Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/matomo-org/matomo.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/tests
diff options
context:
space:
mode:
authorJustin Velluppillai <justin@innocraft.com>2021-09-03 03:32:24 +0300
committerGitHub <noreply@github.com>2021-09-03 03:32:24 +0300
commitbb6999df6088aa199045986b973aeedcdc22f58b (patch)
treec8422fc5064d4a7961edfa07efff1eb39457c426 /tests
parentc2791af204f24b1b61ae293af571c1279d0ac3ca (diff)
Provide SecurityPolicy method to allow embedded iframes to fetch their resources (#17955)
Diffstat (limited to 'tests')
-rw-r--r--tests/PHPUnit/Unit/SecurityPolicyTest.php8
1 files changed, 4 insertions, 4 deletions
diff --git a/tests/PHPUnit/Unit/SecurityPolicyTest.php b/tests/PHPUnit/Unit/SecurityPolicyTest.php
index a29db39eab..b1e535ca0e 100644
--- a/tests/PHPUnit/Unit/SecurityPolicyTest.php
+++ b/tests/PHPUnit/Unit/SecurityPolicyTest.php
@@ -18,7 +18,7 @@ use Piwik\Config;
class SecurityPolicyTest extends \PHPUnit\Framework\TestCase
{
private $securityPolicy;
- private $defaultPolicy = "default-src 'self' 'unsafe-inline' 'unsafe-eval'; ";
+ private $defaultPolicy = "default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' 'unsafe-inline' 'unsafe-eval' data:; ";
private $generalConfig;
@@ -63,14 +63,14 @@ class SecurityPolicyTest extends \PHPUnit\Framework\TestCase
public function testCanAppendPolicy() {
$this->securityPolicy->addPolicy('default-src', "'new-policy'");
- $expected = "Content-Security-Policy-Report-Only: default-src 'self' 'unsafe-inline' 'unsafe-eval' 'new-policy'; ";
+ $expected = "Content-Security-Policy-Report-Only: default-src 'self' 'unsafe-inline' 'unsafe-eval' 'new-policy'; img-src 'self' 'unsafe-inline' 'unsafe-eval' data:; ";
$this->assertEquals($expected, $this->securityPolicy->createHeaderString());
}
public function testCanOverridePolicy() {
$this->securityPolicy->overridePolicy('default-src', "'self'");
- $expected = "Content-Security-Policy-Report-Only: default-src 'self'; ";
+ $expected = "Content-Security-Policy-Report-Only: default-src 'self'; img-src 'self' 'unsafe-inline' 'unsafe-eval' data:; ";
$this->assertEquals($expected, $this->securityPolicy->createHeaderString());
}
@@ -78,7 +78,7 @@ class SecurityPolicyTest extends \PHPUnit\Framework\TestCase
$this->securityPolicy->removeDirective('default-src');
$this->securityPolicy->addPolicy('script-src', "'self'");
- $expected = "Content-Security-Policy-Report-Only: script-src 'self'; ";
+ $expected = "Content-Security-Policy-Report-Only: img-src 'self' 'unsafe-inline' 'unsafe-eval' data:; script-src 'self'; ";
$this->assertEquals($expected, $this->securityPolicy->createHeaderString());
}
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-29 12:43:35 +0300