public function SecKitTestCase::testCSPAllDirectivesEmpty in Security Kit 7
Same name and namespace in other branches
- 6 seckit.test \SecKitTestCase::testCSPAllDirectivesEmpty()
Tests Content Security Policy with all directives empty. In this case, we should revert back to default values.
File
- ./
seckit.test, line 247 - Tests for Security Kit module.
Class
- SecKitTestCase
- Functional tests for Security Kit.
Code
public function testCSPAllDirectivesEmpty() {
$form = array(
'seckit_xss[csp][checkbox]' => TRUE,
'seckit_xss[csp][vendor-prefix][x]' => FALSE,
'seckit_xss[csp][vendor-prefix][webkit]' => FALSE,
'seckit_xss[csp][default-src]' => '',
'seckit_xss[csp][script-src]' => '',
'seckit_xss[csp][object-src]' => '',
'seckit_xss[csp][img-src]' => '',
'seckit_xss[csp][media-src]' => '',
'seckit_xss[csp][style-src]' => '',
'seckit_xss[csp][frame-src]' => '',
'seckit_xss[csp][frame-ancestors]' => '',
'seckit_xss[csp][child-src]' => '',
'seckit_xss[csp][font-src]' => '',
'seckit_xss[csp][connect-src]' => '',
'seckit_xss[csp][report-uri]' => '',
'seckit_xss[csp][policy-uri]' => '',
);
$this
->drupalPost('admin/config/system/seckit', $form, t('Save configuration'));
$expected = "default-src 'self'; report-uri " . base_path() . SECKIT_CSP_REPORT_URL;
$this
->assertEqual($expected, $this
->drupalGetHeader('Content-Security-Policy'), t('Content-Security-Policy has default directive.'));
$this
->assertFalse($this
->drupalGetHeader('X-Content-Security-Policy'), t('Vendor prefixed X-Content-Security-Policy header is disabled.'));
$this
->assertFalse($this
->drupalGetHeader('X-WebKit-CSP'), t('Vendor prefixed X-Webkit-CSP header is disabled.'));
}