public function SecKitTestCase::testCSPPolicyUriDirectiveOnly in Security Kit 6
Same name and namespace in other branches
- 7 seckit.test \SecKitTestCase::testCSPPolicyUriDirectiveOnly()
Tests Content Security Policy with policy-uri directive. In this case, only policy-uri directive should be present.
File
- ./
seckit.test, line 84 - Tests for Security Kit module.
Class
- SecKitTestCase
- Functional tests for Security Kit.
Code
public function testCSPPolicyUriDirectiveOnly() {
$form = array(
'seckit_xss[csp][checkbox]' => TRUE,
'seckit_xss[csp][default-src]' => '*',
'seckit_xss[csp][script-src]' => '*',
'seckit_xss[csp][object-src]' => '*',
'seckit_xss[csp][img-src]' => '*',
'seckit_xss[csp][media-src]' => '*',
'seckit_xss[csp][style-src]' => '*',
'seckit_xss[csp][frame-src]' => '*',
'seckit_xss[csp][font-src]' => '*',
'seckit_xss[csp][connect-src]' => '*',
'seckit_xss[csp][report-uri]' => 'admin/settings/seckit/csp-report',
'seckit_xss[csp][policy-uri]' => 'csp.xml',
);
$this
->drupalPost('admin/settings/seckit', $form, t('Save configuration'));
$expected = 'policy-uri ' . base_path() . 'csp.xml';
$this
->assertEqual($expected, $this
->drupalGetHeader('Content-Security-Policy'), t('Content-Security-Policy has only policy-uri directive (Official).'));
$this
->assertEqual($expected, $this
->drupalGetHeader('X-Content-Security-Policy'), t('X-Content-Security-Policy has only policy-uri directive (Mozilla and IE10).'));
$this
->assertEqual($expected, $this
->drupalGetHeader('X-WebKit-CSP'), t('X-WebKit-CSP has only policy-uri directive (Chrome and Safari).'));
}