def test_csp_policy_debug_disables(self):
response = pretend.stub(headers={})
handler = pretend.call_recorder(lambda request: response)
registry = pretend.stub(settings={"csp": {"default-src": ["*"], "style-src": ["'self'", "example.net"]}})
tween = config.content_security_policy_tween_factory(handler, registry)
request = pretend.stub(path="/_debug_toolbar/foo/")
assert tween(request) is response
assert response.headers == {}
def test_csp_policy(self):
response = pretend.stub(headers={})
handler = pretend.call_recorder(lambda request: response)
registry = pretend.stub(settings={"csp": {"default-src": ["*"], "style-src": ["'self'", "example.net"]}})
tween = config.content_security_policy_tween_factory(handler, registry)
request = pretend.stub(path="/project/foobar/")
assert tween(request) is response
assert response.headers == {"Content-Security-Policy": "default-src *; style-src 'self' example.net"}
def test_csp_policy_debug_disables(self):
response = pretend.stub(headers={})
handler = pretend.call_recorder(lambda request: response)
registry = pretend.stub(settings={
"csp": {
"default-src": ["*"],
"style-src": ["'self'", "example.net"],
},
}, )
tween = config.content_security_policy_tween_factory(handler, registry)
request = pretend.stub(path="/_debug_toolbar/foo/")
assert tween(request) is response
assert response.headers == {}
def test_csp_policy(self):
response = pretend.stub(headers={})
handler = pretend.call_recorder(lambda request: response)
registry = pretend.stub(settings={
"csp": {
"default-src": ["*"],
"style-src": ["'self'", "example.net"],
},
}, )
tween = config.content_security_policy_tween_factory(handler, registry)
request = pretend.stub(path="/project/foobar/")
assert tween(request) is response
assert response.headers == {
"Content-Security-Policy":
"default-src *; style-src 'self' example.net",
}
