From e85d592b2735fb2bb16bd230245b1e9263e64598 Mon Sep 17 00:00:00 2001 From: Sebastian Hengst Date: Tue, 14 May 2024 17:56:39 +0200 Subject: [PATCH] Bug 1896687 - remove CSP dictionary from test because app only forwards browser-generated CSP reports to reporting endpoint --- tests/webapp/api/test_csp_report.py | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/tests/webapp/api/test_csp_report.py b/tests/webapp/api/test_csp_report.py index 590ad508d36..afc7187e198 100644 --- a/tests/webapp/api/test_csp_report.py +++ b/tests/webapp/api/test_csp_report.py @@ -7,11 +7,10 @@ def test_valid_report(client): """Tests that a correctly formed CSP violation report is accepted when unauthenticated.""" valid_report = { "csp-report": { - "blocked-uri": "https://treestatus.mozilla-releng.net/trees/autoland", - "document-uri": "http://localhost:8000/", - "original-policy": "...", - "referrer": "", - "violated-directive": "connect-src", + # The Content Security Policy report is a dictionary as documented at + # https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP#violation_report_syntax + # The app only forwards the browser-generate CSP report to the + # endpoint for the reports. } } response = client.post(