soeren/fotospiel-app
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

Allow inline style tags and remove Bunny font
Some checks failed
linter / quality (push) Has been cancelled
Details
tests / ci (push) Has been cancelled
Details
tests / ui (push) Has been cancelled
Details

Browse Source
This commit is contained in:
Codex Agent
2026-01-24 23:34:10 +01:00
parent 8414305ea3
commit 84e253b61c
4 changed files with 3 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
tests/Feature/SecurityHeadersTest.php
View File

@@ -37,6 +37,7 @@ class SecurityHeadersTest extends TestCase
$response->assertHeader('Permissions-Policy', 'camera=(), microphone=(), geolocation=()');
$response->assertHeader('Content-Security-Policy');
$response->assertHeaderContains('Content-Security-Policy', "style-src-elem 'self'");
$response->assertHeaderContains('Content-Security-Policy', "'unsafe-inline'; style-src-attr");
$response->assertHeader('Strict-Transport-Security', 'max-age=31536000; includeSubDomains');
$response->assertCookie('XSRF-TOKEN');
@@ -48,6 +49,7 @@ class SecurityHeadersTest extends TestCase
$login->assertOk();
$login->assertHeader('Content-Security-Policy');
$login->assertHeaderContains('Content-Security-Policy', "style-src-elem 'self'");
$login->assertHeaderContains('Content-Security-Policy', "'unsafe-inline'; style-src-attr");
$login->assertHeader('X-Frame-Options', 'SAMEORIGIN');
$login->assertCookie('XSRF-TOKEN');
} finally {