From 579822b6a5639ee608e11ed23760d481a4a78f4b Mon Sep 17 00:00:00 2001
From: Roeland Jago Douma <roeland@famdouma.nl>
Date: Tue, 16 Oct 2018 14:04:22 +0200
Subject: Add report-uri to CSP

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
---
 .../AppFramework/Http/EmptyContentSecurityPolicyTest.php  | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

(limited to 'tests/lib/AppFramework')

diff --git a/tests/lib/AppFramework/Http/EmptyContentSecurityPolicyTest.php b/tests/lib/AppFramework/Http/EmptyContentSecurityPolicyTest.php
index 7c30df730d3..7e86903892f 100644
--- a/tests/lib/AppFramework/Http/EmptyContentSecurityPolicyTest.php
+++ b/tests/lib/AppFramework/Http/EmptyContentSecurityPolicyTest.php
@@ -451,4 +451,19 @@ class EmptyContentSecurityPolicyTest extends \Test\TestCase {
 		$this->contentSecurityPolicy->addAllowedScriptDomain("'self'");
 		$this->assertSame($expectedPolicy, $this->contentSecurityPolicy->buildPolicy());
 	}
+
+	public function testGetPolicyWithReportUri() {
+		$expectedPolicy = "default-src 'none';base-uri 'none';manifest-src 'self';report-uri https://my-report-uri.com";
+
+		$this->contentSecurityPolicy->addReportTo("https://my-report-uri.com");
+		$this->assertSame($expectedPolicy, $this->contentSecurityPolicy->buildPolicy());
+	}
+
+	public function testGetPolicyWithMultipleReportUri() {
+		$expectedPolicy = "default-src 'none';base-uri 'none';manifest-src 'self';report-uri https://my-report-uri.com https://my-other-report-uri.com";
+
+		$this->contentSecurityPolicy->addReportTo("https://my-report-uri.com");
+		$this->contentSecurityPolicy->addReportTo("https://my-other-report-uri.com");
+		$this->assertSame($expectedPolicy, $this->contentSecurityPolicy->buildPolicy());
+	}
 }
-- 
cgit v1.2.3