You are here

public function SecKitTestCase::testReportOnlyCSP in Security Kit 6

Same name and namespace in other branches
  1. 7 seckit.test \SecKitTestCase::testReportOnlyCSP()

Tests Content Security Policy in report-only mode.

File

./seckit.test, line 141
Tests for Security Kit module.

Class

SecKitTestCase
Functional tests for Security Kit.

Code

public function testReportOnlyCSP() {
  $form['seckit_xss[csp][checkbox]'] = TRUE;
  $form['seckit_xss[csp][report-only]'] = TRUE;
  $this
    ->drupalPost('admin/settings/seckit', $form, t('Save configuration'));
  $this
    ->assertTrue($this
    ->drupalGetHeader('Content-Security-Policy-Report-Only'), t('Content Security Policy is in report-only mode (Official).'));
  $this
    ->assertTrue($this
    ->drupalGetHeader('X-Content-Security-Policy-Report-Only'), t('Content Security Policy is in report-only mode (Mozilla and IE10).'));
  $this
    ->assertTrue($this
    ->drupalGetHeader('X-WebKit-CSP-Report-Only'), t('Content Security Policy is in report-only mode (Chrome and Safari).'));
}