]j"^ddlmZddlZddlZddlmZddlmZddlm Z ddl m Z d`dZ dZ d Ze eejZed d g d Zed gdZed gdZed gdZed gdZed gdZed gdZed gdZed gdZed gdZed g d!Zed g"d#Zed g$d%Zed g&d'Zed(g)d*Zeg)d+Z ed,-d.Z!eed,-d/Z"ed01d2Z#ed gd3Z$d4Z%ed gd5Z&d6Z'd7Z(ed8d9Z)ed8d:Z*ed g;d<Z+ed g=d>Z,ed g?d@Z-ed gAdBZ.ed gCdDZ/ed gEdFZ0ed gGdHZ1edIgJdKZ2edLgMdNZ3edOgPdQZ4egdRSdTZ5edUVdWZ6edUXdYZ7dZZ8ed[d\g]d^Z9ed_Z:y)a)absolute_importN)settings)override_settings)lazy build_policyct|jd}t|jd}||k(s J|||fzy)Nz; )sortedsplit)abmsgparts_aparts_bs >/root/env/lib/python3.12/site-packages/csp/tests/test_utils.py policy_eqr sAQWWT]#GQWWT]#G g +saV|+ c&t}d|k(sJy)Nzdefault-src 'self'rpolicys rtest_empty_policyrs ^F 6 )) )rc|S)N)ss rliteralrs Hr example.com example2.com)CSP_DEFAULT_SRCc&t}d|k(sJy)Nz$default-src example.com example2.comrrs rtest_default_srcr s ^F 1V ;; ;r)CSP_SCRIPT_SRCc0t}td|y)Nz*default-src 'self'; script-src example.comrrrs rtest_script_srcr$$ ^F :FCr)CSP_SCRIPT_SRC_ATTRc0t}td|y)Nz/default-src 'self'; script-src-attr example.comr#rs rtest_script_src_attrr(* ^F ?Hr)CSP_SCRIPT_SRC_ELEMc0t}td|y)Nz/default-src 'self'; script-src-elem example.comr#rs rtest_script_src_elemr,0r)r)CSP_OBJECT_SRCc0t}td|y)Nz*default-src 'self'; object-src example.comr#rs rtest_object_srcr/6r%r)CSP_PREFETCH_SRCc0t}td|y)Nz,default-src 'self'; prefetch-src example.comr#rs rtest_prefetch_srcr2< ^F Gr)CSP_STYLE_SRC_ELEMc0t}td|y)Nz.default-src 'self'; style-src-elem example.comr#rs rtest_style_src_elemr>Nr;r) CSP_IMG_SRCc0t}td|y)N'default-src 'self'; img-src example.comr#rs r test_img_srcrBTs ^F 7@r) CSP_MEDIA_SRCc0t}td|y)Nz)default-src 'self'; media-src example.comr#rs rtest_media_srcrEZr7r) CSP_FRAME_SRCc0t}td|y)Nz)default-src 'self'; frame-src example.comr#rs rtest_frame_srcrH`r7r) CSP_FONT_SRCc0t}td|y)Nz(default-src 'self'; font-src example.comr#rs r test_font_srcrKf ^F 8&Ar)CSP_CONNECT_SRCc0t}td|y)Nz+default-src 'self'; connect-src example.comr#rs rtest_connect_srcrOl ^F ;VDrz allow-scripts) CSP_SANDBOXc0t}td|y)Nz)default-src 'self'; sandbox allow-scriptsr#rs r test_sandboxrSrr7rc0t}td|y)Nzdefault-src 'self'; sandboxr#rs rtest_sandbox_emptyrUxs ^F +V4rz/foo)CSP_REPORT_URIc0t}td|yNz#default-src 'self'; report-uri /foor#rs rtest_report_urirY~ ^F 3VF 8&Arc8tddi}td|y)z7replace should work even if the setting is not defined.rbrrjrANr#rs rtest_replace_missing_settingros 9m"< =F 7@rc>tdgdgd}td|y)Nz'none'z'self')z default-srcrb)configz"default-src 'none'; img-src 'self'r#rs r test_configrrs$  (zxjACF 2F;r)rc8tddi}td|y)z GitHub issue #40 - given project settings as a tuple, and an update/replace with a string, concatenate correctly. rbrrcreNr#rs rtest_update_stringrts! )^!