SELF);
$policy
->setDirective('style-src', Csp::POLICY_SELF);
$policy
->setDirective('worker-src', Csp::POLICY_SELF);
$policy
->setDirective('child-src', Csp::POLICY_SELF);
$policy
->setDirective('connect-src', Csp::POLICY_SELF);
$policy
->setDirective('manifest-src', Csp::POLICY_SELF);
$policy
->setDirective('prefetch-src', Csp::POLICY_SELF);
$policy
->setDirective('object-src', Csp::POLICY_SELF);
$policy
->setDirective('frame-src', Csp::POLICY_SELF);
$policy
->setDirective('media-src', Csp::POLICY_SELF);
$policy
->setDirective('font-src', Csp::POLICY_SELF);
$policy
->setDirective('img-src', Csp::POLICY_SELF);
// Directives which do not fallback to default-src.
$policy
->setDirective('base-uri', Csp::POLICY_SELF);
$policy
->setDirective('form-action', Csp::POLICY_SELF);
$policy
->setDirective('frame-ancestors', Csp::POLICY_SELF);
$policy
->setDirective('navigate-to', Csp::POLICY_SELF);
$this
->assertEquals("default-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'self'; navigate-to 'self'", $policy
->getHeaderValue());
}