def testDirective_eq(self): srcExpr1 = URISourceExpression("http", "seclab.nu", "*", None) srcExpr2 = URISourceExpression("https", "seclab.nu", 443, "/") directive1a = Directive("object-src", [srcExpr1, srcExpr2]) directive1b = Directive("object-src", [srcExpr2, srcExpr1]) directive2 = Directive("frame-src", [srcExpr1, srcExpr2]) directive3 = Directive("object-src", [srcExpr2]) directive4a = Directive("script-src", (SourceExpression.UNSAFE_INLINE(), )) directive4b = Directive("script-src", (SourceExpression("unsafe-inline"), )) assert directive1a == directive1b assert hash(directive1a) == hash(directive1b) assert directive1a != directive2 assert directive1a != directive3 assert directive2 != directive3 assert directive4a == directive4b assert hash(directive4a) == hash(directive4b) assert Directive.INVALID() == Directive.INVALID() assert Directive.INVALID() not in (directive1a, directive1b, directive2, directive3) assert Directive.INLINE_STYLE_BASE_RESTRICTION() not in (directive1a, directive1b, directive2, directive3)
def testDirective_getType(self): assert Directive("default-src", []).getType() == "default-src" assert Directive.INLINE_STYLE_BASE_RESTRICTION().getType( ) == "style-src" assert Directive.INLINE_SCRIPT_BASE_RESTRICTION().getType( ) == "script-src" assert Directive.EVAL_SCRIPT_BASE_RESTRICTION().getType( ) == "script-src"
def testDirective_withoutPaths(self): withPaths = Directive( "script-src", [DirectiveTest.sampleSrcExpr2, SelfSourceExpression.SELF()]) withoutPaths = Directive("script-src", [ DirectiveTest.sampleSrcExpr2.removePath(), SelfSourceExpression.SELF() ]) assert withPaths.withoutPaths() == withoutPaths assert withoutPaths.withoutPaths() == withoutPaths assert Directive.INVALID().withoutPaths() == Directive.INVALID() assert Directive.EVAL_SCRIPT_BASE_RESTRICTION().withoutPaths( ) == Directive.EVAL_SCRIPT_BASE_RESTRICTION() assert Directive.INLINE_SCRIPT_BASE_RESTRICTION().withoutPaths( ) == Directive.INLINE_SCRIPT_BASE_RESTRICTION() assert Directive.INLINE_STYLE_BASE_RESTRICTION().withoutPaths( ) == Directive.INLINE_STYLE_BASE_RESTRICTION()
def testDirective_isRegularDirective(self): assert Directive.INVALID().isRegularDirective() == False assert Directive.EVAL_SCRIPT_BASE_RESTRICTION().isRegularDirective( ) == False assert Directive.INLINE_SCRIPT_BASE_RESTRICTION().isRegularDirective( ) == False assert Directive.INLINE_STYLE_BASE_RESTRICTION().isRegularDirective( ) == False assert Directive("default-src", []).isRegularDirective() == True
def testDirective_asBasicDirectives_single(self): assert Directive.INVALID().asBasicDirectives() == set([]) assert Directive.EVAL_SCRIPT_BASE_RESTRICTION().asBasicDirectives( ) == set([]) assert Directive.INLINE_SCRIPT_BASE_RESTRICTION().asBasicDirectives( ) == set([]) assert Directive.INLINE_STYLE_BASE_RESTRICTION().asBasicDirectives( ) == set([]) sampleDirective = Directive("img-src", [DirectiveTest.sampleSrcExpr1b]) assert sampleDirective.asBasicDirectives() == set([sampleDirective])
def testDirective_matches_special(self): """An invalid/special directive matches nothing.""" selfURI = DirectiveTest.sampleURI2 assert not Directive.INVALID().matches(URI.EMPTY(), selfURI) assert not Directive.INVALID().matches(URI.INVALID(), selfURI) assert not Directive.INVALID().matches(URI.INLINE(), selfURI) assert not Directive.INVALID().matches(URI.EVAL(), selfURI) assert not Directive.INVALID().matches(DirectiveTest.sampleURI1, selfURI) assert not Directive.EVAL_SCRIPT_BASE_RESTRICTION().matches( URI.EMPTY(), selfURI) assert not Directive.EVAL_SCRIPT_BASE_RESTRICTION().matches( URI.INVALID(), selfURI) assert not Directive.EVAL_SCRIPT_BASE_RESTRICTION().matches( URI.INLINE(), selfURI) assert not Directive.EVAL_SCRIPT_BASE_RESTRICTION().matches( URI.EVAL(), selfURI) assert not Directive.EVAL_SCRIPT_BASE_RESTRICTION().matches( DirectiveTest.sampleURI1, selfURI) assert not Directive.INLINE_SCRIPT_BASE_RESTRICTION().matches( URI.EMPTY(), selfURI) assert not Directive.INLINE_SCRIPT_BASE_RESTRICTION().matches( URI.INVALID(), selfURI) assert not Directive.INLINE_SCRIPT_BASE_RESTRICTION().matches( URI.INLINE(), selfURI) assert not Directive.INLINE_SCRIPT_BASE_RESTRICTION().matches( URI.EVAL(), selfURI) assert not Directive.INLINE_SCRIPT_BASE_RESTRICTION().matches( DirectiveTest.sampleURI1, selfURI) assert not Directive.INLINE_STYLE_BASE_RESTRICTION().matches( URI.EMPTY(), selfURI) assert not Directive.INLINE_STYLE_BASE_RESTRICTION().matches( URI.INVALID(), selfURI) assert not Directive.INLINE_STYLE_BASE_RESTRICTION().matches( URI.INLINE(), selfURI) assert not Directive.INLINE_STYLE_BASE_RESTRICTION().matches( URI.EVAL(), selfURI) assert not Directive.INLINE_STYLE_BASE_RESTRICTION().matches( DirectiveTest.sampleURI1, selfURI)
def testDirectiveParser_parse_inlineStyleBaseRestriction(self): """The Firefox value 'inline style base restriction' for the 'violated-directive' field is parsed correctly.""" firefoxViolatedDirective = "inline style base restriction" assert DirectiveParser().parse(firefoxViolatedDirective) \ == Directive.INLINE_STYLE_BASE_RESTRICTION()
def testDirective_str_inlineStyleBaseRestriction(self): assert str(Directive.INLINE_STYLE_BASE_RESTRICTION() ) == "inline style base restriction"
def testDirective_generateDirective_inline_special_style(self): violated = Directive.INLINE_STYLE_BASE_RESTRICTION() generated = violated.generateDirective("inline", DirectiveTest.sampleURI1) assert generated == Directive("style-src", [SourceExpression.UNSAFE_INLINE()])