From ed91b75c937805cb52b3930f2549b7a179cdc421 Mon Sep 17 00:00:00 2001
From: Andrew White <andrew.white@unboxed.co>
Date: Mon, 22 Oct 2018 17:10:01 +0100
Subject: Apply mapping to symbols returned from dynamic CSP sources

Previously if a dynamic source returned a symbol such as :self it
would be converted to a string implicity, e.g:

  policy.default_src -> { :self }

would generate the header:

  Content-Security-Policy: default-src self

and now it generates:

  Content-Security-Policy: default-src 'self'
---
 actionpack/test/dispatch/content_security_policy_test.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'actionpack/test/dispatch')

diff --git a/actionpack/test/dispatch/content_security_policy_test.rb b/actionpack/test/dispatch/content_security_policy_test.rb
index 13ad22b5c5..8dd4b8edb1 100644
--- a/actionpack/test/dispatch/content_security_policy_test.rb
+++ b/actionpack/test/dispatch/content_security_policy_test.rb
@@ -264,8 +264,8 @@ class DefaultContentSecurityPolicyIntegrationTest < ActionDispatch::IntegrationT
   end
 
   POLICY = ActionDispatch::ContentSecurityPolicy.new do |p|
-    p.default_src :self
-    p.script_src  :https
+    p.default_src -> { :self  }
+    p.script_src  -> { :https }
   end
 
   class PolicyConfigMiddleware
-- 
cgit v1.2.3