diff options
| author | Greg Roach <greg@subaqua.co.uk> | 2026-04-24 13:02:45 +0100 |
|---|---|---|
| committer | Greg Roach <greg@subaqua.co.uk> | 2026-04-24 13:02:45 +0100 |
| commit | a8d95ceb87651e17ade08efee7a3b8b35001603b (patch) | |
| tree | 773eeffd9ad8dc1194d65b77a1eabb4b2dd13e89 /tests | |
| parent | fc765b50f0f0a7129fb5fc904a764f1899ce5f73 (diff) | |
| download | webtrees-a8d95ceb87651e17ade08efee7a3b8b35001603b.tar.gz webtrees-a8d95ceb87651e17ade08efee7a3b8b35001603b.tar.bz2 webtrees-a8d95ceb87651e17ade08efee7a3b8b35001603b.zip | |
Add CSP to SVG error responses
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/app/Factories/ImageFactoryTest.php | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/tests/app/Factories/ImageFactoryTest.php b/tests/app/Factories/ImageFactoryTest.php index b14f9ee8d3..3f77d78c1c 100644 --- a/tests/app/Factories/ImageFactoryTest.php +++ b/tests/app/Factories/ImageFactoryTest.php @@ -19,14 +19,23 @@ declare(strict_types=1); namespace Fisharebest\Webtrees\Factories; +use Fisharebest\Webtrees\Services\PhpService; use Fisharebest\Webtrees\TestCase; use PHPUnit\Framework\Attributes\CoversClass; #[CoversClass(ImageFactory::class)] class ImageFactoryTest extends TestCase { - public function testClass(): void + public function testReplacementImageResponseSetsContentSecurityPolicyHeader(): void { - self::assertTrue(class_exists(ImageFactory::class)); + $php_service = $this->createStub(PhpService::class); + $image_factory = new ImageFactory($php_service); + $response = $image_factory->replacementImageResponse('404'); + + self::assertSame('image/svg+xml', $response->getHeaderLine('content-type')); + self::assertSame( + 'default-src none', + $response->getHeaderLine('content-security-policy'), + ); } } |