def test_csp_coverage_tween_with_ignored_path(mocker, dummy_request):
mocker.patch('pyramid_secure_response.csp_coverage.apply_path_filter',
return_value=True)
from pyramid.response import Response
from pyramid_secure_response.csp_coverage import (
apply_path_filter,
)
dummy_request.path = '/humans.txt'
dummy_request.registry.settings = {
'pyramid_secure_response.csp_coverage.enabled': 'True',
'pyramid_secure_response.csp_coverage.ignore_paths': '\n/humans.txt\n'
}
handler_stub = mocker.stub(name='handler_stub')
handler_stub.return_value = Response(status=200)
csp_coverage_tween = tween(handler_stub, dummy_request.registry)
res = csp_coverage_tween(dummy_request)
# pylint: disable=no-member
assert 1 == handler_stub.call_count
assert 1 == apply_path_filter.call_count
apply_path_filter.assert_called_once_with(
dummy_request, ('/humans.txt',))
assert 'Content-Security-Policy' not in res.headers
def test_csp_coverage_tween_default_src_with_scheme_source(
mocker, dummy_request):
from pyramid_secure_response import csp_coverage
mocker.spy(csp_coverage, 'apply_path_filter')
from pyramid.response import Response
from pyramid_secure_response.csp_coverage import (
apply_path_filter,
)
dummy_request.url = 'https://example.org/'
dummy_request.registry.settings = {
'pyramid_secure_response.csp_coverage.enabled': 'True',
'pyramid_secure_response.csp_coverage.ignore_paths': '\n',
'pyramid_secure_response.csp_coverage.default_src': 'https:',
}
handler_stub = mocker.stub(name='handler_stub')
handler_stub.return_value = Response(status=200)
csp_coverage_tween = tween(handler_stub, dummy_request.registry)
res = csp_coverage_tween(dummy_request)
# pylint: disable=no-member
assert 1 == handler_stub.call_count
assert 1 == apply_path_filter.call_count
apply_path_filter.assert_called_once_with(dummy_request, tuple())
assert 'Content-Security-Policy' in res.headers
assert 'default-src https:' == \
res.headers['Content-Security-Policy']
def test_csp_coverage_tween_with_disabled(mocker, dummy_request):
mocker.patch('pyramid_secure_response.csp_coverage.apply_path_filter',
return_value=True)
from pyramid.response import Response
from pyramid_secure_response.csp_coverage import (
apply_path_filter,
)
dummy_request.registry.settings = {
'pyramid_secure_response.csp_coverage.enabled': 'False'
}
handler_stub = mocker.stub(name='handler_stub')
handler_stub.return_value = Response(status=200)
csp_coverage_tween = tween(handler_stub, dummy_request.registry)
res = csp_coverage_tween(dummy_request)
# pylint: disable=no-member
assert 1 == handler_stub.call_count
assert 0 == apply_path_filter.call_count
assert 'Content-Security-Policy' not in res.headers