| 123456789101112131415161718192021222324252627282930 |
- # frozen_string_literal: true
- require 'rails_helper'
- describe 'Remote Interaction Helper' do
- describe 'GET /remote_interaction_helper' do
- it 'returns http success' do
- get remote_interaction_helper_path
- expect(response)
- .to have_http_status(200)
- .and render_template(:index, layout: 'helper_frame')
- .and have_attributes(
- headers: include(
- 'X-Frame-Options' => 'SAMEORIGIN',
- 'Referrer-Policy' => 'no-referrer',
- 'Content-Security-Policy' => expected_csp_headers
- )
- )
- end
- end
- private
- def expected_csp_headers
- <<~CSP.squish
- default-src 'none'; frame-ancestors 'self'; form-action 'none'; script-src 'self' https://cb6e6126.ngrok.io 'wasm-unsafe-eval'; connect-src https:
- CSP
- end
- end
|
