package io.vertx.ext.web.tests.handler;

import io.vertx.core.http.HttpMethod;
import io.vertx.ext.web.handler.CSPHandler;
import io.vertx.ext.web.tests.WebTestBase;
import org.junit.Test;

/* loaded from: input_file:io/vertx/ext/web/tests/handler/CSPHandlerTest.class */
public class CSPHandlerTest extends WebTestBase {
    @Test
    public void testCSPDefault() throws Exception {
        this.router.route().handler(CSPHandler.create());
        this.router.route().handler(routingContext -> {
            routingContext.response().end();
        });
        testRequest(HttpMethod.GET, "/", null, httpClientResponse -> {
            assertEquals("default-src 'self'", httpClientResponse.getHeader("Content-Security-Policy"));
        }, 200, "OK", null);
    }

    @Test
    public void testCSPCustom() throws Exception {
        this.router.route().handler(CSPHandler.create().addDirective("default-src", "*.trusted.com"));
        this.router.route().handler(routingContext -> {
            routingContext.response().end();
        });
        testRequest(HttpMethod.GET, "/", null, httpClientResponse -> {
            assertEquals("default-src 'self' *.trusted.com", httpClientResponse.getHeader("Content-Security-Policy"));
        }, 200, "OK", null);
    }

    @Test
    public void testCSPMulti() throws Exception {
        this.router.route().handler(CSPHandler.create().addDirective("img-src", "*").addDirective("media-src", "media1.com media2.com").addDirective("script-src", "userscripts.example.com"));
        this.router.route().handler(routingContext -> {
            routingContext.response().end();
        });
        testRequest(HttpMethod.GET, "/", null, httpClientResponse -> {
            assertEquals("default-src 'self'; img-src *; media-src media1.com media2.com; script-src userscripts.example.com", httpClientResponse.getHeader("Content-Security-Policy"));
        }, 200, "OK", null);
    }

    @Test
    public void testCSPReporting() throws Exception {
        this.router.route().handler(CSPHandler.create().setReportOnly(true).addDirective("report-uri", "http://reportcollector.example.com/collector.cgi"));
        this.router.route().handler(routingContext -> {
            routingContext.response().end();
        });
        testRequest(HttpMethod.GET, "/", null, httpClientResponse -> {
            assertEquals("default-src 'self'; report-uri http://reportcollector.example.com/collector.cgi", httpClientResponse.getHeader("Content-Security-Policy-Report-Only"));
        }, 200, "OK", null);
    }

    @Test
    public void testCSPReportingWithoutUri() throws Exception {
        this.router.route().handler(CSPHandler.create().setReportOnly(true));
        this.router.route().handler(routingContext -> {
            routingContext.response().end();
        });
        testRequest(HttpMethod.GET, "/", 500, "Internal Server Error");
    }
}
