aboutsummaryrefslogtreecommitdiffstats
path: root/tests/lib/AppFramework/Http
diff options
context:
space:
mode:
Diffstat (limited to 'tests/lib/AppFramework/Http')
-rw-r--r--tests/lib/AppFramework/Http/ContentSecurityPolicyTest.php7
-rw-r--r--tests/lib/AppFramework/Http/EmptyContentSecurityPolicyTest.php7
2 files changed, 14 insertions, 0 deletions
diff --git a/tests/lib/AppFramework/Http/ContentSecurityPolicyTest.php b/tests/lib/AppFramework/Http/ContentSecurityPolicyTest.php
index 53632da93d1..8e6ac32b416 100644
--- a/tests/lib/AppFramework/Http/ContentSecurityPolicyTest.php
+++ b/tests/lib/AppFramework/Http/ContentSecurityPolicyTest.php
@@ -456,6 +456,13 @@ class ContentSecurityPolicyTest extends \Test\TestCase {
$this->assertSame($expectedPolicy, $this->contentSecurityPolicy->buildPolicy());
}
+ public function testGetPolicyUnsafeWasmEval() {
+ $expectedPolicy = "default-src 'none';base-uri 'none';manifest-src 'self';script-src 'self' 'wasm-unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src 'self' data:;connect-src 'self';media-src 'self';frame-ancestors 'self';form-action 'self'";
+
+ $this->contentSecurityPolicy->allowEvalWasm(true);
+ $this->assertSame($expectedPolicy, $this->contentSecurityPolicy->buildPolicy());
+ }
+
public function testGetPolicyNonce() {
$nonce = 'my-nonce';
$expectedPolicy = "default-src 'none';base-uri 'none';manifest-src 'self';script-src 'nonce-".base64_encode($nonce) . "';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src 'self' data:;connect-src 'self';media-src 'self';frame-ancestors 'self';form-action 'self'";
diff --git a/tests/lib/AppFramework/Http/EmptyContentSecurityPolicyTest.php b/tests/lib/AppFramework/Http/EmptyContentSecurityPolicyTest.php
index dc10d095ab5..328e464f981 100644
--- a/tests/lib/AppFramework/Http/EmptyContentSecurityPolicyTest.php
+++ b/tests/lib/AppFramework/Http/EmptyContentSecurityPolicyTest.php
@@ -75,6 +75,13 @@ class EmptyContentSecurityPolicyTest extends \Test\TestCase {
$this->assertSame($expectedPolicy, $this->contentSecurityPolicy->buildPolicy());
}
+ public function testGetPolicyScriptAllowWasmEval() {
+ $expectedPolicy = "default-src 'none';base-uri 'none';manifest-src 'self';script-src 'wasm-unsafe-eval';frame-ancestors 'none'";
+
+ $this->contentSecurityPolicy->allowEvalWasm(true);
+ $this->assertSame($expectedPolicy, $this->contentSecurityPolicy->buildPolicy());
+ }
+
public function testGetPolicyStyleDomainValid() {
$expectedPolicy = "default-src 'none';base-uri 'none';manifest-src 'self';style-src www.owncloud.com;frame-ancestors 'none'";
generated by cgit v1.2.3 (git 2.39.1) at 2025-05-16 10:14:03 +0000