def testDirective_generateDirective_incompatibleType(self):
violatedWrongInlineType = Directive("object-src", [])
violatedWrongEvalType = Directive("style-src", [])
assert violatedWrongInlineType.generateDirective(
"inline", DirectiveTest.sampleURI1) == Directive.INVALID()
assert violatedWrongEvalType.generateDirective(
"eval", DirectiveTest.sampleURI1) == Directive.INVALID()
def testDirective_generateDirective_incompatibleURI(self):
violatedRegular = Directive("object-src", [])
violatedInline = Directive("style-src", [])
violatedEval = Directive("script-src", [])
assert violatedRegular.generateDirective("regular", URI.EMPTY()) == Directive.INVALID()
assert violatedRegular.generateDirective("regular", URI.INVALID()) == Directive.INVALID()
#assert violatedInline.generateDirective("inline", DirectiveTest.sampleURI1) == Directive.INVALID()
assert violatedInline.generateDirective("inline", URI.INVALID()) == Directive.INVALID()
#assert violatedEval.generateDirective("eval", DirectiveTest.sampleURI1) == Directive.INVALID()
assert violatedEval.generateDirective("eval", URI.INVALID()) == Directive.INVALID()
def testDirective_generateDirective_incompatibleURI(self):
violatedRegular = Directive("object-src", [])
violatedInline = Directive("style-src", [])
violatedEval = Directive("script-src", [])
assert violatedRegular.generateDirective(
"regular", URI.EMPTY()) == Directive.INVALID()
assert violatedRegular.generateDirective(
"regular", URI.INVALID()) == Directive.INVALID()
#assert violatedInline.generateDirective("inline", DirectiveTest.sampleURI1) == Directive.INVALID()
assert violatedInline.generateDirective(
"inline", URI.INVALID()) == Directive.INVALID()
#assert violatedEval.generateDirective("eval", DirectiveTest.sampleURI1) == Directive.INVALID()
assert violatedEval.generateDirective(
"eval", URI.INVALID()) == Directive.INVALID()
def testDirective_generateDirective_regular(self):
violated = Directive(
"object-src",
[DirectiveTest.sampleSrcExpr1a, DirectiveTest.sampleSrcExpr2])
generated = violated.generateDirective("regular",
DirectiveTest.sampleURI2)
assert generated == Directive(
"object-src",
[URISourceExpression("http", "seclab.ccs.neu.edu", 80, "/path")])
def testDirective_generateDirective_incompatibleType(self):
violatedWrongInlineType = Directive("object-src", [])
violatedWrongEvalType = Directive("style-src", [])
assert violatedWrongInlineType.generateDirective("inline", DirectiveTest.sampleURI1) == Directive.INVALID()
assert violatedWrongEvalType.generateDirective("eval", DirectiveTest.sampleURI1) == Directive.INVALID()
def testDirective_generateDirective_defaultSrcNotAllowed(self):
violated = Directive("default-src", [])
assert violated.generateDirective("regular", DirectiveTest.sampleURI1) == Directive.INVALID()
def testDirective_generateDirective_invalidType(self):
violated = Directive("script-src", [DirectiveTest.sampleSrcExpr1a])
assert violated.generateDirective("evaluate", URI.EMPTY()) == Directive.INVALID()
def testDirective_generateDirective_eval(self):
violated = Directive("script-src", [DirectiveTest.sampleSrcExpr1a])
generated = violated.generateDirective("eval", URI.EMPTY())
assert generated == Directive("script-src", [SourceExpression.UNSAFE_EVAL()])
def testDirective_generateDirective_inline(self):
violated = Directive("style-src", [DirectiveTest.sampleSrcExpr2])
generated = violated.generateDirective("inline", URI.EMPTY())
assert generated == Directive("style-src", [SourceExpression.UNSAFE_INLINE()])
def testDirective_generateDirective_regular(self):
violated = Directive("object-src", [DirectiveTest.sampleSrcExpr1a, DirectiveTest.sampleSrcExpr2])
generated = violated.generateDirective("regular", DirectiveTest.sampleURI2)
assert generated == Directive("object-src", [URISourceExpression("http", "seclab.ccs.neu.edu", 80, "/path")])
def testDirective_generateDirective_defaultSrcNotAllowed(self):
violated = Directive("default-src", [])
assert violated.generateDirective(
"regular", DirectiveTest.sampleURI1) == Directive.INVALID()
def testDirective_generateDirective_invalidType(self):
violated = Directive("script-src", [DirectiveTest.sampleSrcExpr1a])
assert violated.generateDirective("evaluate",
URI.EMPTY()) == Directive.INVALID()
def testDirective_generateDirective_eval(self):
violated = Directive("script-src", [DirectiveTest.sampleSrcExpr1a])
generated = violated.generateDirective("eval", URI.EMPTY())
assert generated == Directive("script-src",
[SourceExpression.UNSAFE_EVAL()])
def testDirective_generateDirective_inline(self):
violated = Directive("style-src", [DirectiveTest.sampleSrcExpr2])
generated = violated.generateDirective("inline", URI.EMPTY())
assert generated == Directive("style-src",
[SourceExpression.UNSAFE_INLINE()])