admin/e-ticket
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
dc3d464b1785870048160033bdc4f7ecdbbfc051
e-ticket/tests/Controller/CspReportControllerTest.php
Serreau Jovann dc3d464b17 Add PHPUnit tests with coverage for all src classes 
- 21 test files covering controllers, services, entities, enums, messages
- CI: add test job with Xdebug coverage (clover + text)
- SonarQube: configure coverage report path and test sources

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-18 22:50:23 +01:00

57 lines
1.6 KiB
PHP
Raw Blame History

<?php
namespace App\Tests\Controller;
use Symfony\Bundle\FrameworkBundle\Test\WebTestCase;
class CspReportControllerTest extends WebTestCase
{
public function testInvalidPayloadReturnsBadRequest(): void
{
$client = static::createClient();
$client->request('POST', '/my-csp-report', [], [], [
'CONTENT_TYPE' => 'application/json',
], '');
self::assertResponseStatusCodeSame(400);
}
public function testBrowserExtensionViolationIsIgnored(): void
{
$client = static::createClient();
$payload = json_encode([
'csp-report' => [
'source-file' => 'chrome-extension://abc',
'blocked-uri' => 'inline',
'document-uri' => 'https://e-cosplay.fr/',
'violated-directive' => 'script-src',
],
]);
$client->request('POST', '/my-csp-report', [], [], [
'CONTENT_TYPE' => 'application/json',
], $payload);
self::assertResponseStatusCodeSame(204);
}
public function testRealViolationIsProcessed(): void
{
$client = static::createClient();
$payload = json_encode([
'csp-report' => [
'source-file' => 'https://evil.com/script.js',
'blocked-uri' => 'https://evil.com',
'document-uri' => 'https://e-cosplay.fr/page',
'violated-directive' => 'script-src',
],
]);
$client->request('POST', '/my-csp-report', [], [], [
'CONTENT_TYPE' => 'application/json',
], $payload);
self::assertResponseStatusCodeSame(204);
}
}
Reference in New Issue View Git Blame Copy Permalink