summaryrefslogtreecommitdiff
path: root/tests
diff options
context:
space:
mode:
authorGreg Roach <greg@subaqua.co.uk>2026-04-24 13:02:45 +0100
committerGreg Roach <greg@subaqua.co.uk>2026-04-24 13:02:45 +0100
commita8d95ceb87651e17ade08efee7a3b8b35001603b (patch)
tree773eeffd9ad8dc1194d65b77a1eabb4b2dd13e89 /tests
parentfc765b50f0f0a7129fb5fc904a764f1899ce5f73 (diff)
downloadwebtrees-a8d95ceb87651e17ade08efee7a3b8b35001603b.tar.gz
webtrees-a8d95ceb87651e17ade08efee7a3b8b35001603b.tar.bz2
webtrees-a8d95ceb87651e17ade08efee7a3b8b35001603b.zip
Add CSP to SVG error responses
Diffstat (limited to 'tests')
-rw-r--r--tests/app/Factories/ImageFactoryTest.php13
1 files changed, 11 insertions, 2 deletions
diff --git a/tests/app/Factories/ImageFactoryTest.php b/tests/app/Factories/ImageFactoryTest.php
index b14f9ee8d3..3f77d78c1c 100644
--- a/tests/app/Factories/ImageFactoryTest.php
+++ b/tests/app/Factories/ImageFactoryTest.php
@@ -19,14 +19,23 @@ declare(strict_types=1);
namespace Fisharebest\Webtrees\Factories;
+use Fisharebest\Webtrees\Services\PhpService;
use Fisharebest\Webtrees\TestCase;
use PHPUnit\Framework\Attributes\CoversClass;
#[CoversClass(ImageFactory::class)]
class ImageFactoryTest extends TestCase
{
- public function testClass(): void
+ public function testReplacementImageResponseSetsContentSecurityPolicyHeader(): void
{
- self::assertTrue(class_exists(ImageFactory::class));
+ $php_service = $this->createStub(PhpService::class);
+ $image_factory = new ImageFactory($php_service);
+ $response = $image_factory->replacementImageResponse('404');
+
+ self::assertSame('image/svg+xml', $response->getHeaderLine('content-type'));
+ self::assertSame(
+ 'default-src none',
+ $response->getHeaderLine('content-security-policy'),
+ );
}
}