diff options
| author | rinpatch <rinpatch@sdf.org> | 2020-05-27 20:27:30 +0300 |
|---|---|---|
| committer | rinpatch <rinpatch@sdf.org> | 2020-05-27 21:31:47 +0300 |
| commit | 455a402c8a967b3a234c836b0574c4f011860d43 (patch) | |
| tree | ad96f96064a9a37e96068ad4d424b0b16343720f /test | |
| parent | 8f6d428880721d4b0151991e7943706b70ab8005 (diff) | |
| download | pleroma-455a402c8a967b3a234c836b0574c4f011860d43.tar.gz | |
HTTP Security plug: rewrite &csp_string/0
- Directives are now separated with ";" instead of " ;",
according to https://www.w3.org/TR/CSP2/#policy-parsing
the space is optional
- Use an IO list, which at the end gets converted to a binary as
opposed to ++ing a bunch of arrays with binaries together and joining
them to a string. I doubt it gives any significant real world advantage,
but the code is cleaner and now I can sleep at night.
- The static part of csp is pre-joined to a single binary at compile time.
Same reasoning as the last point.
Diffstat (limited to 'test')
| -rw-r--r-- | test/plugs/http_security_plug_test.exs | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/test/plugs/http_security_plug_test.exs b/test/plugs/http_security_plug_test.exs index 84e4c274f..63b4d3f31 100644 --- a/test/plugs/http_security_plug_test.exs +++ b/test/plugs/http_security_plug_test.exs @@ -67,7 +67,7 @@ defmodule Pleroma.Web.Plugs.HTTPSecurityPlugTest do [csp] = Conn.get_resp_header(conn, "content-security-policy") - assert csp =~ ~r|report-uri https://endpoint.com; report-to csp-endpoint;| + assert csp =~ ~r|report-uri https://endpoint.com;report-to csp-endpoint;| [reply_to] = Conn.get_resp_header(conn, "reply-to") |