public function CspOptimizationTest::testReduceAttrSourceListUnsafeHash in Content-Security-Policy 8

Hash sources should be allowed with 'unsafe-hashes'.

@covers ::reduceAttrSourceList

File

tests/src/Unit/CspOptimizationTest.php, line 436

Class

CspOptimizationTest: Test optimization of CSP directives.

Namespace

Drupal\Tests\csp\Unit

Code

public function testReduceAttrSourceListUnsafeHash() {
  $policy = new Csp();
  $policy
    ->setDirective('script-src-attr', [
    Csp::POLICY_UNSAFE_INLINE,
    Csp::POLICY_UNSAFE_HASHES,
    "'sha256-BnZSlC9IkS7BVcseRf0CAOmLntfifZIosT2C1OMQ088='",
  ]);
  $this
    ->assertEquals("script-src-attr 'unsafe-inline' 'unsafe-hashes' 'sha256-BnZSlC9IkS7BVcseRf0CAOmLntfifZIosT2C1OMQ088='", $policy
    ->getHeaderValue());
}

You are here

public function CspOptimizationTest::testReduceAttrSourceListUnsafeHash in Content-Security-Policy 8

File

Class

Namespace

Code

API Navigation