You are here

public function ResponseCspSubscriberTest::testWithLibraryDirective in Content-Security-Policy 8

Test that library sources are included.

@covers ::onKernelResponse

File

tests/src/Unit/EventSubscriber/ResponseCspSubscriberTest.php, line 428

Class

ResponseCspSubscriberTest
@coversDefaultClass \Drupal\csp\EventSubscriber\ResponseCspSubscriber @group csp

Namespace

Drupal\Tests\csp\Unit\EventSubscriber

Code

public function testWithLibraryDirective() {

  /** @var \Drupal\Core\Config\ConfigFactoryInterface|\PHPUnit_Framework_MockObject_MockObject $configFactory */
  $configFactory = $this
    ->getConfigFactoryStub([
    'system.performance' => [
      'css.preprocess' => TRUE,
    ],
    'csp.settings' => [
      'report-only' => [
        'enable' => TRUE,
        'directives' => [
          'script-src' => [
            'base' => 'any',
            'flags' => [
              'unsafe-inline',
            ],
          ],
          'style-src' => [
            'base' => 'self',
            'flags' => [
              'unsafe-inline',
            ],
          ],
          'style-src-elem' => [
            'base' => 'self',
          ],
        ],
      ],
    ],
  ]);
  $this->libraryPolicy
    ->expects($this
    ->any())
    ->method('getSources')
    ->willReturn([
    'style-src' => [
      'example.com',
    ],
    'style-src-elem' => [
      'example.com',
    ],
  ]);
  $subscriber = new ResponseCspSubscriber($configFactory, $this->libraryPolicy, $this->reportingHandlerPluginManager, $this->eventDispatcher);
  $this->response->headers
    ->expects($this
    ->once())
    ->method('set')
    ->with($this
    ->equalTo('Content-Security-Policy-Report-Only'), $this
    ->equalTo("script-src * 'unsafe-inline'; style-src 'self' 'unsafe-inline' example.com; style-src-elem 'self' example.com"));
  $subscriber
    ->onKernelResponse($this->event);
}