debian-mirror-gitlab/spec/features/ide/clientside_preview_csp_spec.rb

32 lines
760 B
Ruby
Raw Normal View History

2020-04-08 14:13:33 +05:30
# frozen_string_literal: true
require 'spec_helper'
2020-06-23 00:09:42 +05:30
RSpec.describe 'IDE Clientside Preview CSP' do
2020-04-08 14:13:33 +05:30
let_it_be(:user) { create(:user) }
shared_context 'disable feature' do
before do
2021-04-29 21:17:54 +05:30
stub_application_setting(web_ide_clientside_preview_enabled: false)
2020-04-08 14:13:33 +05:30
end
end
it_behaves_like 'setting CSP', 'frame-src' do
2022-01-26 12:08:38 +05:30
let(:allowlisted_url) { 'https://sandbox.gitlab-static.test' }
2020-04-08 14:13:33 +05:30
let(:extended_controller_class) { IdeController }
subject do
visit ide_path
response_headers['Content-Security-Policy']
end
before do
2021-04-29 21:17:54 +05:30
stub_application_setting(web_ide_clientside_preview_enabled: true)
2022-01-26 12:08:38 +05:30
stub_application_setting(web_ide_clientside_preview_bundler_url: allowlisted_url)
2020-04-08 14:13:33 +05:30
sign_in(user)
end
end
end