-
Notifications
You must be signed in to change notification settings - Fork 36
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: STRF-11673 Add nonce helper (#299)
- Loading branch information
Showing
6 changed files
with
88 additions
and
9 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
'use strict'; | ||
|
||
const factory = globals => { | ||
return function() { | ||
const params = globals.getRequestParams(); | ||
if (params && params.security && params.security.nonce) { | ||
return ` nonce="${params.security.nonce}"`; | ||
} | ||
return '' | ||
}; | ||
}; | ||
|
||
module.exports = [{ | ||
name: 'nonce', | ||
factory: factory, | ||
}]; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,38 @@ | ||
const Lab = require('lab'); | ||
const lab = exports.lab = Lab.script(); | ||
const { describe, it} = lab; | ||
const {testRunner, buildRenderer, randomString} = require('../spec-helpers'); | ||
|
||
describe('nonce helper', function () { | ||
const context = {} | ||
|
||
it('should render a nonce html attribute with the correct value from request params', function (done) { | ||
const requestParams = { | ||
security: { | ||
nonce: randomString() | ||
}, | ||
} | ||
const renderer = buildRenderer({}, {}, {}, null, requestParams); | ||
const runTestCases = testRunner({context, renderer}); | ||
runTestCases([ | ||
{ | ||
input: '{{nonce}}', | ||
output: ' nonce="' + requestParams.security.nonce + '"', | ||
}, | ||
], done); | ||
}); | ||
|
||
it('should not render a nonce since request param is empty', function (done) { | ||
const requestParams = { | ||
security: {}, | ||
} | ||
const renderer = buildRenderer({}, {}, {}, null, requestParams); | ||
const runTestCases = testRunner({context, renderer}); | ||
runTestCases([ | ||
{ | ||
input: '{{nonce}}', | ||
output: '', | ||
}, | ||
], done); | ||
}); | ||
}); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters