upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-05-28 04:32:30 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 25

add more unit tests for data: as allowed image domain

Browse source
This commit is contained in:
sualko 2015-08-10 12:42:42 +02:00
parent 930841b67a
commit 5590d64612
3 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
tests/lib/appframework/controller/ControllerTest.php
View file

@ -177,7 +177,7 @@ class ControllerTest extends \Test\TestCase {
'test' => 'something',
'Cache-Control' => 'no-cache, must-revalidate',
'Content-Type' => 'application/json; charset=utf-8',
'Content-Security-Policy' => "default-src 'none';script-src 'self' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self';font-src 'self';connect-src 'self';media-src 'self'",
'Content-Security-Policy' => "default-src 'none';script-src 'self' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data:;font-src 'self';connect-src 'self';media-src 'self'",
];
$response = $this->controller->customDataResponse(array('hi'));

2
tests/lib/appframework/http/DataResponseTest.php
View file

@ -68,7 +68,7 @@ class DataResponseTest extends \Test\TestCase {
$expectedHeaders = [
'Cache-Control' => 'no-cache, must-revalidate',
'Content-Security-Policy' => "default-src 'none';script-src 'self' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self';font-src 'self';connect-src 'self';media-src 'self'",
'Content-Security-Policy' => "default-src 'none';script-src 'self' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data:;font-src 'self';connect-src 'self';media-src 'self'",
];
$expectedHeaders = array_merge($expectedHeaders, $headers);

2
tests/lib/appframework/http/ResponseTest.php
View file

@ -58,7 +58,7 @@ class ResponseTest extends \Test\TestCase {
$this->childResponse->setHeaders($expected);
$headers = $this->childResponse->getHeaders();
$expected['Content-Security-Policy'] = "default-src 'none';script-src 'self' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self';font-src 'self';connect-src 'self';media-src 'self'";
$expected['Content-Security-Policy'] = "default-src 'none';script-src 'self' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data:;font-src 'self';connect-src 'self';media-src 'self'";
$this->assertEquals($expected, $headers);
}