diff options
| author | Matthew Somerville <matthew@mysociety.org> | 2019-11-25 13:59:08 +0000 |
|---|---|---|
| committer | Matthew Somerville <matthew@mysociety.org> | 2019-11-25 13:59:08 +0000 |
| commit | e64110f3ee50f6d8f4b3e04df7ed6cd6443c114f (patch) | |
| tree | 473064952ce207e8c3852d6d1e953888d0498dc7 /t/cobrand | |
| parent | 3936729479271dc84edf01e0ff840125a61eeb84 (diff) | |
| parent | a1b76bb7873c002a987132280395093d03992b13 (diff) | |
Merge branch 'csp-uk'
Diffstat (limited to 't/cobrand')
| -rw-r--r-- | t/cobrand/councils.t | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/t/cobrand/councils.t b/t/cobrand/councils.t index a194a9be1..aac682b19 100644 --- a/t/cobrand/councils.t +++ b/t/cobrand/councils.t @@ -90,5 +90,29 @@ subtest "Test update shown/not shown appropriately" => sub { } }; +subtest "CSP header from feature" => sub { + foreach my $cobrand ( + { moniker => 'oxfordshire', test => 'oxon.analytics.example.org' }, + { moniker =>'fixmystreet', test => '' }, + { moniker => 'nonsecure', test => undef }, + ) { + FixMyStreet::override_config { + ALLOWED_COBRANDS => $cobrand->{moniker}, + COBRAND_FEATURES => { + content_security_policy => { + oxfordshire => 'oxon.analytics.example.org', + fixmystreet => 1, + } + }, + }, sub { + $mech->get_ok("/"); + if (defined $cobrand->{test}) { + like $mech->res->header('Content-Security-Policy'), qr/script-src 'self' 'unsafe-inline' 'nonce-[^']*' $cobrand->{test}/; + } else { + is $mech->res->header('Content-Security-Policy'), undef; + } + }; + } +}; done_testing(); |