Skip to content

Commit 491288d

Browse files
bbadawi1bbadawi1
authored
Fix http_util_test by including perfetto url in expected CSP string (#7049)
This is a fix for a unit test breakage introduced in #7048.
1 parent cc9dc89 commit 491288d

1 file changed

Lines changed: 35 additions & 15 deletions

File tree

tensorboard/backend/http_util_test.py

Lines changed: 35 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -229,10 +229,14 @@ def testCsp(self):
229229
q, "<b>hello</b>", "text/html", csp_scripts_sha256s=["abcdefghi"]
230230
)
231231
expected_csp = (
232-
"default-src 'self';font-src 'self' data:;"
233-
"frame-src 'self';img-src 'self' data: blob:;object-src 'none';"
232+
"default-src 'self';"
233+
"font-src 'self' data:;"
234+
"frame-src 'self' https://ui.perfetto.dev;"
235+
"img-src 'self' data: blob:;"
236+
"object-src 'none';"
234237
"style-src 'self' https://www.gstatic.com data: 'unsafe-inline';"
235-
"connect-src 'self';script-src 'self' 'unsafe-eval' 'sha256-abcdefghi'"
238+
"connect-src 'self';"
239+
"script-src 'self' 'unsafe-eval' 'sha256-abcdefghi'"
236240
)
237241
self.assertEqual(r.headers.get("Content-Security-Policy"), expected_csp)
238242

@@ -243,10 +247,14 @@ def testCsp_noHash(self):
243247
q, "<b>hello</b>", "text/html", csp_scripts_sha256s=None
244248
)
245249
expected_csp = (
246-
"default-src 'self';font-src 'self' data:;"
247-
"frame-src 'self';img-src 'self' data: blob:;object-src 'none';"
250+
"default-src 'self';"
251+
"font-src 'self' data:;"
252+
"frame-src 'self' https://ui.perfetto.dev;"
253+
"img-src 'self' data: blob:;"
254+
"object-src 'none';"
248255
"style-src 'self' https://www.gstatic.com data: 'unsafe-inline';"
249-
"connect-src 'self';script-src 'unsafe-eval'"
256+
"connect-src 'self';"
257+
"script-src 'unsafe-eval'"
250258
)
251259
self.assertEqual(r.headers.get("Content-Security-Policy"), expected_csp)
252260

@@ -258,10 +266,14 @@ def testCsp_noHash_noUnsafeEval(self):
258266
q, "<b>hello</b>", "text/html", csp_scripts_sha256s=None
259267
)
260268
expected_csp = (
261-
"default-src 'self';font-src 'self' data:;"
262-
"frame-src 'self';img-src 'self' data: blob:;object-src 'none';"
269+
"default-src 'self';"
270+
"font-src 'self' data:;"
271+
"frame-src 'self' https://ui.perfetto.dev;"
272+
"img-src 'self' data: blob:;"
273+
"object-src 'none';"
263274
"style-src 'self' https://www.gstatic.com data: 'unsafe-inline';"
264-
"connect-src 'self';script-src 'none'"
275+
"connect-src 'self';"
276+
"script-src 'none'"
265277
)
266278
self.assertEqual(r.headers.get("Content-Security-Policy"), expected_csp)
267279

@@ -273,10 +285,14 @@ def testCsp_onlySelf(self):
273285
q, "<b>hello</b>", "text/html", csp_scripts_sha256s=None
274286
)
275287
expected_csp = (
276-
"default-src 'self';font-src 'self' data:;"
277-
"frame-src 'self';img-src 'self' data: blob:;object-src 'none';"
288+
"default-src 'self';"
289+
"font-src 'self' data:;"
290+
"frame-src 'self' https://ui.perfetto.dev;"
291+
"img-src 'self' data: blob:;"
292+
"object-src 'none';"
278293
"style-src 'self' https://www.gstatic.com data: 'unsafe-inline';"
279-
"connect-src 'self';script-src 'self'"
294+
"connect-src 'self';"
295+
"script-src 'self'"
280296
)
281297
self.assertEqual(r.headers.get("Content-Security-Policy"), expected_csp)
282298

@@ -287,10 +303,14 @@ def testCsp_disableUnsafeEval(self):
287303
q, "<b>hello</b>", "text/html", csp_scripts_sha256s=["abcdefghi"]
288304
)
289305
expected_csp = (
290-
"default-src 'self';font-src 'self' data:;"
291-
"frame-src 'self';img-src 'self' data: blob:;object-src 'none';"
306+
"default-src 'self';"
307+
"font-src 'self' data:;"
308+
"frame-src 'self' https://ui.perfetto.dev;"
309+
"img-src 'self' data: blob:;"
310+
"object-src 'none';"
292311
"style-src 'self' https://www.gstatic.com data: 'unsafe-inline';"
293-
"connect-src 'self';script-src 'self' 'sha256-abcdefghi'"
312+
"connect-src 'self';"
313+
"script-src 'self' 'sha256-abcdefghi'"
294314
)
295315
self.assertEqual(r.headers.get("Content-Security-Policy"), expected_csp)
296316

0 commit comments

Comments
 (0)