def testPolicy_combinedPolicy_validDefaultSrcOnly(self):
"""Combination of two policies with default directive is possible only if both policies contain
only a default directive."""
pol1 = Policy([PolicyTest.sampleDirective1a])
pol2 = Policy([PolicyTest.sampleDirective9])
expected = Policy([Directive("default-src", [PolicyTest.sampleSourceExpression1,
SourceExpression.UNSAFE_INLINE()])])
assert pol1.combinedPolicy(pol2) == expected
assert pol2.combinedPolicy(pol1) == expected
def testPolicy_combinedPolicy_normal(self):
pol1 = Policy([PolicyTest.sampleDirective6, PolicyTest.sampleDirective2, PolicyTest.sampleDirective3])
pol2 = Policy([PolicyTest.sampleDirective4, PolicyTest.sampleDirective7])
expected = Policy([PolicyTest.sampleDirective6, PolicyTest.sampleDirective3,
Directive("script-src", [SourceExpression.UNSAFE_EVAL(), SourceExpression.UNSAFE_INLINE()])])
assert pol1.combinedPolicy(pol1) == pol1
assert pol2.combinedPolicy(pol2) == pol2
assert pol1.combinedPolicy(pol2) == expected
assert pol2.combinedPolicy(pol1) == expected
def testPolicy_combinedPolicy_validDefaultSrcOnly(self):
"""Combination of two policies with default directive is possible only if both policies contain
only a default directive."""
pol1 = Policy([PolicyTest.sampleDirective1a])
pol2 = Policy([PolicyTest.sampleDirective9])
expected = Policy([
Directive("default-src", [
PolicyTest.sampleSourceExpression1,
SourceExpression.UNSAFE_INLINE()
])
])
assert pol1.combinedPolicy(pol2) == expected
assert pol2.combinedPolicy(pol1) == expected
def testPolicy_combinedPolicy_invalidPolicy(self):
pol = Policy([
PolicyTest.sampleDirective1a, PolicyTest.sampleDirective2,
PolicyTest.sampleDirective3
])
assert pol.combinedPolicy(Policy.INVALID()) == Policy.INVALID()
assert Policy.INVALID().combinedPolicy(pol) == Policy.INVALID()
def testPolicy_combinedPolicy_normal(self):
pol1 = Policy([
PolicyTest.sampleDirective6, PolicyTest.sampleDirective2,
PolicyTest.sampleDirective3
])
pol2 = Policy(
[PolicyTest.sampleDirective4, PolicyTest.sampleDirective7])
expected = Policy([
PolicyTest.sampleDirective6, PolicyTest.sampleDirective3,
Directive("script-src", [
SourceExpression.UNSAFE_EVAL(),
SourceExpression.UNSAFE_INLINE()
])
])
assert pol1.combinedPolicy(pol1) == pol1
assert pol2.combinedPolicy(pol2) == pol2
assert pol1.combinedPolicy(pol2) == expected
assert pol2.combinedPolicy(pol1) == expected
def testPolicy_combinedPolicy_invalidDefaultSrcInOnePolicyOnly(self):
pol1 = Policy([PolicyTest.sampleDirective3])
pol2 = Policy([PolicyTest.sampleDirective9])
assert pol1.combinedPolicy(pol2) == Policy.INVALID()
assert pol2.combinedPolicy(pol1) == Policy.INVALID()
def testPolicy_combinedPolicy_invalidDefaultSrcAndOtherDirective(self):
pol1 = Policy(
[PolicyTest.sampleDirective1a, PolicyTest.sampleDirective3])
pol2 = Policy([PolicyTest.sampleDirective9])
assert pol1.combinedPolicy(pol2) == Policy.INVALID()
assert pol2.combinedPolicy(pol1) == Policy.INVALID()
def testPolicy_combinedPolicy_invalidDefaultSrcInOnePolicyOnly(self):
pol1 = Policy([PolicyTest.sampleDirective3])
pol2 = Policy([PolicyTest.sampleDirective9])
assert pol1.combinedPolicy(pol2) == Policy.INVALID()
assert pol2.combinedPolicy(pol1) == Policy.INVALID()
def testPolicy_combinedPolicy_invalidDefaultSrcAndOtherDirective(self):
pol1 = Policy([PolicyTest.sampleDirective1a, PolicyTest.sampleDirective3])
pol2 = Policy([PolicyTest.sampleDirective9])
assert pol1.combinedPolicy(pol2) == Policy.INVALID()
assert pol2.combinedPolicy(pol1) == Policy.INVALID()
def testPolicy_combinedPolicy_invalidPolicy(self):
pol = Policy([PolicyTest.sampleDirective1a, PolicyTest.sampleDirective2, PolicyTest.sampleDirective3])
assert pol.combinedPolicy(Policy.INVALID()) == Policy.INVALID()
assert Policy.INVALID().combinedPolicy(pol) == Policy.INVALID()