blob: 0837296922ccf66eb923fc28af314ba10a3063e6 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
|
# frozen_string_literal: true
require 'spec_helper'
RSpec.describe 'Google Analytics 4 content security policy', feature_category: :purchase do
include ContentSecurityPolicyHelpers
subject(:csp_header) { response_headers['Content-Security-Policy'] }
it 'includes the GA4 content security policy headers' do
visit root_path
expect(find_csp_directive('script-src', header: csp_header)).to include(
'*.googletagmanager.com'
)
expect(find_csp_directive('connect-src', header: csp_header)).to include(
'*.googletagmanager.com',
'*.google-analytics.com',
'*.analytics.google.com',
'*.g.doubleclick.net'
)
expect(find_csp_directive('img-src', header: csp_header)).to include(
'*.googletagmanager.com',
'*.google-analytics.com',
'*.analytics.google.com',
'*.g.doubleclick.net'
)
end
end
|