< =F Drc8tddi}td|y)zG Demonstrate that GitHub issue #40 doesn't affect replacements rbrrjrlNr#rs rtest_replace_stringrvs! 9n"= >F 8r)CSP_FORM_ACTIONc0t}td|y)Nz+default-src 'self'; form-action example.comr#rs rtest_form_actionryrPr) CSP_BASE_URIc0t}td|y)Nz(default-src 'self'; base-uri example.comr#rs r test_base_urir|rLr) CSP_CHILD_SRCctjt5t}t d|dddy#1swYyxYw)Nz)default-src 'self'; child-src example.com)pytestwarnsDeprecationWarningrrrs rtest_child_srcrs: ( )G=vFGGGs :A)CSP_FRAME_ANCESTORSc0t}td|y)Nz/default-src 'self'; frame-ancestors example.comr#rs rtest_frame_ancestorsrr)r)CSP_NAVIGATE_TOc0t}td|y)Nz+default-src 'self'; navigate-to example.comr#rs rtest_navigate_torrPr)CSP_MANIFEST_SRCc0t}td|y)Nz,default-src 'self'; manifest-src example.comr#rs rtest_manifest_srcrr3r)CSP_WORKER_SRCc0t}td|y)Nz*default-src 'self'; worker-src example.comr#rs rtest_worker_srcrr%rzapplication/pdf)CSP_PLUGIN_TYPESc0t}td|y)Nz0default-src 'self'; plugin-types application/pdfr#rs rtest_plugin_typesrs ^F @&Irscript)CSP_REQUIRE_SRI_FORc0t}td|y)Nz*default-src 'self'; require-sri-for scriptr#rs rtest_require_sri_forrr%rz'script')CSP_REQUIRE_TRUSTED_TYPES_FORc0t}td|y)Nz6default-src 'self'; require-trusted-types-for 'script'r#rs rtest_require_trusted_types_forrs ^F FOr) strictPolicy laxPolicydefaultz'allow-duplicates')CSP_TRUSTED_TYPESc0t}td|y)NzSdefault-src 'self'; trusted-types strictPolicy laxPolicy default 'allow-duplicates'r#rs rtest_trusted_typesrs^F -.46rT)CSP_UPGRADE_INSECURE_REQUESTSc0t}td|y)Nz-default-src 'self'; upgrade-insecure-requestsr#rs rtest_upgrade_insecure_requestsr s ^F =vFr)CSP_BLOCK_ALL_MIXED_CONTENTc0t}td|y)Nz+default-src 'self'; block-all-mixed-contentr#rs rtest_block_all_mixed_contentrrPrc4td}td|yNabc123noncez!default-src 'self' 'nonce-abc123'r#rs r test_noncers  )F 16:rz script-srcz style-src)CSP_INCLUDE_NONCE_INc4td}td|y)NrrzGdefault-src 'self'; script-src 'nonce-abc123'; style-src 'nonce-abc123'r#rs rtest_nonce_include_inrs  )F *,24rc@t`td}td|yr)rrrrrs rtest_nonce_include_in_absentr#s%  )F 16:r)z%r != %r); __future__rrsix django.confrdjango.test.utilsrdjango.utils.functionalr csp.utilsrrrr text_type lazy_literalr r$r(r,r/r2r6r:r>rBrErHrKrOrSrUrYr\r`rfrhrmrorrrtrvryr|rrrrrrrrrrrrrrrrrrs& /(", *  GS]]+ M>#BC<D< =/2D3D  7I8I  7I8I =/2D3D ]O4F5F -1C2C }o6H7H }o6H7H  /A0A -1C2C -1C2C 0B1B M?3E4E 01C2C r"5#5 &)=*= ,v"67=8= 12  /0 A  /B0B A < /01/01M?3E4E 0B1B -1G2G  7I8I M?3E4E ]O4F5F =/2D3D %6$78J9J z2D3D *>P?P &GH6H6 6G7G t4E5E ; {(CD4E4;;r