Beispiel #1
0
 def testDirective_getType(self):
     assert Directive("default-src", []).getType() == "default-src"
     assert Directive.INLINE_STYLE_BASE_RESTRICTION().getType(
     ) == "style-src"
     assert Directive.INLINE_SCRIPT_BASE_RESTRICTION().getType(
     ) == "script-src"
     assert Directive.EVAL_SCRIPT_BASE_RESTRICTION().getType(
     ) == "script-src"
Beispiel #2
0
 def testDirective_withoutPaths(self):
     withPaths = Directive(
         "script-src",
         [DirectiveTest.sampleSrcExpr2,
          SelfSourceExpression.SELF()])
     withoutPaths = Directive("script-src", [
         DirectiveTest.sampleSrcExpr2.removePath(),
         SelfSourceExpression.SELF()
     ])
     assert withPaths.withoutPaths() == withoutPaths
     assert withoutPaths.withoutPaths() == withoutPaths
     assert Directive.INVALID().withoutPaths() == Directive.INVALID()
     assert Directive.EVAL_SCRIPT_BASE_RESTRICTION().withoutPaths(
     ) == Directive.EVAL_SCRIPT_BASE_RESTRICTION()
     assert Directive.INLINE_SCRIPT_BASE_RESTRICTION().withoutPaths(
     ) == Directive.INLINE_SCRIPT_BASE_RESTRICTION()
     assert Directive.INLINE_STYLE_BASE_RESTRICTION().withoutPaths(
     ) == Directive.INLINE_STYLE_BASE_RESTRICTION()
Beispiel #3
0
 def testDirective_isRegularDirective(self):
     assert Directive.INVALID().isRegularDirective() == False
     assert Directive.EVAL_SCRIPT_BASE_RESTRICTION().isRegularDirective(
     ) == False
     assert Directive.INLINE_SCRIPT_BASE_RESTRICTION().isRegularDirective(
     ) == False
     assert Directive.INLINE_STYLE_BASE_RESTRICTION().isRegularDirective(
     ) == False
     assert Directive("default-src", []).isRegularDirective() == True
Beispiel #4
0
 def testDirective_asBasicDirectives_single(self):
     assert Directive.INVALID().asBasicDirectives() == set([])
     assert Directive.EVAL_SCRIPT_BASE_RESTRICTION().asBasicDirectives(
     ) == set([])
     assert Directive.INLINE_SCRIPT_BASE_RESTRICTION().asBasicDirectives(
     ) == set([])
     assert Directive.INLINE_STYLE_BASE_RESTRICTION().asBasicDirectives(
     ) == set([])
     sampleDirective = Directive("img-src", [DirectiveTest.sampleSrcExpr1b])
     assert sampleDirective.asBasicDirectives() == set([sampleDirective])
Beispiel #5
0
 def testDirective_matches_special(self):
     """An invalid/special directive matches nothing."""
     selfURI = DirectiveTest.sampleURI2
     assert not Directive.INVALID().matches(URI.EMPTY(), selfURI)
     assert not Directive.INVALID().matches(URI.INVALID(), selfURI)
     assert not Directive.INVALID().matches(URI.INLINE(), selfURI)
     assert not Directive.INVALID().matches(URI.EVAL(), selfURI)
     assert not Directive.INVALID().matches(DirectiveTest.sampleURI1,
                                            selfURI)
     assert not Directive.EVAL_SCRIPT_BASE_RESTRICTION().matches(
         URI.EMPTY(), selfURI)
     assert not Directive.EVAL_SCRIPT_BASE_RESTRICTION().matches(
         URI.INVALID(), selfURI)
     assert not Directive.EVAL_SCRIPT_BASE_RESTRICTION().matches(
         URI.INLINE(), selfURI)
     assert not Directive.EVAL_SCRIPT_BASE_RESTRICTION().matches(
         URI.EVAL(), selfURI)
     assert not Directive.EVAL_SCRIPT_BASE_RESTRICTION().matches(
         DirectiveTest.sampleURI1, selfURI)
     assert not Directive.INLINE_SCRIPT_BASE_RESTRICTION().matches(
         URI.EMPTY(), selfURI)
     assert not Directive.INLINE_SCRIPT_BASE_RESTRICTION().matches(
         URI.INVALID(), selfURI)
     assert not Directive.INLINE_SCRIPT_BASE_RESTRICTION().matches(
         URI.INLINE(), selfURI)
     assert not Directive.INLINE_SCRIPT_BASE_RESTRICTION().matches(
         URI.EVAL(), selfURI)
     assert not Directive.INLINE_SCRIPT_BASE_RESTRICTION().matches(
         DirectiveTest.sampleURI1, selfURI)
     assert not Directive.INLINE_STYLE_BASE_RESTRICTION().matches(
         URI.EMPTY(), selfURI)
     assert not Directive.INLINE_STYLE_BASE_RESTRICTION().matches(
         URI.INVALID(), selfURI)
     assert not Directive.INLINE_STYLE_BASE_RESTRICTION().matches(
         URI.INLINE(), selfURI)
     assert not Directive.INLINE_STYLE_BASE_RESTRICTION().matches(
         URI.EVAL(), selfURI)
     assert not Directive.INLINE_STYLE_BASE_RESTRICTION().matches(
         DirectiveTest.sampleURI1, selfURI)
Beispiel #6
0
 def testDirectiveParser_parse_inlineScriptBaseRestriction(self):
     """The Firefox value 'inline script base restriction' for the 'violated-directive' field is parsed
     correctly."""
     firefoxViolatedDirective = "inline script base restriction"
     assert DirectiveParser().parse(firefoxViolatedDirective) \
             == Directive.INLINE_SCRIPT_BASE_RESTRICTION()
Beispiel #7
0
 def testDirective_str_inlineScriptBaseRestriction(self):
     assert str(Directive.INLINE_SCRIPT_BASE_RESTRICTION()
                ) == "inline script base restriction"
Beispiel #8
0
 def testDirective_generateDirective_inline_special_script(self):
     violated = Directive.INLINE_SCRIPT_BASE_RESTRICTION()
     generated = violated.generateDirective("inline",
                                            DirectiveTest.sampleURI1)
     assert generated == Directive("script-src",
                                   [SourceExpression.UNSAFE_INLINE()])