Spaces:
Running
Running
File size: 1,206 Bytes
b8cc2bf | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 | import { describe, it, expect } from 'vitest';
import { Window } from 'happy-dom';
import fs from 'fs';
import path from 'path';
import { fileURLToPath } from 'url';
const __filename = fileURLToPath(import.meta.url);
const __dirname = path.dirname(__filename);
describe('Content Security Policy', () => {
it('should be present in index.html', () => {
const htmlPath = path.resolve(__dirname, '../index.html');
const html = fs.readFileSync(htmlPath, 'utf-8');
const window = new Window();
const document = window.document;
document.write(html);
const meta = document.querySelector('meta[http-equiv="Content-Security-Policy"]');
expect(meta).not.toBeNull();
const content = meta?.getAttribute('content') || '';
// Check for critical directives
expect(content).toContain("default-src 'self'");
expect(content).toContain("script-src 'self'");
expect(content).toContain("object-src 'none'");
// Check specific allowances
expect(content).toContain('https://huggingface.co');
expect(content).toContain('https://*.hf.co');
expect(content).toContain('blob:'); // For workers
expect(content).toContain("worker-src 'self' blob:");
});
});
|