def test_csp_policy_inject(self): response = pretend.stub(headers={}) def handler(request): request.find_service("csp")["default-src"].append("example.com") return response settings = { "csp": { "default-src": ["*"], "style-src": ["'self'"], }, } registry = pretend.stub(settings=settings) tween = csp.content_security_policy_tween_factory(handler, registry) request = pretend.stub( path="/example", find_service=pretend.call_recorder( lambda *args, **kwargs: settings["csp"]), ) assert tween(request) is response assert response.headers == { "Content-Security-Policy": "default-src * example.com; style-src 'self'", }
def test_csp_policy(self): response = pretend.stub(headers={}) handler = pretend.call_recorder(lambda request: response) settings = { "csp": { "default-src": ["*"], "style-src": ["'self'", "example.net"], }, } registry = pretend.stub(settings=settings) tween = csp.content_security_policy_tween_factory(handler, registry) request = pretend.stub( path="/project/foobar/", find_service=pretend.call_recorder( lambda *args, **kwargs: settings["csp"] ), ) assert tween(request) is response assert response.headers == { "Content-Security-Policy": "default-src *; style-src 'self' example.net", }
def test_devel_csp(self): settings = { "csp": { "script-src": ["{request.scheme}://{request.host}"], } } response = pretend.stub(headers={}) registry = pretend.stub(settings=settings) handler = pretend.call_recorder(lambda request: response) tween = csp.content_security_policy_tween_factory(handler, registry) request = pretend.stub( scheme="https", host="example.com", path="/path/to/nowhere", find_service=pretend.call_recorder( lambda *args, **kwargs: settings["csp"], ), ) assert tween(request) is response assert response.headers == { "Content-Security-Policy": "script-src https://example.com", }
def test_devel_csp(self): settings = { "csp": { "script-src": ["{request.scheme}://{request.host}"], } } response = pretend.stub(headers={}) registry = pretend.stub(settings=settings) handler = pretend.call_recorder(lambda request: response) tween = csp.content_security_policy_tween_factory(handler, registry) request = pretend.stub( scheme="https", host="example.com", path="/path/to/nowhere", find_service=pretend.call_recorder( lambda *args, **kwargs: settings["csp"], ), ) assert tween(request) is response assert response.headers == { "Content-Security-Policy": "script-src https://example.com", }
def test_csp_policy_inject(self): response = pretend.stub(headers={}) def handler(request): request.find_service("csp")["default-src"].append("example.com") return response settings = { "csp": { "default-src": ["*"], "style-src": ["'self'"], }, } registry = pretend.stub(settings=settings) tween = csp.content_security_policy_tween_factory(handler, registry) request = pretend.stub( path="/example", find_service=pretend.call_recorder( lambda *args, **kwargs: settings["csp"] ), ) assert tween(request) is response assert response.headers == { "Content-Security-Policy": "default-src * example.com; style-src 'self'", }
def test_simple_csp(self): settings = { "csp": { "default-src": ["'none'"], "sandbox": ["allow-top-navigation"] } } response = pretend.stub(headers={}) registry = pretend.stub(settings=settings) handler = pretend.call_recorder(lambda request: response) tween = csp.content_security_policy_tween_factory(handler, registry) request = pretend.stub( scheme="https", host="example.com", path="/simple/", find_service=pretend.call_recorder( lambda *args, **kwargs: settings["csp"]), ) assert tween(request) is response assert response.headers == { "Content-Security-Policy": ("default-src 'none'; sandbox allow-top-navigation") }
def test_csp_policy(self): response = pretend.stub(headers={}) handler = pretend.call_recorder(lambda request: response) settings = { "csp": { "default-src": ["*"], "style-src": ["'self'", "example.net"], }, } registry = pretend.stub(settings=settings) tween = csp.content_security_policy_tween_factory(handler, registry) request = pretend.stub( path="/project/foobar/", find_service=pretend.call_recorder( lambda *args, **kwargs: settings["csp"] ), ) assert tween(request) is response assert response.headers == { "Content-Security-Policy": "default-src *; style-src 'self' example.net", }
def test_simple_csp(self): settings = { "csp": { "default-src": ["'none'"], "sandbox": ["allow-top-navigation"], } } response = pretend.stub(headers={}) registry = pretend.stub(settings=settings) handler = pretend.call_recorder(lambda request: response) tween = csp.content_security_policy_tween_factory(handler, registry) request = pretend.stub( scheme="https", host="example.com", path="/simple/", find_service=pretend.call_recorder( lambda *args, **kwargs: settings["csp"], ), ) assert tween(request) is response assert response.headers == { "Content-Security-Policy": "default-src 'none'; sandbox allow-top-navigation", }
def test_csp_policy_default(self): response = pretend.stub(headers={}) handler = pretend.call_recorder(lambda request: response) registry = pretend.stub(settings={}) tween = csp.content_security_policy_tween_factory(handler, registry) request = pretend.stub(path="/path/to/nowhere/", find_service=pretend.raiser(ValueError)) assert tween(request) is response assert response.headers == {}
def test_csp_policy_default(self): response = pretend.stub(headers={}) handler = pretend.call_recorder(lambda request: response) registry = pretend.stub(settings={}) tween = csp.content_security_policy_tween_factory(handler, registry) request = pretend.stub( path="/path/to/nowhere/", find_service=pretend.raiser(LookupError) ) assert tween(request) is response assert response.headers == {}
def test_csp_policy_debug_disables(self): response = pretend.stub(headers={}) handler = pretend.call_recorder(lambda request: response) settings = { "csp": {"default-src": ["*"], "style-src": ["'self'", "example.net"]} } registry = pretend.stub(settings=settings) tween = csp.content_security_policy_tween_factory(handler, registry) request = pretend.stub( path="/_debug_toolbar/foo/", find_service=pretend.call_recorder(lambda *args, **kwargs: settings["csp"]), ) assert tween(request) is response assert response.headers == {}
def test_csp_policy_debug_disables(self): response = pretend.stub(headers={}) handler = pretend.call_recorder(lambda request: response) settings = { "csp": {"default-src": ["*"], "style-src": ["'self'", "example.net"]} } registry = pretend.stub(settings=settings) tween = csp.content_security_policy_tween_factory(handler, registry) request = pretend.stub( path="/_debug_toolbar/foo/", find_service=pretend.call_recorder(lambda *args, **kwargs: settings["csp"]), ) assert tween(request) is response assert response.headers == {}
def test_csp_policy_default_inject(self): settings = collections.defaultdict(list) response = pretend.stub(headers={}) registry = pretend.stub(settings=settings) def handler(request): request.find_service("csp")["default-src"].append("example.com") return response tween = csp.content_security_policy_tween_factory(handler, registry) request = pretend.stub( path="/path/to/nowhere/", find_service=pretend.call_recorder(lambda *args, **kwargs: settings), ) assert tween(request) is response assert response.headers == { "Content-Security-Policy": "default-src example.com" }
def test_csp_policy_default_inject(self): settings = collections.defaultdict(list) response = pretend.stub(headers={}) registry = pretend.stub(settings=settings) def handler(request): request.find_service("csp")["default-src"].append("example.com") return response tween = csp.content_security_policy_tween_factory(handler, registry) request = pretend.stub( path="/path/to/nowhere/", find_service=pretend.call_recorder(lambda *args, **kwargs: settings), ) assert tween(request) is response assert response.headers == { "Content-Security-Policy": "default-src example.com" }