summaryrefslogtreecommitdiffstats
path: root/tests/lib/Security
diff options
context:
space:
mode:
Diffstat (limited to 'tests/lib/Security')
-rw-r--r--tests/lib/Security/Bruteforce/ThrottlerTest.php29
-rw-r--r--tests/lib/Security/CSP/ContentSecurityPolicyManagerTest.php2
2 files changed, 30 insertions, 1 deletions
diff --git a/tests/lib/Security/Bruteforce/ThrottlerTest.php b/tests/lib/Security/Bruteforce/ThrottlerTest.php
index dac12a00dcd..da386db9d2d 100644
--- a/tests/lib/Security/Bruteforce/ThrottlerTest.php
+++ b/tests/lib/Security/Bruteforce/ThrottlerTest.php
@@ -101,6 +101,27 @@ class ThrottlerTest extends TestCase {
true,
],
[
+ '10.10.10.10',
+ [
+ 'whitelist_0' => '10.10.10.11/31',
+ ],
+ true,
+ ],
+ [
+ '10.10.10.10',
+ [
+ 'whitelist_0' => '10.10.10.9/31',
+ ],
+ false,
+ ],
+ [
+ '10.10.10.10',
+ [
+ 'whitelist_0' => '10.10.10.15/29',
+ ],
+ true,
+ ],
+ [
'dead:beef:cafe::1',
[
'whitelist_0' => '192.168.0.0/16',
@@ -128,6 +149,14 @@ class ThrottlerTest extends TestCase {
true,
],
[
+ 'dead:beef:cafe::1111',
+ [
+ 'whitelist_0' => 'dead:beef:cafe::1100/123',
+
+ ],
+ true,
+ ],
+ [
'invalid',
[],
false,
diff --git a/tests/lib/Security/CSP/ContentSecurityPolicyManagerTest.php b/tests/lib/Security/CSP/ContentSecurityPolicyManagerTest.php
index 2a82e9c4878..8f8be5cba9f 100644
--- a/tests/lib/Security/CSP/ContentSecurityPolicyManagerTest.php
+++ b/tests/lib/Security/CSP/ContentSecurityPolicyManagerTest.php
@@ -63,7 +63,7 @@ class ContentSecurityPolicyManagerTest extends \Test\TestCase {
$expected->addAllowedImageDomain('anotherdomain.de');
$expected->addAllowedImageDomain('example.org');
$expected->addAllowedChildSrcDomain('childdomain');
- $expectedStringPolicy = "default-src 'none';base-uri 'none';manifest-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob: anotherdomain.de example.org;font-src 'self' mydomain.com example.com anotherFontDomain;connect-src 'self';media-src 'self';child-src childdomain";
+ $expectedStringPolicy = "default-src 'none';base-uri 'none';manifest-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob: anotherdomain.de example.org;font-src 'self' data: mydomain.com example.com anotherFontDomain;connect-src 'self';media-src 'self';child-src childdomain;frame-ancestors 'self'";
$this->assertEquals($expected, $this->contentSecurityPolicyManager->getDefaultPolicy());
$this->assertSame($expectedStringPolicy, $this->contentSecurityPolicyManager->getDefaultPolicy()->buildPolicy());
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-14 17:38:37 +0000