aboutsummaryrefslogtreecommitdiffstats
path: root/railties/test/application/content_security_policy_test.rb
diff options
context:
space:
mode:
Diffstat (limited to 'railties/test/application/content_security_policy_test.rb')
-rw-r--r--railties/test/application/content_security_policy_test.rb30
1 files changed, 28 insertions, 2 deletions
diff --git a/railties/test/application/content_security_policy_test.rb b/railties/test/application/content_security_policy_test.rb
index 97f2957c33..43f2b333f3 100644
--- a/railties/test/application/content_security_policy_test.rb
+++ b/railties/test/application/content_security_policy_test.rb
@@ -16,7 +16,7 @@ module ApplicationTests
teardown_app
end
- test "default content security policy is empty" do
+ test "default content security policy is nil" do
controller :pages, <<-RUBY
class PagesController < ApplicationController
def index
@@ -34,7 +34,33 @@ module ApplicationTests
app("development")
get "/"
- assert_equal ";", last_response.headers["Content-Security-Policy"]
+ assert_nil last_response.headers["Content-Security-Policy"]
+ end
+
+ test "empty content security policy is generated" do
+ controller :pages, <<-RUBY
+ class PagesController < ApplicationController
+ def index
+ render html: "<h1>Welcome to Rails!</h1>"
+ end
+ end
+ RUBY
+
+ app_file "config/initializers/content_security_policy.rb", <<-RUBY
+ Rails.application.config.content_security_policy do |p|
+ end
+ RUBY
+
+ app_file "config/routes.rb", <<-RUBY
+ Rails.application.routes.draw do
+ root to: "pages#index"
+ end
+ RUBY
+
+ app("development")
+
+ get "/"
+ assert_policy ";"
end
test "global content security policy in an initializer" do
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-03 05:05:12 +0000