From 3c442b6df91e291ebbf17f37444414bf5f10fbe6 Mon Sep 17 00:00:00 2001
From: Simon Dawson <spdawson@gmail.com>
Date: Tue, 5 Dec 2017 07:13:48 +0000
Subject: Fix CSP copy boolean directives (#31326)

Use Object#deep_dup to safely duplicate policy values
---
 actionpack/test/dispatch/content_security_policy_test.rb | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'actionpack/test/dispatch')

diff --git a/actionpack/test/dispatch/content_security_policy_test.rb b/actionpack/test/dispatch/content_security_policy_test.rb
index 8a1ac066e8..7c4a65a633 100644
--- a/actionpack/test/dispatch/content_security_policy_test.rb
+++ b/actionpack/test/dispatch/content_security_policy_test.rb
@@ -14,6 +14,15 @@ class ContentSecurityPolicyTest < ActiveSupport::TestCase
     assert_equal "script-src 'self';", @policy.build
   end
 
+  def test_dup
+    @policy.img_src :self
+    @policy.block_all_mixed_content
+    @policy.upgrade_insecure_requests
+    @policy.sandbox
+    copied = @policy.dup
+    assert_equal copied.build, @policy.build
+  end
+
   def test_mappings
     @policy.script_src :data
     assert_equal "script-src data:;", @policy.build
-- 
cgit v1.2.3