make tests pass for newly added 'unsafe-eval' origin addition
This commit is contained in:
parent
1b353d0b46
commit
404d322b99
4 changed files with 9 additions and 6 deletions
|
@ -30,7 +30,7 @@ mod passing {
|
||||||
assert_eq!(
|
assert_eq!(
|
||||||
String::from_utf8_lossy(&out.stdout),
|
String::from_utf8_lossy(&out.stdout),
|
||||||
"<html><head>\
|
"<html><head>\
|
||||||
<meta http-equiv=\"Content-Security-Policy\" content=\"default-src 'unsafe-inline' data:;\"></meta>\
|
<meta http-equiv=\"Content-Security-Policy\" content=\"default-src 'unsafe-eval' 'unsafe-inline' data:;\"></meta>\
|
||||||
</head><body>Hello, World!</body></html>\n"
|
</head><body>Hello, World!</body></html>\n"
|
||||||
);
|
);
|
||||||
|
|
||||||
|
|
|
@ -98,7 +98,7 @@ mod passing {
|
||||||
format!(
|
format!(
|
||||||
"\
|
"\
|
||||||
<!DOCTYPE html><html lang=\"en\"><head>\
|
<!DOCTYPE html><html lang=\"en\"><head>\
|
||||||
<meta http-equiv=\"Content-Security-Policy\" content=\"default-src 'unsafe-inline' data:; style-src 'none'; script-src 'none'; img-src data:;\"></meta>\n \
|
<meta http-equiv=\"Content-Security-Policy\" content=\"default-src 'unsafe-eval' 'unsafe-inline' data:; style-src 'none'; script-src 'none'; img-src data:;\"></meta>\n \
|
||||||
<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">\n \
|
<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">\n \
|
||||||
<title>Local HTML file</title>\n \
|
<title>Local HTML file</title>\n \
|
||||||
<link rel=\"stylesheet\" type=\"text/css\">\n \
|
<link rel=\"stylesheet\" type=\"text/css\">\n \
|
||||||
|
|
|
@ -16,7 +16,10 @@ mod passing {
|
||||||
options.isolate = true;
|
options.isolate = true;
|
||||||
let csp_content = html::compose_csp(&options);
|
let csp_content = html::compose_csp(&options);
|
||||||
|
|
||||||
assert_eq!(csp_content, "default-src 'unsafe-inline' data:;");
|
assert_eq!(
|
||||||
|
csp_content,
|
||||||
|
"default-src 'unsafe-eval' 'unsafe-inline' data:;"
|
||||||
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
|
@ -75,6 +78,6 @@ mod passing {
|
||||||
options.no_images = true;
|
options.no_images = true;
|
||||||
let csp_content = html::compose_csp(&options);
|
let csp_content = html::compose_csp(&options);
|
||||||
|
|
||||||
assert_eq!(csp_content, "default-src 'unsafe-inline' data:; style-src 'none'; font-src 'none'; frame-src 'none'; child-src 'none'; script-src 'none'; img-src data:;");
|
assert_eq!(csp_content, "default-src 'unsafe-eval' 'unsafe-inline' data:; style-src 'none'; font-src 'none'; frame-src 'none'; child-src 'none'; script-src 'none'; img-src data:;");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -40,7 +40,7 @@ mod passing {
|
||||||
)),
|
)),
|
||||||
"<html>\
|
"<html>\
|
||||||
<head>\
|
<head>\
|
||||||
<meta http-equiv=\"Content-Security-Policy\" content=\"default-src 'unsafe-inline' data:;\"></meta>\
|
<meta http-equiv=\"Content-Security-Policy\" content=\"default-src 'unsafe-eval' 'unsafe-inline' data:;\"></meta>\
|
||||||
<title>Isolated document</title>\
|
<title>Isolated document</title>\
|
||||||
<link rel=\"something\" href=\"some.css\">\
|
<link rel=\"something\" href=\"some.css\">\
|
||||||
<meta http-equiv=\"Content-Security-Policy\" content=\"default-src https:\">\
|
<meta http-equiv=\"Content-Security-Policy\" content=\"default-src https:\">\
|
||||||
|
@ -135,7 +135,7 @@ mod passing {
|
||||||
"<!DOCTYPE html>\
|
"<!DOCTYPE html>\
|
||||||
<html>\
|
<html>\
|
||||||
<head>\
|
<head>\
|
||||||
<meta http-equiv=\"Content-Security-Policy\" content=\"default-src 'unsafe-inline' data:; style-src 'none'; font-src 'none'; frame-src 'none'; child-src 'none'; script-src 'none'; img-src data:;\"></meta>\
|
<meta http-equiv=\"Content-Security-Policy\" content=\"default-src 'unsafe-eval' 'unsafe-inline' data:; style-src 'none'; font-src 'none'; frame-src 'none'; child-src 'none'; script-src 'none'; img-src data:;\"></meta>\
|
||||||
<title>no-frame no-css no-js no-image isolated document</title>\
|
<title>no-frame no-css no-js no-image isolated document</title>\
|
||||||
<meta http-equiv=\"Content-Security-Policy\" content=\"default-src https:\">\
|
<meta http-equiv=\"Content-Security-Policy\" content=\"default-src https:\">\
|
||||||
<link rel=\"stylesheet\" href=\"some.css\">\
|
<link rel=\"stylesheet\" href=\"some.css\">\
|
||||||
|
|
Loading…
Reference in a new issue