From aa1fa13b279b5443a02ac083e886ec969c97ed5f Mon Sep 17 00:00:00 2001 From: Dylan Young Date: Wed, 25 May 2022 00:55:25 -0300 Subject: [PATCH] GH-72 Add tests for FormattedPolicyCSPMiddleware --- csp/tests/test_contrib.py | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/csp/tests/test_contrib.py b/csp/tests/test_contrib.py index 98ccded..2140505 100644 --- a/csp/tests/test_contrib.py +++ b/csp/tests/test_contrib.py @@ -2,12 +2,14 @@ from django.test import RequestFactory from django.test.utils import override_settings +from csp.contrib.formatted_policy import FormattedPolicyCSPMiddleware from csp.contrib.rate_limiting import RateLimitedCSPMiddleware from csp.tests.utils import response HEADER = 'Content-Security-Policy' -mw = RateLimitedCSPMiddleware(response()) +rate_limited_mw = RateLimitedCSPMiddleware(response()) +formatted_mw = FormattedPolicyCSPMiddleware(response()) rf = RequestFactory() @@ -17,8 +19,16 @@ def test_report_percentage(): for _ in range(5000): request = rf.get('/') response = HttpResponse() - mw.process_response(request, response) + rate_limited_mw.process_response(request, response) if 'report-uri' in response[HEADER]: times_seen += 1 # Roughly 10% assert 400 <= times_seen <= 600 + + +@override_legacy_settings(CSP_DEFAULT_SRC=["{host}"]) +def test_formatted_policy(): + request = rf.get('/', HTTP_HOST='example.com') + response = HttpResponse() + formatted_mw.process_response(request, response) + assert response[HEADER] == 'default-src example.com'