diff options
Diffstat (limited to 'spec/requests/ide_controller_spec.rb')
-rw-r--r-- | spec/requests/ide_controller_spec.rb | 21 |
1 files changed, 5 insertions, 16 deletions
diff --git a/spec/requests/ide_controller_spec.rb b/spec/requests/ide_controller_spec.rb index fe7210e4372..5b7da9ce84f 100644 --- a/spec/requests/ide_controller_spec.rb +++ b/spec/requests/ide_controller_spec.rb @@ -3,6 +3,7 @@ require 'spec_helper' RSpec.describe IdeController, feature_category: :web_ide do + include ContentSecurityPolicyHelpers using RSpec::Parameterized::TableSyntax let_it_be(:reporter) { create(:user) } @@ -20,18 +21,6 @@ RSpec.describe IdeController, feature_category: :web_ide do let(:user) { creator } - def find_csp_source(key) - csp = response.headers['Content-Security-Policy'] - - # Transform "default-src foo bar; connect-src foo bar; script-src ..." - # into array of values for a single directive based on the given key - csp.split(';') - .map(&:strip) - .find { |entry| entry.starts_with?(key) } - .split(' ') - .drop(1) - end - before do stub_feature_flags(vscode_web_ide: true) sign_in(user) @@ -198,8 +187,8 @@ RSpec.describe IdeController, feature_category: :web_ide do it 'updates the content security policy with the correct frame sources' do subject - expect(find_csp_source('frame-src')).to include("http://www.example.com/assets/webpack/", "https://*.vscode-cdn.net/") - expect(find_csp_source('worker-src')).to include("http://www.example.com/assets/webpack/") + expect(find_csp_directive('frame-src')).to include("http://www.example.com/assets/webpack/", "https://*.vscode-cdn.net/") + expect(find_csp_directive('worker-src')).to include("http://www.example.com/assets/webpack/") end it 'with relative_url_root, updates the content security policy with the correct frame sources' do @@ -207,8 +196,8 @@ RSpec.describe IdeController, feature_category: :web_ide do subject - expect(find_csp_source('frame-src')).to include("http://www.example.com/gitlab/assets/webpack/") - expect(find_csp_source('worker-src')).to include("http://www.example.com/gitlab/assets/webpack/") + expect(find_csp_directive('frame-src')).to include("http://www.example.com/gitlab/assets/webpack/") + expect(find_csp_directive('worker-src')).to include("http://www.example.com/gitlab/assets/webpack/") end end end |