本文整理汇总了C++中Persistent::allowInlineScript方法的典型用法代码示例。如果您正苦于以下问题:C++ Persistent::allowInlineScript方法的具体用法?C++ Persistent::allowInlineScript怎么用?C++ Persistent::allowInlineScript使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类Persistent的用法示例。
在下文中一共展示了Persistent::allowInlineScript方法的1个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: String
TEST_F(ContentSecurityPolicyTest, NonceInline)
{
struct TestCase {
const char* policy;
const char* nonce;
bool allowed;
} cases[] = {
{ "'unsafe-inline'", "", true },
{ "'unsafe-inline'", "yay", true },
{ "'nonce-yay'", "", false },
{ "'nonce-yay'", "yay", true },
{ "'unsafe-inline' 'nonce-yay'", "", false },
{ "'unsafe-inline' 'nonce-yay'", "yay", true },
};
String contextURL;
String content;
WTF::OrdinalNumber contextLine;
for (const auto& test : cases) {
SCOPED_TRACE(testing::Message() << "Policy: `" << test.policy << "`, Nonce: `" << test.nonce << "`");
unsigned expectedReports = test.allowed ? 0u : 1u;
// Enforce 'script-src'
Persistent<ContentSecurityPolicy> policy = ContentSecurityPolicy::create();
policy->bindToExecutionContext(document.get());
policy->didReceiveHeader(String("script-src ") + test.policy, ContentSecurityPolicyHeaderTypeEnforce, ContentSecurityPolicyHeaderSourceHTTP);
EXPECT_EQ(test.allowed, policy->allowInlineScript(contextURL, String(test.nonce), contextLine, content));
EXPECT_EQ(expectedReports, policy->m_violationReportsSent.size());
// Enforce 'style-src'
policy = ContentSecurityPolicy::create();
policy->bindToExecutionContext(document.get());
policy->didReceiveHeader(String("style-src ") + test.policy, ContentSecurityPolicyHeaderTypeEnforce, ContentSecurityPolicyHeaderSourceHTTP);
EXPECT_EQ(test.allowed, policy->allowInlineStyle(contextURL, String(test.nonce), contextLine, content));
EXPECT_EQ(expectedReports, policy->m_violationReportsSent.size());
// Report 'script-src'
policy = ContentSecurityPolicy::create();
policy->bindToExecutionContext(document.get());
policy->didReceiveHeader(String("script-src ") + test.policy, ContentSecurityPolicyHeaderTypeReport, ContentSecurityPolicyHeaderSourceHTTP);
EXPECT_TRUE(policy->allowInlineScript(contextURL, String(test.nonce), contextLine, content));
EXPECT_EQ(expectedReports, policy->m_violationReportsSent.size());
// Report 'style-src'
policy = ContentSecurityPolicy::create();
policy->bindToExecutionContext(document.get());
policy->didReceiveHeader(String("style-src ") + test.policy, ContentSecurityPolicyHeaderTypeReport, ContentSecurityPolicyHeaderSourceHTTP);
EXPECT_TRUE(policy->allowInlineStyle(contextURL, String(test.nonce), contextLine, content));
EXPECT_EQ(expectedReports, policy->m_violationReportsSent.size());
}
}