add more unit tests for data: as allowed image domain

author: sualko <klaus@jsxc.org> 2015-08-10 12:42:42 +0200
committer: sualko <klaus@jsxc.org> 2015-08-10 12:42:42 +0200
commit: 5590d64612c9dfe59b50108a26621b4feb570d27 (patch)
tree: 25ae0e6f9a867d07795af19e41b23d2bb69fa43e /tests
parent: 930841b67a18da5c5b89188be4f601ecedafedbb (diff)
download: nextcloud-server-5590d64612c9dfe59b50108a26621b4feb570d27.tar.gz
nextcloud-server-5590d64612c9dfe59b50108a26621b4feb570d27.zip
3 files changed, 3 insertions, 3 deletions
diff --git a/tests/lib/appframework/controller/ControllerTest.php b/tests/lib/appframework/controller/ControllerTest.php
index ccc373f4d59..0d7716da411 100644
--- a/tests/lib/appframework/controller/ControllerTest.php
+++ b/tests/lib/appframework/controller/ControllerTest.php
@@ -177,7 +177,7 @@ class ControllerTest extends \Test\TestCase {
 			'test' => 'something',
 			'Cache-Control' => 'no-cache, must-revalidate',
 			'Content-Type' => 'application/json; charset=utf-8',
-			'Content-Security-Policy' => "default-src 'none';script-src 'self' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self';font-src 'self';connect-src 'self';media-src 'self'",
+			'Content-Security-Policy' => "default-src 'none';script-src 'self' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data:;font-src 'self';connect-src 'self';media-src 'self'",
 		];
 
 		$response = $this->controller->customDataResponse(array('hi'));
diff --git a/tests/lib/appframework/http/DataResponseTest.php b/tests/lib/appframework/http/DataResponseTest.php
index ca0582e10e5..2b7817c28e9 100644
--- a/tests/lib/appframework/http/DataResponseTest.php
+++ b/tests/lib/appframework/http/DataResponseTest.php
@@ -68,7 +68,7 @@ class DataResponseTest extends \Test\TestCase {
 
 		$expectedHeaders = [
 			'Cache-Control' => 'no-cache, must-revalidate',
-			'Content-Security-Policy' => "default-src 'none';script-src 'self' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self';font-src 'self';connect-src 'self';media-src 'self'",
+			'Content-Security-Policy' => "default-src 'none';script-src 'self' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data:;font-src 'self';connect-src 'self';media-src 'self'",
 		];
 		$expectedHeaders = array_merge($expectedHeaders, $headers);
 
diff --git a/tests/lib/appframework/http/ResponseTest.php b/tests/lib/appframework/http/ResponseTest.php
index c8b79fbd8b6..61dd95e5948 100644
--- a/tests/lib/appframework/http/ResponseTest.php
+++ b/tests/lib/appframework/http/ResponseTest.php
@@ -58,7 +58,7 @@ class ResponseTest extends \Test\TestCase {
 
 		$this->childResponse->setHeaders($expected);
 		$headers = $this->childResponse->getHeaders();
-		$expected['Content-Security-Policy'] = "default-src 'none';script-src 'self' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self';font-src 'self';connect-src 'self';media-src 'self'";
+		$expected['Content-Security-Policy'] = "default-src 'none';script-src 'self' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data:;font-src 'self';connect-src 'self';media-src 'self'";
 
 		$this->assertEquals($expected, $headers);
 	}
author	sualko <klaus@jsxc.org>	2015-08-10 12:42:42 +0200
committer	sualko <klaus@jsxc.org>	2015-08-10 12:42:42 +0200
commit	5590d64612c9dfe59b50108a26621b4feb570d27 (patch)
tree	25ae0e6f9a867d07795af19e41b23d2bb69fa43e /tests
parent	930841b67a18da5c5b89188be4f601ecedafedbb (diff)
download	nextcloud-server-5590d64612c9dfe59b50108a26621b4feb570d27.tar.gz nextcloud-server-5590d64612c9dfe59b50108a26621b4feb570d27.zip