diff options
| author | Vincent Petry <vincent@nextcloud.com> | 2022-05-05 17:26:48 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-05-05 17:26:48 +0200 |
| commit | 7718c9776c5903474b8f3cf958cdd18a53b2449e (patch) | |
| tree | a5b2a2535f7a2aea6fbce361df6a52b3e229ad85 /tests | |
| parent | 0690646d09430ce363b07bc2cd59283e303314eb (diff) | |
| parent | 18c013d8fc0d95249136799c5c0e67994766d953 (diff) | |
| download | nextcloud-server-7718c9776c5903474b8f3cf958cdd18a53b2449e.tar.gz nextcloud-server-7718c9776c5903474b8f3cf958cdd18a53b2449e.zip | |
Merge pull request #32113 from nextcloud/bugfix/noid/fix-csp-merging-bools
Add CSP policy merge priority for booleans
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/lib/Security/CSP/ContentSecurityPolicyManagerTest.php | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/tests/lib/Security/CSP/ContentSecurityPolicyManagerTest.php b/tests/lib/Security/CSP/ContentSecurityPolicyManagerTest.php index e5cf9ea9e1f..082ef46330d 100644 --- a/tests/lib/Security/CSP/ContentSecurityPolicyManagerTest.php +++ b/tests/lib/Security/CSP/ContentSecurityPolicyManagerTest.php @@ -87,6 +87,7 @@ class ContentSecurityPolicyManagerTest extends TestCase { $policy->addAllowedFontDomain('mydomain.com'); $policy->addAllowedImageDomain('anotherdomain.de'); $policy->useStrictDynamic(true); + $policy->allowEvalScript(true); $e->addPolicy($policy); }); @@ -96,7 +97,7 @@ class ContentSecurityPolicyManagerTest extends TestCase { $policy->addAllowedFontDomain('example.com'); $policy->addAllowedImageDomain('example.org'); $policy->allowInlineScript(true); - $policy->allowEvalScript(true); + $policy->allowEvalScript(false); $e->addPolicy($policy); }); |