mirror of https://github.com/tootsuite/mastodon
Add coverage for `remote_interaction_helper` (#28002)
parent
e1bb79718b
commit
a6d446e6a7
|
@ -0,0 +1,30 @@
|
||||||
|
# frozen_string_literal: true
|
||||||
|
|
||||||
|
require 'rails_helper'
|
||||||
|
|
||||||
|
describe 'Remote Interaction Helper' do
|
||||||
|
describe 'GET /remote_interaction_helper' do
|
||||||
|
it 'returns http success' do
|
||||||
|
get remote_interaction_helper_path
|
||||||
|
|
||||||
|
expect(response)
|
||||||
|
.to have_http_status(200)
|
||||||
|
.and render_template(:index, layout: 'helper_frame')
|
||||||
|
.and have_attributes(
|
||||||
|
headers: include(
|
||||||
|
'X-Frame-Options' => 'SAMEORIGIN',
|
||||||
|
'Referrer-Policy' => 'no-referrer',
|
||||||
|
'Content-Security-Policy' => expected_csp_headers
|
||||||
|
)
|
||||||
|
)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
private
|
||||||
|
|
||||||
|
def expected_csp_headers
|
||||||
|
<<~CSP.squish
|
||||||
|
default-src 'none'; frame-ancestors 'self'; form-action 'none'; script-src 'self' https://cb6e6126.ngrok.io 'wasm-unsafe-eval'; connect-src https:
|
||||||
|
CSP
|
||||||
|
end
|
||||||
|
end
|
Loading…
Reference in New Issue