diff options
| author | Ferdinand Thiessen <opensource@fthiessen.de> | 2023-11-17 22:01:02 +0100 |
|---|---|---|
| committer | Ferdinand Thiessen <opensource@fthiessen.de> | 2023-11-17 22:01:02 +0100 |
| commit | ecf9f0a872cc310f232b6a7c1622a40441987bf6 (patch) | |
| tree | 758189d783aa777dc53876f86d85ef523aecb9ed /tests/lib/AppFramework/Http/EmptyContentSecurityPolicyTest.php | |
| parent | 4fa2749fa8666e5ce1e6d5c0a98e7a29600b49c0 (diff) | |
| download | nextcloud-server-ecf9f0a872cc310f232b6a7c1622a40441987bf6.tar.gz nextcloud-server-ecf9f0a872cc310f232b6a7c1622a40441987bf6.zip | |
fix(CSP): Only add `strict-dynamic` when using nonces
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
Diffstat (limited to 'tests/lib/AppFramework/Http/EmptyContentSecurityPolicyTest.php')
| -rw-r--r-- | tests/lib/AppFramework/Http/EmptyContentSecurityPolicyTest.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/tests/lib/AppFramework/Http/EmptyContentSecurityPolicyTest.php b/tests/lib/AppFramework/Http/EmptyContentSecurityPolicyTest.php index 31fc2ffc785..8f548b7bb91 100644 --- a/tests/lib/AppFramework/Http/EmptyContentSecurityPolicyTest.php +++ b/tests/lib/AppFramework/Http/EmptyContentSecurityPolicyTest.php @@ -455,7 +455,7 @@ class EmptyContentSecurityPolicyTest extends \Test\TestCase { } public function testGetPolicyWithStrictDynamicOnScripts() { - $expectedPolicy = "default-src 'none';base-uri 'none';manifest-src 'self';script-src-elem 'strict-dynamic' ;frame-ancestors 'none'"; + $expectedPolicy = "default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'"; $this->contentSecurityPolicy->useStrictDynamicOnScripts(true); $this->assertSame($expectedPolicy, $this->contentSecurityPolicy->buildPolicy()); |