From 8e98f39d9ff865be2f54ef77700eb2ae749d11d7 Mon Sep 17 00:00:00 2001
From: Kane York <kanepyork@gmail.com>
Date: Tue, 17 Mar 2020 15:23:46 -0700
Subject: [PATCH] Add spec for CSP subfolder

---
 spec/lib/content_security_policy_spec.rb | 29 ++++++++++++++++++++++++
 1 file changed, 29 insertions(+)

diff --git a/spec/lib/content_security_policy_spec.rb b/spec/lib/content_security_policy_spec.rb
index 593ae9d1c0c..85b8c31e3a9 100644
--- a/spec/lib/content_security_policy_spec.rb
+++ b/spec/lib/content_security_policy_spec.rb
@@ -99,6 +99,35 @@ describe ContentSecurityPolicy do
         http://test.localhost/extra-locales/
       ])
     end
+
+    it 'adds subfolder to CDN assets' do
+      set_cdn_url('https://cdn.com')
+      set_subfolder('/forum')
+
+      script_srcs = parse(policy)['script-src']
+      expect(script_srcs).to include(*%w[
+        https://cdn.com/forum/assets/
+        https://cdn.com/forum/brotli_asset/
+        https://cdn.com/forum/highlight-js/
+        https://cdn.com/forum/javascripts/
+        https://cdn.com/forum/plugins/
+        https://cdn.com/forum/theme-javascripts/
+        http://test.localhost/forum/extra-locales/
+      ])
+
+      global_setting(:s3_cdn_url, 'https://s3-cdn.com')
+
+      script_srcs = parse(policy)['script-src']
+      expect(script_srcs).to include(*%w[
+        https://s3-cdn.com/assets/
+        https://s3-cdn.com/brotli_asset/
+        https://cdn.com/forum/highlight-js/
+        https://cdn.com/forum/javascripts/
+        https://cdn.com/forum/plugins/
+        https://cdn.com/forum/theme-javascripts/
+        http://test.localhost/forum/extra-locales/
+      ])
+    end
   end
 
   it 'can be extended by plugins' do