webapp/bookstack
1
0
Fork 0
mirror of https://github.com/BookStackApp/BookStack.git synced 2025-07-28 17:02:04 +03:00
Code Activity

Added a couple of additional CSP rules

Browse Source 
As per guidance from google's CSP evaluator.
This commit is contained in:
Dan Brown
2021-09-04 14:34:43 +01:00
parent 253f386f00
commit 492af79c27
3 changed files with 40 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
tests/SecurityHeaderTest.php
View File

@ -105,6 +105,20 @@ class SecurityHeaderTest extends TestCase
$this->assertNotEmpty($scriptHeader);
}
public function test_object_src_csp_header_set()
{
$resp = $this->get('/');
$scriptHeader = $this->getCspHeader($resp, 'object-src');
$this->assertEquals('object-src \'self\'', $scriptHeader);
}
public function test_base_uri_csp_header_set()
{
$resp = $this->get('/');
$scriptHeader = $this->getCspHeader($resp, 'base-uri');
$this->assertEquals('base-uri \'self\'', $scriptHeader);
}
/**
* Get the value of the first CSP header of the given type.
*/