public function CspOptimizationTest::testReduceAttrSourceListFallback in Content-Security-Policy 8

Attribute directive shouldn't be included if it matches fallback.

@covers ::reduceAttrSourceList

File

tests/src/Unit/CspOptimizationTest.php, line 517

Class

CspOptimizationTest: Test optimization of CSP directives.

Namespace

Drupal\Tests\csp\Unit

Code

public function testReduceAttrSourceListFallback() {
  $policy = new Csp();
  $directiveValue = [
    Csp::POLICY_SELF,
    'https://example.com',
    Csp::POLICY_UNSAFE_HASHES,
    "'sha256-BnZSlC9IkS7BVcseRf0CAOmLntfifZIosT2C1OMQ088='",
  ];
  $policy
    ->setDirective('script-src', $directiveValue);
  $policy
    ->setDirective('script-src-attr', $directiveValue);
  $this
    ->assertEquals("script-src 'self' https://example.com 'unsafe-hashes' 'sha256-BnZSlC9IkS7BVcseRf0CAOmLntfifZIosT2C1OMQ088='", $policy
    ->getHeaderValue());
}

You are here

public function CspOptimizationTest::testReduceAttrSourceListFallback in Content-Security-Policy 8

File

Class

Namespace

Code

API Navigation