def testDirective_getType(self): assert Directive("default-src", []).getType() == "default-src" assert Directive.INLINE_STYLE_BASE_RESTRICTION().getType( ) == "style-src" assert Directive.INLINE_SCRIPT_BASE_RESTRICTION().getType( ) == "script-src" assert Directive.EVAL_SCRIPT_BASE_RESTRICTION().getType( ) == "script-src"
def testDirective_withoutPaths(self): withPaths = Directive( "script-src", [DirectiveTest.sampleSrcExpr2, SelfSourceExpression.SELF()]) withoutPaths = Directive("script-src", [ DirectiveTest.sampleSrcExpr2.removePath(), SelfSourceExpression.SELF() ]) assert withPaths.withoutPaths() == withoutPaths assert withoutPaths.withoutPaths() == withoutPaths assert Directive.INVALID().withoutPaths() == Directive.INVALID() assert Directive.EVAL_SCRIPT_BASE_RESTRICTION().withoutPaths( ) == Directive.EVAL_SCRIPT_BASE_RESTRICTION() assert Directive.INLINE_SCRIPT_BASE_RESTRICTION().withoutPaths( ) == Directive.INLINE_SCRIPT_BASE_RESTRICTION() assert Directive.INLINE_STYLE_BASE_RESTRICTION().withoutPaths( ) == Directive.INLINE_STYLE_BASE_RESTRICTION()
def testDirective_isRegularDirective(self): assert Directive.INVALID().isRegularDirective() == False assert Directive.EVAL_SCRIPT_BASE_RESTRICTION().isRegularDirective( ) == False assert Directive.INLINE_SCRIPT_BASE_RESTRICTION().isRegularDirective( ) == False assert Directive.INLINE_STYLE_BASE_RESTRICTION().isRegularDirective( ) == False assert Directive("default-src", []).isRegularDirective() == True
def testDirective_asBasicDirectives_single(self): assert Directive.INVALID().asBasicDirectives() == set([]) assert Directive.EVAL_SCRIPT_BASE_RESTRICTION().asBasicDirectives( ) == set([]) assert Directive.INLINE_SCRIPT_BASE_RESTRICTION().asBasicDirectives( ) == set([]) assert Directive.INLINE_STYLE_BASE_RESTRICTION().asBasicDirectives( ) == set([]) sampleDirective = Directive("img-src", [DirectiveTest.sampleSrcExpr1b]) assert sampleDirective.asBasicDirectives() == set([sampleDirective])
def testDirective_matches_special(self): """An invalid/special directive matches nothing.""" selfURI = DirectiveTest.sampleURI2 assert not Directive.INVALID().matches(URI.EMPTY(), selfURI) assert not Directive.INVALID().matches(URI.INVALID(), selfURI) assert not Directive.INVALID().matches(URI.INLINE(), selfURI) assert not Directive.INVALID().matches(URI.EVAL(), selfURI) assert not Directive.INVALID().matches(DirectiveTest.sampleURI1, selfURI) assert not Directive.EVAL_SCRIPT_BASE_RESTRICTION().matches( URI.EMPTY(), selfURI) assert not Directive.EVAL_SCRIPT_BASE_RESTRICTION().matches( URI.INVALID(), selfURI) assert not Directive.EVAL_SCRIPT_BASE_RESTRICTION().matches( URI.INLINE(), selfURI) assert not Directive.EVAL_SCRIPT_BASE_RESTRICTION().matches( URI.EVAL(), selfURI) assert not Directive.EVAL_SCRIPT_BASE_RESTRICTION().matches( DirectiveTest.sampleURI1, selfURI) assert not Directive.INLINE_SCRIPT_BASE_RESTRICTION().matches( URI.EMPTY(), selfURI) assert not Directive.INLINE_SCRIPT_BASE_RESTRICTION().matches( URI.INVALID(), selfURI) assert not Directive.INLINE_SCRIPT_BASE_RESTRICTION().matches( URI.INLINE(), selfURI) assert not Directive.INLINE_SCRIPT_BASE_RESTRICTION().matches( URI.EVAL(), selfURI) assert not Directive.INLINE_SCRIPT_BASE_RESTRICTION().matches( DirectiveTest.sampleURI1, selfURI) assert not Directive.INLINE_STYLE_BASE_RESTRICTION().matches( URI.EMPTY(), selfURI) assert not Directive.INLINE_STYLE_BASE_RESTRICTION().matches( URI.INVALID(), selfURI) assert not Directive.INLINE_STYLE_BASE_RESTRICTION().matches( URI.INLINE(), selfURI) assert not Directive.INLINE_STYLE_BASE_RESTRICTION().matches( URI.EVAL(), selfURI) assert not Directive.INLINE_STYLE_BASE_RESTRICTION().matches( DirectiveTest.sampleURI1, selfURI)
def testDirectiveParser_parse_inlineScriptBaseRestriction(self): """The Firefox value 'inline script base restriction' for the 'violated-directive' field is parsed correctly.""" firefoxViolatedDirective = "inline script base restriction" assert DirectiveParser().parse(firefoxViolatedDirective) \ == Directive.INLINE_SCRIPT_BASE_RESTRICTION()
def testDirective_str_inlineScriptBaseRestriction(self): assert str(Directive.INLINE_SCRIPT_BASE_RESTRICTION() ) == "inline script base restriction"
def testDirective_generateDirective_inline_special_script(self): violated = Directive.INLINE_SCRIPT_BASE_RESTRICTION() generated = violated.generateDirective("inline", DirectiveTest.sampleURI1) assert generated == Directive("script-src", [SourceExpression.UNSAFE_INLINE()])