Esempio n. 1
0
 def test_config(self):
     """ Test that the various CSP_REPORTS_X settings correctly control which handlers are
         called.
     """
     mock_paths = [
         "cspreports.utils.email_admins",
         "cspreports.utils.save_report",
         "cspreports.utils.log_report",
     ]
     corresponding_settings = [
         "CSP_REPORTS_EMAIL_ADMINS",
         "CSP_REPORTS_SAVE",
         "CSP_REPORTS_LOG",
     ]
     for i in range(len(mock_paths)):
         mocks = [patch(path) for path in mock_paths]
         settings_overrides = {
             setting: True if j == i else False
             for j, setting in enumerate(corresponding_settings)
         }
         with override_settings(**settings_overrides):
             with mocks[0] as mocked_object_0, mocks[
                     1] as mocked_object_1, mocks[2] as mocked_object_2:
                 mocked_objects = [
                     mocked_object_0, mocked_object_1, mocked_object_2
                 ]
                 request = HttpRequest()
                 utils.process_report(request)
                 for k, mocked_object in enumerate(mocked_objects):
                     if k == i:
                         self.assertTrue(mocked_object.called)
                     else:
                         self.assertFalse(mocked_object.called)
Esempio n. 2
0
 def test_config(self):
     """ Test that the various CSP_REPORTS_X settings correctly control which handlers are called. """
     mock_paths  = [
         "cspreports.utils.email_admins",
         "cspreports.utils.save_report",
         "cspreports.utils.log_report",
     ]
     corresponding_settings = [
         "CSP_REPORTS_EMAIL_ADMINS",
         "CSP_REPORTS_SAVE",
         "CSP_REPORTS_LOG",
     ]
     for i in xrange(len(mock_paths)):
         mocks = [mock.patch(path) for path in mock_paths]
         settings_overrides = {
             setting: True if j == i else False
             for j, setting in enumerate(corresponding_settings)
         }
         with override_settings(**settings_overrides):
             with nested(*mocks) as mocked_objects:
                 request = HttpRequest()
                 utils.process_report(request)
                 for k, mocked_object in enumerate(mocked_objects):
                     if k == i:
                         self.assertTrue(mocked_object.called)
                     else:
                         self.assertFalse(mocked_object.called)
Esempio n. 3
0
 def test_filter_function(self):
     """ Test that setting CSP_REPORTS_FILTER_FUNCTION allows the given function to filter out
         requests.
     """
     report1 = '{"document-uri": "http://not-included.com/"}'
     report2 = '{"document-uri": "http://included.com/"}'
     request = HttpRequest()
     request._body = report1
     with patch('cspreports.utils.log_report') as log_patch:
         utils.process_report(request)
         self.assertFalse(log_patch.called)
         request._body = report2
         utils.process_report(request)
         self.assertTrue(log_patch.called)
Esempio n. 4
0
 def test_run_additional_handlers(self):
     """ Test that the run_additional_handlers function correctly calls each of the specified custom
         handler functions.
     """
     # utils stores a cache of the handlers (for efficiency, so kill that)
     utils._additional_handlers = None
     request = HttpRequest()
     with override_settings(
         CSP_REPORTS_ADDITIONAL_HANDLERS=["cspreports.tests.my_handler"],
         CSP_REPORTS_EMAIL_ADMINS=False,
         CSP_REPORTS_LOG=False,
         CSP_REPORTS_SAVE=False,
     ):
         utils.process_report(request)
         self.assertTrue(request.my_handler_called)
Esempio n. 5
0
 def test_run_additional_handlers(self):
     """ Test that the run_additional_handlers function correctly calls each of the specified custom
         handler functions.
     """
     # utils stores a cache of the handlers (for efficiency, so kill that)
     utils._additional_handlers = None
     request = HttpRequest()
     with override_settings(
             CSP_REPORTS_ADDITIONAL_HANDLERS=[
                 "cspreports.tests.test_utils.my_handler"
             ],
             CSP_REPORTS_EMAIL_ADMINS=False,
             CSP_REPORTS_LOG=False,
             CSP_REPORTS_SAVE=False,
     ):
         utils.process_report(request)
         self.assertTrue(request.my_handler_called)
Esempio n. 6
0
def report_csp(request):
    """ The handler for browsers to send Content Security Policy violation reports to.
        The 'report-uri' in HTTP Content-Security-Policy headers should point to this view.
    """
    process_report(request)
    return HttpResponse('')
Esempio n. 7
0
def report_csp(request):
    """ The handler for browsers to send Content Security Policy violation reports to.
        The 'report-uri' in HTTP Content-Security-Policy headers should point to this view.
    """
    process_report(request)
    return HttpResponse('')