From ecf9f0a872cc310f232b6a7c1622a40441987bf6 Mon Sep 17 00:00:00 2001
From: Ferdinand Thiessen <opensource@fthiessen.de>
Date: Fri, 17 Nov 2023 22:01:02 +0100
Subject: fix(CSP): Only add `strict-dynamic` when using nonces

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
---
 tests/lib/AppFramework/Http/EmptyContentSecurityPolicyTest.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'tests/lib/AppFramework/Http/EmptyContentSecurityPolicyTest.php')

diff --git a/tests/lib/AppFramework/Http/EmptyContentSecurityPolicyTest.php b/tests/lib/AppFramework/Http/EmptyContentSecurityPolicyTest.php
index 31fc2ffc785..8f548b7bb91 100644
--- a/tests/lib/AppFramework/Http/EmptyContentSecurityPolicyTest.php
+++ b/tests/lib/AppFramework/Http/EmptyContentSecurityPolicyTest.php
@@ -455,7 +455,7 @@ class EmptyContentSecurityPolicyTest extends \Test\TestCase {
 	}
 
 	public function testGetPolicyWithStrictDynamicOnScripts() {
-		$expectedPolicy = "default-src 'none';base-uri 'none';manifest-src 'self';script-src-elem 'strict-dynamic' ;frame-ancestors 'none'";
+		$expectedPolicy = "default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'";
 
 		$this->contentSecurityPolicy->useStrictDynamicOnScripts(true);
 		$this->assertSame($expectedPolicy, $this->contentSecurityPolicy->buildPolicy());
-- 
cgit v1.2.3