diff options
author | Roeland Jago Douma <roeland@famdouma.nl> | 2020-11-17 18:19:03 +0300 |
---|---|---|
committer | Roeland Jago Douma <roeland@famdouma.nl> | 2020-11-18 12:13:36 +0300 |
commit | 9163790b7cc3c566c3d203205359da93e31bb133 (patch) | |
tree | ebf5bb38a9051950a59658cd40ec2c9801821675 /build/integration/sharing_features | |
parent | 5acabcf5cbcb1db92fd9661bc1ed5735ae316323 (diff) |
Set frame-ancestors to none if none are filled
frame-ancestors doesn't fall back to default-src. So when we apply a
very restricted CSP we should make sure to set it to 'none' and not
leave it empty.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Diffstat (limited to 'build/integration/sharing_features')
-rw-r--r-- | build/integration/sharing_features/sharing-v1.feature | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/build/integration/sharing_features/sharing-v1.feature b/build/integration/sharing_features/sharing-v1.feature index b5b4f5341af..00a754d54d3 100644 --- a/build/integration/sharing_features/sharing-v1.feature +++ b/build/integration/sharing_features/sharing-v1.feature @@ -14,7 +14,7 @@ Feature: sharing Then the OCS status code should be "100" And the HTTP status code should be "200" And The following headers should be set - | Content-Security-Policy | default-src 'none';base-uri 'none';manifest-src 'self' | + | Content-Security-Policy | default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none' | Scenario: Creating a share with a group Given user "user0" exists |