def testDirective_combine_notRegularURI(self):
direct = Directive("style-src", [SelfSourceExpression.SELF()])
assert direct.combinedDirective(
Directive.INVALID()) == Directive.INVALID()
assert Directive.INVALID().combinedDirective(
direct) == Directive.INVALID()
assert direct.combinedDirective(
Directive.EVAL_SCRIPT_BASE_RESTRICTION()) == Directive.INVALID()
assert Directive.EVAL_SCRIPT_BASE_RESTRICTION().combinedDirective(
direct) == Directive.INVALID()
def testPolicy_init_removeNotRegularDirective(self):
pol = Policy([
PolicyTest.sampleDirective1a,
Directive.INVALID(),
Directive.EVAL_SCRIPT_BASE_RESTRICTION()
])
expected = Policy([PolicyTest.sampleDirective1a])
assert pol == expected
def testDirective_getType(self):
assert Directive("default-src", []).getType() == "default-src"
assert Directive.INLINE_STYLE_BASE_RESTRICTION().getType(
) == "style-src"
assert Directive.INLINE_SCRIPT_BASE_RESTRICTION().getType(
) == "script-src"
assert Directive.EVAL_SCRIPT_BASE_RESTRICTION().getType(
) == "script-src"
def testDirective_withoutPaths(self):
withPaths = Directive(
"script-src",
[DirectiveTest.sampleSrcExpr2,
SelfSourceExpression.SELF()])
withoutPaths = Directive("script-src", [
DirectiveTest.sampleSrcExpr2.removePath(),
SelfSourceExpression.SELF()
])
assert withPaths.withoutPaths() == withoutPaths
assert withoutPaths.withoutPaths() == withoutPaths
assert Directive.INVALID().withoutPaths() == Directive.INVALID()
assert Directive.EVAL_SCRIPT_BASE_RESTRICTION().withoutPaths(
) == Directive.EVAL_SCRIPT_BASE_RESTRICTION()
assert Directive.INLINE_SCRIPT_BASE_RESTRICTION().withoutPaths(
) == Directive.INLINE_SCRIPT_BASE_RESTRICTION()
assert Directive.INLINE_STYLE_BASE_RESTRICTION().withoutPaths(
) == Directive.INLINE_STYLE_BASE_RESTRICTION()
def testDirective_isRegularDirective(self):
assert Directive.INVALID().isRegularDirective() == False
assert Directive.EVAL_SCRIPT_BASE_RESTRICTION().isRegularDirective(
) == False
assert Directive.INLINE_SCRIPT_BASE_RESTRICTION().isRegularDirective(
) == False
assert Directive.INLINE_STYLE_BASE_RESTRICTION().isRegularDirective(
) == False
assert Directive("default-src", []).isRegularDirective() == True
def testDirective_asBasicDirectives_single(self):
assert Directive.INVALID().asBasicDirectives() == set([])
assert Directive.EVAL_SCRIPT_BASE_RESTRICTION().asBasicDirectives(
) == set([])
assert Directive.INLINE_SCRIPT_BASE_RESTRICTION().asBasicDirectives(
) == set([])
assert Directive.INLINE_STYLE_BASE_RESTRICTION().asBasicDirectives(
) == set([])
sampleDirective = Directive("img-src", [DirectiveTest.sampleSrcExpr1b])
assert sampleDirective.asBasicDirectives() == set([sampleDirective])
def testDirective_isBasicDirective(self):
assert Directive.INVALID().isBasicDirective() == False
assert Directive.EVAL_SCRIPT_BASE_RESTRICTION().isBasicDirective(
) == False
assert Directive("default-src", ()).isBasicDirective() == True
assert Directive(
"script-src",
[DirectiveTest.sampleSrcExpr2]).isBasicDirective() == True
assert Directive(
"object-src",
[DirectiveTest.sampleSrcExpr2, DirectiveTest.sampleSrcExpr3
]).isBasicDirective() == False
def testDirective_matches_special(self):
"""An invalid/special directive matches nothing."""
selfURI = DirectiveTest.sampleURI2
assert not Directive.INVALID().matches(URI.EMPTY(), selfURI)
assert not Directive.INVALID().matches(URI.INVALID(), selfURI)
assert not Directive.INVALID().matches(URI.INLINE(), selfURI)
assert not Directive.INVALID().matches(URI.EVAL(), selfURI)
assert not Directive.INVALID().matches(DirectiveTest.sampleURI1,
selfURI)
assert not Directive.EVAL_SCRIPT_BASE_RESTRICTION().matches(
URI.EMPTY(), selfURI)
assert not Directive.EVAL_SCRIPT_BASE_RESTRICTION().matches(
URI.INVALID(), selfURI)
assert not Directive.EVAL_SCRIPT_BASE_RESTRICTION().matches(
URI.INLINE(), selfURI)
assert not Directive.EVAL_SCRIPT_BASE_RESTRICTION().matches(
URI.EVAL(), selfURI)
assert not Directive.EVAL_SCRIPT_BASE_RESTRICTION().matches(
DirectiveTest.sampleURI1, selfURI)
assert not Directive.INLINE_SCRIPT_BASE_RESTRICTION().matches(
URI.EMPTY(), selfURI)
assert not Directive.INLINE_SCRIPT_BASE_RESTRICTION().matches(
URI.INVALID(), selfURI)
assert not Directive.INLINE_SCRIPT_BASE_RESTRICTION().matches(
URI.INLINE(), selfURI)
assert not Directive.INLINE_SCRIPT_BASE_RESTRICTION().matches(
URI.EVAL(), selfURI)
assert not Directive.INLINE_SCRIPT_BASE_RESTRICTION().matches(
DirectiveTest.sampleURI1, selfURI)
assert not Directive.INLINE_STYLE_BASE_RESTRICTION().matches(
URI.EMPTY(), selfURI)
assert not Directive.INLINE_STYLE_BASE_RESTRICTION().matches(
URI.INVALID(), selfURI)
assert not Directive.INLINE_STYLE_BASE_RESTRICTION().matches(
URI.INLINE(), selfURI)
assert not Directive.INLINE_STYLE_BASE_RESTRICTION().matches(
URI.EVAL(), selfURI)
assert not Directive.INLINE_STYLE_BASE_RESTRICTION().matches(
DirectiveTest.sampleURI1, selfURI)
def testDirectiveParser_parse_evalScriptBaseRestriction(self):
"""The Firefox value 'eval script base restriction' for the 'violated-directive' field is parsed
correctly."""
firefoxViolatedDirective = "eval script base restriction"
assert DirectiveParser().parse(firefoxViolatedDirective) \
== Directive.EVAL_SCRIPT_BASE_RESTRICTION()
def testDirective_str_evalScriptBaseRestriction(self):
assert str(Directive.EVAL_SCRIPT_BASE_RESTRICTION()
) == "eval script base restriction"
def testDirective_generateDirective_eval_special(self):
violated = Directive.EVAL_SCRIPT_BASE_RESTRICTION()
generated = violated.generateDirective("eval",
DirectiveTest.sampleURI2)
assert generated == Directive("script-src",
[SourceExpression.UNSAFE_EVAL()])