mirror of
https://github.com/BookStackApp/BookStack.git
synced 2024-10-01 01:36:00 -04:00
92922288dd
Added iframe CSP headers with configuration via .env. Updated session cookies to be lax by default, dynamically changing to none when iframes configured to allow third-party control. Updated cookie security to be auto-secure if a https APP_URL is set. Related to #2427 and #2207.
60 lines
2.6 KiB
XML
60 lines
2.6 KiB
XML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<phpunit backupGlobals="false"
|
|
backupStaticAttributes="false"
|
|
bootstrap="vendor/autoload.php"
|
|
colors="true"
|
|
convertErrorsToExceptions="true"
|
|
convertNoticesToExceptions="true"
|
|
convertWarningsToExceptions="true"
|
|
processIsolation="false"
|
|
stopOnFailure="false">
|
|
<testsuites>
|
|
<testsuite name="Application Test Suite">
|
|
<directory>./tests/</directory>
|
|
</testsuite>
|
|
</testsuites>
|
|
<filter>
|
|
<whitelist>
|
|
<directory suffix=".php">app/</directory>
|
|
</whitelist>
|
|
</filter>
|
|
<php>
|
|
<server name="APP_ENV" value="testing"/>
|
|
<server name="APP_DEBUG" value="false"/>
|
|
<server name="APP_LANG" value="en"/>
|
|
<server name="APP_THEME" value="none"/>
|
|
<server name="APP_AUTO_LANG_PUBLIC" value="true"/>
|
|
<server name="APP_URL" value="http://bookstack.dev"/>
|
|
<server name="ALLOWED_IFRAME_HOSTS" value=""/>
|
|
<server name="CACHE_DRIVER" value="array"/>
|
|
<server name="SESSION_DRIVER" value="array"/>
|
|
<server name="QUEUE_CONNECTION" value="sync"/>
|
|
<server name="DB_CONNECTION" value="mysql_testing"/>
|
|
<server name="BCRYPT_ROUNDS" value="4"/>
|
|
<server name="MAIL_DRIVER" value="array"/>
|
|
<server name="LOG_CHANNEL" value="single"/>
|
|
<server name="AUTH_METHOD" value="standard"/>
|
|
<server name="DISABLE_EXTERNAL_SERVICES" value="true"/>
|
|
<server name="AVATAR_URL" value=""/>
|
|
<server name="LDAP_VERSION" value="3"/>
|
|
<server name="SESSION_SECURE_COOKIE" value="null"/>
|
|
<server name="STORAGE_TYPE" value="local"/>
|
|
<server name="STORAGE_ATTACHMENT_TYPE" value="local"/>
|
|
<server name="STORAGE_IMAGE_TYPE" value="local"/>
|
|
<server name="GITHUB_APP_ID" value="aaaaaaaaaaaaaa"/>
|
|
<server name="GITHUB_APP_SECRET" value="aaaaaaaaaaaaaa"/>
|
|
<server name="GITHUB_AUTO_REGISTER" value=""/>
|
|
<server name="GITHUB_AUTO_CONFIRM_EMAIL" value=""/>
|
|
<server name="GOOGLE_APP_ID" value="aaaaaaaaaaaaaa"/>
|
|
<server name="GOOGLE_APP_SECRET" value="aaaaaaaaaaaaaa"/>
|
|
<server name="GOOGLE_AUTO_REGISTER" value=""/>
|
|
<server name="GOOGLE_AUTO_CONFIRM_EMAIL" value=""/>
|
|
<server name="GOOGLE_SELECT_ACCOUNT" value=""/>
|
|
<server name="DEBUGBAR_ENABLED" value="false"/>
|
|
<server name="SAML2_ENABLED" value="false"/>
|
|
<server name="API_REQUESTS_PER_MIN" value="180"/>
|
|
<server name="LOG_FAILED_LOGIN_MESSAGE" value=""/>
|
|
<server name="LOG_FAILED_LOGIN_CHANNEL" value="testing"/>
|
|
</php>
|
|
</phpunit>
|