Exemplo n.º 1
0
def test_includeme():
    config = pretend.stub(
        register_service_factory=pretend.call_recorder(lambda fact, name: None),
        add_settings=pretend.call_recorder(lambda settings: None),
        add_tween=pretend.call_recorder(lambda tween: None),
        registry=pretend.stub(
            settings={
                "camo.url": "camo.url.value",
                "statuspage.url": "https://2p66nmmycsj3.statuspage.io",
            }
        ),
    )
    csp.includeme(config)

    assert config.register_service_factory.calls == [
        pretend.call(csp.csp_factory, name="csp")
    ]

    assert config.add_tween.calls == [
        pretend.call("warehouse.csp.content_security_policy_tween_factory")
    ]

    assert config.add_settings.calls == [
        pretend.call(
            {
                "csp": {
                    "base-uri": ["'self'"],
                    "block-all-mixed-content": [],
                    "connect-src": [
                        "'self'",
                        "https://api.github.com/repos/",
                        "*.fastly-insights.com",
                        "sentry.io",
                        "https://2p66nmmycsj3.statuspage.io",
                    ],
                    "default-src": ["'none'"],
                    "font-src": ["'self'", "fonts.gstatic.com"],
                    "form-action": ["'self'"],
                    "frame-ancestors": ["'none'"],
                    "frame-src": ["'none'"],
                    "img-src": [
                        "'self'",
                        "camo.url.value",
                        "www.google-analytics.com",
                        "*.fastly-insights.com",
                    ],
                    "script-src": [
                        "'self'",
                        "www.googletagmanager.com",
                        "www.google-analytics.com",
                        "*.fastly-insights.com",
                        "https://cdn.ravenjs.com",
                    ],
                    "style-src": ["'self'", "fonts.googleapis.com"],
                    "worker-src": ["*.fastly-insights.com"],
                }
            }
        )
    ]
Exemplo n.º 2
0
def test_includeme():
    config = pretend.stub(
        register_service_factory=pretend.call_recorder(lambda fact, name: None),
        add_settings=pretend.call_recorder(lambda settings: None),
        add_tween=pretend.call_recorder(lambda tween: None),
        registry=pretend.stub(
            settings={
                "camo.url": "camo.url.value",
                "statuspage.url": "https://2p66nmmycsj3.statuspage.io",
            }
        ),
    )
    csp.includeme(config)

    assert config.register_service_factory.calls == [
        pretend.call(csp.csp_factory, name="csp")
    ]

    assert config.add_tween.calls == [
        pretend.call("warehouse.csp.content_security_policy_tween_factory")
    ]

    assert config.add_settings.calls == [
        pretend.call(
            {
                "csp": {
                    "base-uri": ["'self'"],
                    "block-all-mixed-content": [],
                    "connect-src": [
                        "'self'",
                        "https://api.github.com/repos/",
                        "*.fastly-insights.com",
                        "sentry.io",
                        "https://2p66nmmycsj3.statuspage.io",
                    ],
                    "default-src": ["'none'"],
                    "font-src": ["'self'", "fonts.gstatic.com"],
                    "form-action": ["'self'"],
                    "frame-ancestors": ["'none'"],
                    "frame-src": ["'none'"],
                    "img-src": [
                        "'self'",
                        "camo.url.value",
                        "www.google-analytics.com",
                        "*.fastly-insights.com",
                    ],
                    "script-src": [
                        "'self'",
                        "www.googletagmanager.com",
                        "www.google-analytics.com",
                        "*.fastly-insights.com",
                        "https://cdn.ravenjs.com",
                    ],
                    "style-src": ["'self'", "fonts.googleapis.com"],
                    "worker-src": ["*.fastly-insights.com"],
                }
            }
        )
    ]
Exemplo n.º 3
0
def test_includeme():
    config = pretend.stub(
        register_service_factory=pretend.call_recorder(
            lambda fact, name: None),
        add_settings=pretend.call_recorder(lambda settings: None),
        add_tween=pretend.call_recorder(lambda tween: None),
        registry=pretend.stub(
            settings={
                "camo.url": "camo.url.value",
                "statuspage.url": "https://2p66nmmycsj3.statuspage.io",
            }),
    )
    csp.includeme(config)

    assert config.register_service_factory.calls == [
        pretend.call(csp.csp_factory, name="csp")
    ]

    assert config.add_tween.calls == [
        pretend.call("warehouse.csp.content_security_policy_tween_factory"),
    ]

    assert config.add_settings.calls == [
        pretend.call({
            "csp": {
                "base-uri": ["'self'"],
                "block-all-mixed-content": [],
                "connect-src": [
                    "'self'",
                    "https://2p66nmmycsj3.statuspage.io",
                ],
                "default-src": ["'none'"],
                "font-src": ["'self'", "fonts.gstatic.com"],
                "form-action": ["'self'"],
                "frame-ancestors": ["'none'"],
                "frame-src": ["'none'"],
                "img-src": [
                    "'self'",
                    "camo.url.value",
                    "https://secure.gravatar.com",
                ],
                "referrer": ["origin-when-cross-origin"],
                "reflected-xss": ["block"],
                "script-src": ["'self'", "www.google-analytics.com"],
                "style-src": ["'self'", "fonts.googleapis.com"],
            },
        })
    ]
Exemplo n.º 4
0
def test_includeme():
    config = pretend.stub(
        register_service_factory=pretend.call_recorder(
            lambda fact, name: None),
        add_settings=pretend.call_recorder(lambda settings: None),
        add_tween=pretend.call_recorder(lambda tween: None),
        registry=pretend.stub(settings={
            "camo.url": "camo.url.value",
            "statuspage.url": "https://2p66nmmycsj3.statuspage.io",
        }),
    )
    csp.includeme(config)

