From a6d446e6a73abb687f8f3a2b08cf0c955b6049dc Mon Sep 17 00:00:00 2001 From: Matt Jankowski Date: Tue, 21 Nov 2023 05:28:55 -0500 Subject: [PATCH] Add coverage for `remote_interaction_helper` (#28002) --- .../remote_interaction_helper_spec.rb | 30 +++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 spec/requests/remote_interaction_helper_spec.rb diff --git a/spec/requests/remote_interaction_helper_spec.rb b/spec/requests/remote_interaction_helper_spec.rb new file mode 100644 index 000000000..e6364fe8c --- /dev/null +++ b/spec/requests/remote_interaction_helper_spec.rb @@ -0,0 +1,30 @@ +# frozen_string_literal: true + +require 'rails_helper' + +describe 'Remote Interaction Helper' do + describe 'GET /remote_interaction_helper' do + it 'returns http success' do + get remote_interaction_helper_path + + expect(response) + .to have_http_status(200) + .and render_template(:index, layout: 'helper_frame') + .and have_attributes( + headers: include( + 'X-Frame-Options' => 'SAMEORIGIN', + 'Referrer-Policy' => 'no-referrer', + 'Content-Security-Policy' => expected_csp_headers + ) + ) + end + end + + private + + def expected_csp_headers + <<~CSP.squish + default-src 'none'; frame-ancestors 'self'; form-action 'none'; script-src 'self' https://cb6e6126.ngrok.io 'wasm-unsafe-eval'; connect-src https: + CSP + end +end