admin/e-ticket
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
af8bbc24dc522ee1b69fce40f300517ac590f44e
e-ticket/tests/Controller/CspReportControllerTest.php
Serreau Jovann af8bbc24dc Add homepage, tarifs, legal pages, navbar, footer and full test coverage 
- Homepage: hero, how it works (buyer/organizer), features, CTA
- Tarifs: 3 plans (Gratuit, Basique 10€, Sur-mesure), JSON-LD Product
- Legal pages: mentions legales, CGU (tabs buyer/organizer), CGV, RGPD, cookies, hosting
- Navbar: neubrutalism style, logo liip, mobile menu, SEO attributes
- Footer: contact, description, legal links, tarifs
- Sitemap: add /tarifs and /sitemap-orgas-{page}.xml
- Liip Imagine: remove S3, webp format on all filters
- Tests: full coverage for all controllers, services, repositories
- Fix CSP: replace inline onclick with data-tab JS

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-19 00:01:58 +01:00

82 lines
2.5 KiB
PHP
Raw Blame History

<?php
namespace App\Tests\Controller;
use Symfony\Bundle\FrameworkBundle\Test\WebTestCase;
use Symfony\Component\Mailer\MailerInterface;
class CspReportControllerTest extends WebTestCase
{
public function testInvalidPayloadReturnsBadRequest(): void
{
$client = static::createClient();
$client->request('POST', '/my-csp-report', [], [], [
'CONTENT_TYPE' => 'application/json',
], '');
self::assertResponseStatusCodeSame(400);
}
public function testBrowserExtensionViolationIsIgnored(): void
{
$client = static::createClient();
$payload = json_encode([
'csp-report' => [
'source-file' => 'chrome-extension://abc',
'blocked-uri' => 'inline',
'document-uri' => 'https://e-cosplay.fr/',
'violated-directive' => 'script-src',
],
]);
$client->request('POST', '/my-csp-report', [], [], [
'CONTENT_TYPE' => 'application/json',
], $payload);
self::assertResponseStatusCodeSame(204);
}
public function testRealViolationIsProcessed(): void
{
$client = static::createClient();
$payload = json_encode([
'csp-report' => [
'source-file' => 'https://evil.com/script.js',
'blocked-uri' => 'https://evil.com',
'document-uri' => 'https://e-cosplay.fr/page',
'violated-directive' => 'script-src',
],
]);
$client->request('POST', '/my-csp-report', [], [], [
'CONTENT_TYPE' => 'application/json',
], $payload);
self::assertResponseStatusCodeSame(204);
}
public function testRealViolationHandlesMailerFailure(): void
{
$client = static::createClient();
$mailer = $this->createMock(MailerInterface::class);
$mailer->method('send')->willThrowException(new \RuntimeException('SMTP down'));
static::getContainer()->set(MailerInterface::class, $mailer);
$payload = json_encode([
'csp-report' => [
'source-file' => 'https://evil.com/script.js',
'blocked-uri' => 'https://evil.com',
'document-uri' => 'https://e-cosplay.fr/page',
'violated-directive' => 'script-src',
],
]);
$client->request('POST', '/my-csp-report', [], [], [
'CONTENT_TYPE' => 'application/json',
], $payload);
self::assertResponseStatusCodeSame(204);
}
}
Reference in New Issue View Git Blame Copy Permalink