def add_csp_header(self, request, response, header, base, can_call, is_str, attrs): if header in response: return if is_str: response[header] = base return csp = call_csp_dict(base, request, response) if can_call else base for attr in attrs: update = getattr(response, attr, None) if update is not None: if update.pop('override', False): csp = update else: csp = merge_csp_dict(csp, update) break if not csp: return try: policy = CSPCompiler(csp).compile() except InvalidCSPError: log.exception('Invalid CSP on page: %s', request.get_full_path()) return response[header] = policy
def test_tuple_override(self): self.assertEqual(merge_csp_dict({'spam': (1, )}, {'spam': (2, )}), {'spam': (1, 2)})
def test_set_override(self): orig = {1} self.assertEqual(merge_csp_dict({'spam': orig}, {'spam': [2]}), {'spam': {1, 2}}) self.assertEqual(orig, {1})
def test_list_override(self): orig = [1] self.assertEqual(merge_csp_dict({'spam': orig}, {'spam': [2]}), {'spam': [1, 2]}) self.assertEqual(orig, [1])
def test_scalar_override(self): self.assertEqual(merge_csp_dict({'spam': 1}, {'spam': 2}), {'spam': 2})
def test_distinct_key(self): self.assertEqual(merge_csp_dict({'spam': 1}, {'ham': 2}), { 'spam': 1, 'ham': 2 })
def test_null(self): test = {'key': 'value'} self.assertEqual(merge_csp_dict(test, {}), test)