From 79265016495c2514a2589b3c79696d9b9e9a8baf Mon Sep 17 00:00:00 2001 From: Gani Georgiev Date: Thu, 21 Jul 2022 17:22:31 +0300 Subject: [PATCH] updated comments and added CSP header check in the tests --- tools/filesystem/filesystem_test.go | 24 +++++++++++++----------- 1 file changed, 13 insertions(+), 11 deletions(-) diff --git a/tools/filesystem/filesystem_test.go b/tools/filesystem/filesystem_test.go index c4f32837..212f75e0 100644 --- a/tools/filesystem/filesystem_test.go +++ b/tools/filesystem/filesystem_test.go @@ -177,21 +177,22 @@ func TestFileSystemServe(t *testing.T) { "test_name.txt", false, map[string]string{ - "Content-Disposition": "attachment; filename=test_name.txt", - "Content-Type": "application/octet-stream", - "Content-Length": "0", + "Content-Disposition": "attachment; filename=test_name.txt", + "Content-Type": "application/octet-stream", + "Content-Length": "0", + "Content-Security-Policy": "default-src 'none'; style-src 'unsafe-inline'; sandbox", }, }, - // png inline { - // svg exception + // png inline "image.png", "test_name.png", false, map[string]string{ - "Content-Disposition": "inline; filename=test_name.png", - "Content-Type": "image/png", - "Content-Length": "73", + "Content-Disposition": "inline; filename=test_name.png", + "Content-Type": "image/png", + "Content-Length": "73", + "Content-Security-Policy": "default-src 'none'; style-src 'unsafe-inline'; sandbox", }, }, { @@ -200,9 +201,10 @@ func TestFileSystemServe(t *testing.T) { "test_name.svg", false, map[string]string{ - "Content-Disposition": "attachment; filename=test_name.svg", - "Content-Type": "image/svg+xml", - "Content-Length": "0", + "Content-Disposition": "attachment; filename=test_name.svg", + "Content-Type": "image/svg+xml", + "Content-Length": "0", + "Content-Security-Policy": "default-src 'none'; style-src 'unsafe-inline'; sandbox", }, }, }