def testDirective_generateDirective_incompatibleType(self): violatedWrongInlineType = Directive("object-src", []) violatedWrongEvalType = Directive("style-src", []) assert violatedWrongInlineType.generateDirective( "inline", DirectiveTest.sampleURI1) == Directive.INVALID() assert violatedWrongEvalType.generateDirective( "eval", DirectiveTest.sampleURI1) == Directive.INVALID()
def testDirective_generateDirective_incompatibleURI(self): violatedRegular = Directive("object-src", []) violatedInline = Directive("style-src", []) violatedEval = Directive("script-src", []) assert violatedRegular.generateDirective("regular", URI.EMPTY()) == Directive.INVALID() assert violatedRegular.generateDirective("regular", URI.INVALID()) == Directive.INVALID() #assert violatedInline.generateDirective("inline", DirectiveTest.sampleURI1) == Directive.INVALID() assert violatedInline.generateDirective("inline", URI.INVALID()) == Directive.INVALID() #assert violatedEval.generateDirective("eval", DirectiveTest.sampleURI1) == Directive.INVALID() assert violatedEval.generateDirective("eval", URI.INVALID()) == Directive.INVALID()
def testDirective_generateDirective_incompatibleURI(self): violatedRegular = Directive("object-src", []) violatedInline = Directive("style-src", []) violatedEval = Directive("script-src", []) assert violatedRegular.generateDirective( "regular", URI.EMPTY()) == Directive.INVALID() assert violatedRegular.generateDirective( "regular", URI.INVALID()) == Directive.INVALID() #assert violatedInline.generateDirective("inline", DirectiveTest.sampleURI1) == Directive.INVALID() assert violatedInline.generateDirective( "inline", URI.INVALID()) == Directive.INVALID() #assert violatedEval.generateDirective("eval", DirectiveTest.sampleURI1) == Directive.INVALID() assert violatedEval.generateDirective( "eval", URI.INVALID()) == Directive.INVALID()
def testDirective_generateDirective_regular(self): violated = Directive( "object-src", [DirectiveTest.sampleSrcExpr1a, DirectiveTest.sampleSrcExpr2]) generated = violated.generateDirective("regular", DirectiveTest.sampleURI2) assert generated == Directive( "object-src", [URISourceExpression("http", "seclab.ccs.neu.edu", 80, "/path")])
def testDirective_generateDirective_incompatibleType(self): violatedWrongInlineType = Directive("object-src", []) violatedWrongEvalType = Directive("style-src", []) assert violatedWrongInlineType.generateDirective("inline", DirectiveTest.sampleURI1) == Directive.INVALID() assert violatedWrongEvalType.generateDirective("eval", DirectiveTest.sampleURI1) == Directive.INVALID()
def testDirective_generateDirective_defaultSrcNotAllowed(self): violated = Directive("default-src", []) assert violated.generateDirective("regular", DirectiveTest.sampleURI1) == Directive.INVALID()
def testDirective_generateDirective_invalidType(self): violated = Directive("script-src", [DirectiveTest.sampleSrcExpr1a]) assert violated.generateDirective("evaluate", URI.EMPTY()) == Directive.INVALID()
def testDirective_generateDirective_eval(self): violated = Directive("script-src", [DirectiveTest.sampleSrcExpr1a]) generated = violated.generateDirective("eval", URI.EMPTY()) assert generated == Directive("script-src", [SourceExpression.UNSAFE_EVAL()])
def testDirective_generateDirective_inline(self): violated = Directive("style-src", [DirectiveTest.sampleSrcExpr2]) generated = violated.generateDirective("inline", URI.EMPTY()) assert generated == Directive("style-src", [SourceExpression.UNSAFE_INLINE()])
def testDirective_generateDirective_regular(self): violated = Directive("object-src", [DirectiveTest.sampleSrcExpr1a, DirectiveTest.sampleSrcExpr2]) generated = violated.generateDirective("regular", DirectiveTest.sampleURI2) assert generated == Directive("object-src", [URISourceExpression("http", "seclab.ccs.neu.edu", 80, "/path")])
def testDirective_generateDirective_defaultSrcNotAllowed(self): violated = Directive("default-src", []) assert violated.generateDirective( "regular", DirectiveTest.sampleURI1) == Directive.INVALID()