You are here

public function SecKitTestCaseTest::testCspAllDirectivesEmpty in Security Kit 8

Same name and namespace in other branches
  1. 2.x tests/src/Functional/SecKitTestCaseTest.php \Drupal\Tests\seckit\Functional\SecKitTestCaseTest::testCspAllDirectivesEmpty()

Tests Content Security Policy with all directives empty.

In this case, we should revert back to default values.

File

tests/src/Functional/SecKitTestCaseTest.php, line 233

Class

SecKitTestCaseTest
Functional tests for Security Kit.

Namespace

Drupal\Tests\seckit\Functional

Code

public function testCspAllDirectivesEmpty() {
  $form = [
    'seckit_xss[csp][checkbox]' => TRUE,
    'seckit_xss[csp][vendor-prefix][x]' => TRUE,
    'seckit_xss[csp][vendor-prefix][webkit]' => TRUE,
    'seckit_xss[csp][default-src]' => 'self',
    'seckit_xss[csp][script-src]' => '',
    'seckit_xss[csp][object-src]' => '',
    'seckit_xss[csp][img-src]' => '',
    'seckit_xss[csp][media-src]' => '',
    'seckit_xss[csp][style-src]' => '',
    'seckit_xss[csp][frame-src]' => '',
    'seckit_xss[csp][frame-ancestors]' => '',
    'seckit_xss[csp][child-src]' => '',
    'seckit_xss[csp][font-src]' => '',
    'seckit_xss[csp][connect-src]' => '',
    'seckit_xss[csp][report-uri]' => $this->reportPath,
    'seckit_xss[csp][upgrade-req]' => FALSE,
    'seckit_xss[csp][policy-uri]' => '',
  ];
  $this
    ->drupalPostForm('admin/config/system/seckit', $form, t('Save configuration'));
  $expected = "default-src self; report-uri " . base_path() . $this->reportPath;
  $this
    ->assertSession()
    ->responseHeaderEquals('Content-Security-Policy', $expected);
  $this
    ->assertSession()
    ->responseHeaderEquals('X-Content-Security-Policy', $expected);
  $this
    ->assertSession()
    ->responseHeaderEquals('X-WebKit-CSP', $expected);
}