    assert config.register_service_factory.calls == [
        pretend.call(csp.csp_factory, name="csp")
    ]

    assert config.add_tween.calls == [
        pretend.call("warehouse.csp.content_security_policy_tween_factory"),
    ]

    assert config.add_settings.calls == [
        pretend.call({
            "csp": {
                "base-uri": ["'self'"],
                "block-all-mixed-content": [],
                "connect-src": [
                    "'self'",
                    "https://2p66nmmycsj3.statuspage.io",
                ],
                "default-src": ["'none'"],
                "font-src": ["'self'", "fonts.gstatic.com"],
                "form-action": ["'self'"],
                "frame-ancestors": ["'none'"],
                "frame-src": ["'none'"],
                "img-src": [
                    "'self'",
                    "camo.url.value",
                    "https://secure.gravatar.com",
                ],
                "referrer": ["origin-when-cross-origin"],
                "reflected-xss": ["block"],
                "script-src": ["'self'", "www.google-analytics.com"],
                "style-src": ["'self'", "fonts.googleapis.com"],
            },
        })
    ]
Exemplo n.º 5
0
def test_includeme():
    config = pretend.stub(
        register_service_factory=pretend.call_recorder(
            lambda fact, name: None),
        add_settings=pretend.call_recorder(lambda settings: None),
        add_tween=pretend.call_recorder(lambda tween: None),
        registry=pretend.stub(
            settings={
                "camo.url": "camo.url.value",
                "statuspage.url": "https://2p66nmmycsj3.statuspage.io",
            }),
    )
    csp.includeme(config)

    assert config.register_service_factory.calls == [
        pretend.call(csp.csp_factory, name="csp")
    ]

    assert config.add_tween.calls == [
        pretend.call("warehouse.csp.content_security_policy_tween_factory")
    ]

    assert config.add_settings.calls == [
        pretend.call({
            "csp": {
                "base-uri": ["'self'"],
                "block-all-mixed-content": [],
                "connect-src": [
                    "'self'",
                    "https://api.github.com/repos/",
                    "fastly-insights.com",
                    "*.fastly-insights.com",
                    "*.ethicalads.io",
                    "https://api.pwnedpasswords.com",
                    "https://2p66nmmycsj3.statuspage.io",
                ],
                "default-src": ["'none'"],
                "font-src": ["'self'", "fonts.gstatic.com"],
                "form-action": ["'self'"],
                "frame-ancestors": ["'none'"],
                "frame-src": ["'none'"],
                "img-src": [
                    "'self'",
                    "camo.url.value",
                    "www.google-analytics.com",
                    "*.fastly-insights.com",
                    "*.ethicalads.io",
                ],
                "script-src": [
                    "'self'",
                    "www.googletagmanager.com",
                    "www.google-analytics.com",
                    "*.fastly-insights.com",
                    "*.ethicalads.io",
                    "'sha256-U3hKDidudIaxBDEzwGJApJgPEf2mWk6cfMWghrAa6i0='",
                ],
                "style-src": [
                    "'self'",
                    "fonts.googleapis.com",
                    "*.ethicalads.io",
                    "'sha256-2YHqZokjiizkHi1Zt+6ar0XJ0OeEy/egBnlm+MDMtrM='",
                    "'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='",
                ],
                "worker-src": ["*.fastly-insights.com"],
            }
        })
    ]
Exemplo n.º 6
0
def test_includeme():
    config = pretend.stub(
        register_service_factory=pretend.call_recorder(
            lambda fact, name: None),
        add_settings=pretend.call_recorder(lambda settings: None),
        add_tween=pretend.call_recorder(lambda tween: None),
        registry=pretend.stub(
            settings={
                "camo.url": "camo.url.value",
                "statuspage.url": "https://2p66nmmycsj3.statuspage.io",
            }),
    )
    csp.includeme(config)

    assert config.register_service_factory.calls == [
        pretend.call(csp.csp_factory, name="csp")
    ]

    assert config.add_tween.calls == [
        pretend.call("warehouse.csp.content_security_policy_tween_factory")
    ]

    assert config.add_settings.calls == [
        pretend.call({
            "csp": {
                "base-uri": ["'self'"],
                "block-all-mixed-content": [],
                "connect-src": [
                    "'self'",
                    "https://api.github.com/repos/",
                    "*.fastly-insights.com",
                    "*.ethicalads.io",
                    "sentry.io",
                    "https://api.pwnedpasswords.com",
                    "https://2p66nmmycsj3.statuspage.io",
                ],
                "default-src": ["'none'"],
                "font-src": ["'self'", "fonts.gstatic.com"],
                "form-action": ["'self'"],
                "frame-ancestors": ["'none'"],
                "frame-src": ["'none'"],
                "img-src": [
                    "'self'",
                    "camo.url.value",
                    "www.google-analytics.com",
                    "*.fastly-insights.com",
                    "*.ethicalads.io",
                ],
                "script-src": [
                    "'self'",
                    "www.googletagmanager.com",
                    "www.google-analytics.com",
                    "*.fastly-insights.com",
                    "https://cdn.ravenjs.com",
                    "*.ethicalads.io",
                    "'sha256-ozc1u5ldloj5JQ7atdxk8OzBc9sWZf84E9kk+qQuqfU='",
                ],
                "style-src": [
                    "'self'",
                    "fonts.googleapis.com",
                    "*.ethicalads.io",
                    "'sha256-3SFGwf4pbwaaParsaRO14/phF13lRoCzJal+Qb8dOlk='",
                    "'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='",
                ],
                "worker-src": ["*.fastly-insights.com"],
            }
        })
    ]