def test_csp_policy_debug_disables(self): response = pretend.stub(headers={}) handler = pretend.call_recorder(lambda request: response) registry = pretend.stub(settings={"csp": {"default-src": ["*"], "style-src": ["'self'", "example.net"]}}) tween = config.content_security_policy_tween_factory(handler, registry) request = pretend.stub(path="/_debug_toolbar/foo/") assert tween(request) is response assert response.headers == {}
def test_csp_policy(self): response = pretend.stub(headers={}) handler = pretend.call_recorder(lambda request: response) registry = pretend.stub(settings={"csp": {"default-src": ["*"], "style-src": ["'self'", "example.net"]}}) tween = config.content_security_policy_tween_factory(handler, registry) request = pretend.stub(path="/project/foobar/") assert tween(request) is response assert response.headers == {"Content-Security-Policy": "default-src *; style-src 'self' example.net"}
def test_csp_policy_debug_disables(self): response = pretend.stub(headers={}) handler = pretend.call_recorder(lambda request: response) registry = pretend.stub(settings={ "csp": { "default-src": ["*"], "style-src": ["'self'", "example.net"], }, }, ) tween = config.content_security_policy_tween_factory(handler, registry) request = pretend.stub(path="/_debug_toolbar/foo/") assert tween(request) is response assert response.headers == {}
def test_csp_policy(self): response = pretend.stub(headers={}) handler = pretend.call_recorder(lambda request: response) registry = pretend.stub(settings={ "csp": { "default-src": ["*"], "style-src": ["'self'", "example.net"], }, }, ) tween = config.content_security_policy_tween_factory(handler, registry) request = pretend.stub(path="/project/foobar/") assert tween(request) is response assert response.headers == { "Content-Security-Policy": "default-src *; style-src 'self' example.net", }