kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-08-29 15:06:26 +02:00
Code Issues Packages Projects Releases Wiki Activity

Optimized more CSP policies and recaptcha

Browse Source
This commit is contained in:
Kevin Veen-Birkenbach
2025-05-15 19:36:46 +02:00
parent 2302cbfeb4
commit 9c65c320f9
8 changed files with 48 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
tests/unit/test_csp_filters.py
View File

@@ -137,5 +137,25 @@ class TestCspFilters(unittest.TestCase):
style_hash = self.filter.get_csp_hash("body { background: #fff; }")
self.assertNotIn(style_hash, header)
def test_build_csp_header_recaptcha_toggle(self):
"""
When the 'recaptcha' feature is enabled, 'https://www.google.com'
must be included in script-src; when disabled, it must not be.
"""
# enabled case
self.apps['app1']['features']['recaptcha'] = True
header_enabled = self.filter.build_csp_header(
self.apps, 'app1', self.domains, web_protocol='https'
)
self.assertIn("https://www.google.com", header_enabled)
# disabled case
self.apps['app1']['features']['recaptcha'] = False
header_disabled = self.filter.build_csp_header(
self.apps, 'app1', self.domains, web_protocol='https'
)
self.assertNotIn("https://www.google.com", header_disabled)
if __name__ == '__main__':
unittest.main()