public function CspTest::testFallbackAwareAppendIfEnabledNone in Content-Security-Policy 8

Appending to a directive if its fallback includes 'none'.

@covers ::fallbackAwareAppendIfEnabled

File

tests/src/Unit/CspTest.php, line 326

Class

CspTest: Test manipulating directives in a policy.

Namespace

Drupal\Tests\csp\Unit

Code

public function testFallbackAwareAppendIfEnabledNone() {

  // New directive should be enabled with only provided value.
  $policy = new Csp();
  $policy
    ->setDirective('default-src', Csp::POLICY_NONE);
  $policy
    ->fallbackAwareAppendIfEnabled('script-src-attr', Csp::POLICY_UNSAFE_INLINE);
  $this
    ->assertEquals([
    Csp::POLICY_NONE,
  ], $policy
    ->getDirective('default-src'));
  $this
    ->assertFalse($policy
    ->hasDirective('script-src'));
  $this
    ->assertEquals([
    Csp::POLICY_UNSAFE_INLINE,
  ], $policy
    ->getDirective('script-src-attr'));

  // Additional values in fallback should be ignored if 'none' is present.
  $policy = new Csp();
  $policy
    ->setDirective('script-src', [
    Csp::POLICY_NONE,
    'https://example.org',
  ]);
  $policy
    ->fallbackAwareAppendIfEnabled('script-src-attr', Csp::POLICY_UNSAFE_INLINE);
  $this
    ->assertEquals([
    Csp::POLICY_UNSAFE_INLINE,
  ], $policy
    ->getDirective('script-src-attr'));
}

You are here

public function CspTest::testFallbackAwareAppendIfEnabledNone in Content-Security-Policy 8

File

Class

Namespace

Code

API Navigation