diff options
| author | David Mehren | 2020-09-02 20:17:57 +0200 |
|---|---|---|
| committer | GitHub | 2020-09-02 20:17:57 +0200 |
| commit | f862b7a1e44c1101a921f19bca4d8d8063eb25ce (patch) | |
| tree | e1cb778962cffd1d0a216bf706adea8684df398c /test/csp.js | |
| parent | b174f3c574949e930cef1c652fb85604dc8ce482 (diff) | |
| parent | c2c28d3aeb4f3db92991bf77cd8e8dfa1be2268f (diff) | |
Merge pull request #485 from codimd/fix/dropbox
Diffstat (limited to 'test/csp.js')
| -rw-r--r-- | test/csp.js | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/test/csp.js b/test/csp.js index 8cf24b9a..d081cef0 100644 --- a/test/csp.js +++ b/test/csp.js @@ -27,7 +27,10 @@ describe('Content security policies', function () { upgradeInsecureRequests: 'auto', reportURI: undefined }, - useCDN: true + useCDN: true, + dropbox: { + appKey: undefined + } } }) @@ -78,6 +81,16 @@ describe('Content security policies', function () { assert(!csp.computeDirectives().fontSrc.includes('https://*.disquscdn.com')) }) + it('Include dropbox if configured', function () { + let testconfig = defaultConfig + testconfig.dropbox.appKey = 'hedgedoc' + mock('../lib/config', testconfig) + csp = mock.reRequire('../lib/csp') + + assert(csp.computeDirectives().scriptSrc.includes('https://www.dropbox.com')) + assert(csp.computeDirectives().scriptSrc.includes('\'unsafe-inline\'')) + }) + it('Set ReportURI', function () { let testconfig = defaultConfig testconfig.csp.reportURI = 'https://example.com/reportURI' |