Apply mapping to symbols returned from dynamic CSP sources

Previously if a dynamic source returned a symbol such as :self it would be converted to a string implicity, e.g: policy.default_src -> { :self } would generate the header: Content-Security-Policy: default-src self and now it generates: Content-Security-Policy: default-src 'self'
author: Andrew White <andrew.white@unboxed.co> 2018-10-22 17:10:01 +0100
committer: Andrew White <andrew.white@unboxed.co> 2018-10-22 17:10:01 +0100
commit: ed91b75c937805cb52b3930f2549b7a179cdc421 (patch)
tree: 95c43d7fd2e2899fa6949b52b588cd6bce5a84ca /actionpack/test/dispatch
parent: dc6761592009e9146552fc9d6299bf58a34e187a (diff)
download: rails-ed91b75c937805cb52b3930f2549b7a179cdc421.tar.gz
rails-ed91b75c937805cb52b3930f2549b7a179cdc421.tar.bz2
rails-ed91b75c937805cb52b3930f2549b7a179cdc421.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/actionpack/test/dispatch/content_security_policy_test.rb b/actionpack/test/dispatch/content_security_policy_test.rb
index 13ad22b5c5..8dd4b8edb1 100644
--- a/actionpack/test/dispatch/content_security_policy_test.rb
+++ b/actionpack/test/dispatch/content_security_policy_test.rb
@@ -264,8 +264,8 @@ class DefaultContentSecurityPolicyIntegrationTest < ActionDispatch::IntegrationT
   end
 
   POLICY = ActionDispatch::ContentSecurityPolicy.new do |p|
-    p.default_src :self
-    p.script_src  :https
+    p.default_src -> { :self  }
+    p.script_src  -> { :https }
   end
 
   class PolicyConfigMiddleware
author	Andrew White <andrew.white@unboxed.co>	2018-10-22 17:10:01 +0100
committer	Andrew White <andrew.white@unboxed.co>	2018-10-22 17:10:01 +0100
commit	ed91b75c937805cb52b3930f2549b7a179cdc421 (patch)
tree	95c43d7fd2e2899fa6949b52b588cd6bce5a84ca /actionpack/test/dispatch
parent	dc6761592009e9146552fc9d6299bf58a34e187a (diff)
download	rails-ed91b75c937805cb52b3930f2549b7a179cdc421.tar.gz rails-ed91b75c937805cb52b3930f2549b7a179cdc421.tar.bz2 rails-ed91b75c937805cb52b3930f2549b7a179cdc421.zip