public function ResponseCspSubscriberTest::testPolicyAlterEvent in Content-Security-Policy 8
Check that Policy Alter events are dispatched.
@covers ::onKernelResponse
File
- tests/
src/ Unit/ EventSubscriber/ ResponseCspSubscriberTest.php, line 114
Class
- ResponseCspSubscriberTest
- @coversDefaultClass \Drupal\csp\EventSubscriber\ResponseCspSubscriber @group csp
Namespace
Drupal\Tests\csp\Unit\EventSubscriberCode
public function testPolicyAlterEvent() {
/** @var \Drupal\Core\Config\ConfigFactoryInterface|\PHPUnit_Framework_MockObject_MockObject $configFactory */
$configFactory = $this
->getConfigFactoryStub([
'system.performance' => [
'css.preprocess' => FALSE,
],
'csp.settings' => [
'report-only' => [
'enable' => TRUE,
'directives' => [
'style-src' => [
'base' => 'any',
],
],
],
'enforce' => [
'enable' => TRUE,
'directives' => [
'script-src' => [
'base' => 'self',
],
],
],
],
]);
$this->eventDispatcher
->expects($this
->exactly(2))
->method('dispatch')
->with($this
->equalTo(CspEvents::POLICY_ALTER), $this
->callback(function ($event) {
$policy = $event
->getPolicy();
return $policy
->hasDirective($policy
->isReportOnly() ? 'style-src' : 'script-src');
}))
->willReturnCallback(function ($eventName, $event) {
$policy = $event
->getPolicy();
$policy
->setDirective('font-src', [
Csp::POLICY_SELF,
]);
});
$this->response->headers
->expects($this
->exactly(2))
->method('set')
->withConsecutive([
$this
->equalTo('Content-Security-Policy-Report-Only'),
$this
->equalTo("font-src 'self'; style-src *"),
], [
$this
->equalTo('Content-Security-Policy'),
$this
->equalTo("font-src 'self'; script-src 'self'"),
]);
$subscriber = new ResponseCspSubscriber($configFactory, $this->libraryPolicy, $this->reportingHandlerPluginManager, $this->eventDispatcher);
$subscriber
->onKernelResponse($this->event);
}