summaryrefslogtreecommitdiff
path: root/spec/lib/gitlab/content_security_policy
diff options
context:
space:
mode:
authorStan Hu <stanhu@gmail.com>2019-08-07 11:17:12 -0700
committerStan Hu <stanhu@gmail.com>2019-08-07 11:21:08 -0700
commitd265408c26b6d4a6087df032b1928d142534d0a6 (patch)
treee736852ce97c3709939cc8f1dfef2f95e32392d9 /spec/lib/gitlab/content_security_policy
parent8d659869e1d8ef4a844ea03890f42cb80f312fa0 (diff)
downloadgitlab-ce-d265408c26b6d4a6087df032b1928d142534d0a6.tar.gz
Add missing report-uri to CSP configsh-add-missing-csp-report-uri
This is supported in Rails 5.2, although it may be deprecated in the future by reports-to.
Diffstat (limited to 'spec/lib/gitlab/content_security_policy')
-rw-r--r--spec/lib/gitlab/content_security_policy/config_loader_spec.rb4
1 files changed, 3 insertions, 1 deletions
diff --git a/spec/lib/gitlab/content_security_policy/config_loader_spec.rb b/spec/lib/gitlab/content_security_policy/config_loader_spec.rb
index e7670c9d523..1d404915617 100644
--- a/spec/lib/gitlab/content_security_policy/config_loader_spec.rb
+++ b/spec/lib/gitlab/content_security_policy/config_loader_spec.rb
@@ -13,7 +13,8 @@ describe Gitlab::ContentSecurityPolicy::ConfigLoader do
child_src: "'self' https://child.example.com",
default_src: "'self' https://other.example.com",
script_src: "'self' https://script.exammple.com ",
- worker_src: "data: https://worker.example.com"
+ worker_src: "data: https://worker.example.com",
+ report_uri: "http://example.com"
}
}
end
@@ -46,6 +47,7 @@ describe Gitlab::ContentSecurityPolicy::ConfigLoader do
expect(policy.directives['default-src']).to eq(expected_config(:default_src))
expect(policy.directives['child-src']).to eq(expected_config(:child_src))
expect(policy.directives['worker-src']).to eq(expected_config(:worker_src))
+ expect(policy.directives['report-uri']).to eq(expected_config(:report_uri))
end
it 'ignores malformed policy statements' do
View Lorry Controller Status