make tests pass for newly added 'unsafe-eval' origin addition

This commit is contained in:
Sunshine 2021-12-05 20:16:37 -10:00
parent 1b353d0b46
commit 404d322b99
No known key found for this signature in database
GPG key ID: B80CA68703CD8AB1
4 changed files with 9 additions and 6 deletions

View file

@ -30,7 +30,7 @@ mod passing {
assert_eq!( assert_eq!(
String::from_utf8_lossy(&out.stdout), String::from_utf8_lossy(&out.stdout),
"<html><head>\ "<html><head>\
<meta http-equiv=\"Content-Security-Policy\" content=\"default-src 'unsafe-inline' data:;\"></meta>\ <meta http-equiv=\"Content-Security-Policy\" content=\"default-src 'unsafe-eval' 'unsafe-inline' data:;\"></meta>\
</head><body>Hello, World!</body></html>\n" </head><body>Hello, World!</body></html>\n"
); );

View file

@ -98,7 +98,7 @@ mod passing {
format!( format!(
"\ "\
<!DOCTYPE html><html lang=\"en\"><head>\ <!DOCTYPE html><html lang=\"en\"><head>\
<meta http-equiv=\"Content-Security-Policy\" content=\"default-src 'unsafe-inline' data:; style-src 'none'; script-src 'none'; img-src data:;\"></meta>\n \ <meta http-equiv=\"Content-Security-Policy\" content=\"default-src 'unsafe-eval' 'unsafe-inline' data:; style-src 'none'; script-src 'none'; img-src data:;\"></meta>\n \
<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">\n \ <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">\n \
<title>Local HTML file</title>\n \ <title>Local HTML file</title>\n \
<link rel=\"stylesheet\" type=\"text/css\">\n \ <link rel=\"stylesheet\" type=\"text/css\">\n \

View file

@ -16,7 +16,10 @@ mod passing {
options.isolate = true; options.isolate = true;
let csp_content = html::compose_csp(&options); let csp_content = html::compose_csp(&options);
assert_eq!(csp_content, "default-src 'unsafe-inline' data:;"); assert_eq!(
csp_content,
"default-src 'unsafe-eval' 'unsafe-inline' data:;"
);
} }
#[test] #[test]
@ -75,6 +78,6 @@ mod passing {
options.no_images = true; options.no_images = true;
let csp_content = html::compose_csp(&options); let csp_content = html::compose_csp(&options);
assert_eq!(csp_content, "default-src 'unsafe-inline' data:; style-src 'none'; font-src 'none'; frame-src 'none'; child-src 'none'; script-src 'none'; img-src data:;"); assert_eq!(csp_content, "default-src 'unsafe-eval' 'unsafe-inline' data:; style-src 'none'; font-src 'none'; frame-src 'none'; child-src 'none'; script-src 'none'; img-src data:;");
} }
} }

View file

@ -40,7 +40,7 @@ mod passing {
)), )),
"<html>\ "<html>\
<head>\ <head>\
<meta http-equiv=\"Content-Security-Policy\" content=\"default-src 'unsafe-inline' data:;\"></meta>\ <meta http-equiv=\"Content-Security-Policy\" content=\"default-src 'unsafe-eval' 'unsafe-inline' data:;\"></meta>\
<title>Isolated document</title>\ <title>Isolated document</title>\
<link rel=\"something\" href=\"some.css\">\ <link rel=\"something\" href=\"some.css\">\
<meta http-equiv=\"Content-Security-Policy\" content=\"default-src https:\">\ <meta http-equiv=\"Content-Security-Policy\" content=\"default-src https:\">\
@ -135,7 +135,7 @@ mod passing {
"<!DOCTYPE html>\ "<!DOCTYPE html>\
<html>\ <html>\
<head>\ <head>\
<meta http-equiv=\"Content-Security-Policy\" content=\"default-src 'unsafe-inline' data:; style-src 'none'; font-src 'none'; frame-src 'none'; child-src 'none'; script-src 'none'; img-src data:;\"></meta>\ <meta http-equiv=\"Content-Security-Policy\" content=\"default-src 'unsafe-eval' 'unsafe-inline' data:; style-src 'none'; font-src 'none'; frame-src 'none'; child-src 'none'; script-src 'none'; img-src data:;\"></meta>\
<title>no-frame no-css no-js no-image isolated document</title>\ <title>no-frame no-css no-js no-image isolated document</title>\
<meta http-equiv=\"Content-Security-Policy\" content=\"default-src https:\">\ <meta http-equiv=\"Content-Security-Policy\" content=\"default-src https:\">\
<link rel=\"stylesheet\" href=\"some.css\">\ <link rel=\"stylesheet\" href=\"some.css\">\