public function SecKitTestCase::testCSPUpgradeInsecureRequestsDirectiveOnly in Security Kit 7

Tests Content Security Policy with upgrade-insecure-requests directive. In this case, only upgrade-insecure-requests directive should be present.

File

./seckit.test, line 329: Tests for Security Kit module.

Class

SecKitTestCase: Functional tests for Security Kit.

Code

public function testCSPUpgradeInsecureRequestsDirectiveOnly() {
  $form['seckit_xss[csp][checkbox]'] = TRUE;
  $form['seckit_xss[csp][upgrade-req]'] = TRUE;
  $this
    ->drupalPost('admin/config/system/seckit', $form, t('Save configuration'));
  $expected = "default-src 'self'; report-uri " . base_path() . SECKIT_CSP_REPORT_URL . '; upgrade-insecure-requests';
  $this
    ->assertEqual($expected, $this
    ->drupalGetHeader('Content-Security-Policy'), t('Content-Security-Policy has defaults plus upgrade-insecure-requests.'));
}

You are here

public function SecKitTestCase::testCSPUpgradeInsecureRequestsDirectiveOnly in Security Kit 7

File

Class

Code

API Navigation