content-security-policy 0.8.0

Will parse and validate Content-Security-Policy level 3
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73

extern crate content_security_policy;
use content_security_policy::sandboxing_directive::SandboxingFlagSet;
use content_security_policy::*;

#[test]
fn sandbox_document_flags() {
    let policy = CspList::parse("sandbox", PolicySource::Header, PolicyDisposition::Enforce);
    assert_eq!(
        Some(SandboxingFlagSet::all()),
        policy.get_sandboxing_flag_set_for_document()
    );
    let policy = CspList::parse(
        "sandbox allow-popups",
        PolicySource::Header,
        PolicyDisposition::Enforce,
    );
    assert_eq!(
        Some(
            SandboxingFlagSet::all()
                ^ SandboxingFlagSet::SANDBOXED_AUXILIARY_NAVIGATION_BROWSING_CONTEXT_FLAG
                ^ SandboxingFlagSet::SANBOXED_CUSTOM_PROTOCOLS_NAVIGATION_BROWSING_CONTEXT_FLAG
        ),
        policy.get_sandboxing_flag_set_for_document()
    );
    let policy = CspList::parse(
        "sandbox allow-forms",
        PolicySource::Header,
        PolicyDisposition::Enforce,
    );
    assert_eq!(
        Some(SandboxingFlagSet::all() ^ SandboxingFlagSet::SANDBOXED_FORMS_BROWSING_CONTEXT_FLAG),
        policy.get_sandboxing_flag_set_for_document()
    );
    let policy = CspList::parse(
        "sandbox allow-downloads",
        PolicySource::Header,
        PolicyDisposition::Enforce,
    );
    assert_eq!(
        Some(
            SandboxingFlagSet::all() ^ SandboxingFlagSet::SANDBOXED_DOWNLOADS_BROWSING_CONTEXT_FLAG
        ),
        policy.get_sandboxing_flag_set_for_document()
    );
    let policy = CspList::parse(
        "sandbox; connect-src https://*.notriddle.com:443",
        PolicySource::Header,
        PolicyDisposition::Enforce,
    );
    assert_eq!(
        Some(SandboxingFlagSet::all()),
        policy.get_sandboxing_flag_set_for_document()
    );
    let policy = CspList::parse(
        "sandbox allow-popups; connect-src https://*.notriddle.com:443",
        PolicySource::Header,
        PolicyDisposition::Enforce,
    );
    assert_eq!(
        Some(
            SandboxingFlagSet::all()
                ^ SandboxingFlagSet::SANDBOXED_AUXILIARY_NAVIGATION_BROWSING_CONTEXT_FLAG
                ^ SandboxingFlagSet::SANBOXED_CUSTOM_PROTOCOLS_NAVIGATION_BROWSING_CONTEXT_FLAG
        ),
        policy.get_sandboxing_flag_set_for_document()
    );
    let policy = CspList::parse(
        "connect-src https://*.notriddle.com:443",
        PolicySource::Header,
        PolicyDisposition::Enforce,
    );
    assert_eq!(None, policy.get_sandboxing_flag_set_for_document());
}