Bug 1896687 - remove CSP dictionary from test because app only forwar…

…ds browser-generated CSP reports to reporting endpoint
mozilla · May 14, 2024 · e85d592 · e85d592
1 parent 3b40cf7
commit e85d592
Showing 1 changed file with 4 additions and 5 deletions.
diff --git a/tests/webapp/api/test_csp_report.py b/tests/webapp/api/test_csp_report.py
@@ -7,11 +7,10 @@ def test_valid_report(client):
     """Tests that a correctly formed CSP violation report is accepted when unauthenticated."""
     valid_report = {
         "csp-report": {
-            "blocked-uri": "https://treestatus.mozilla-releng.net/trees/autoland",
-            "document-uri": "http://localhost:8000/",
-            "original-policy": "...",
-            "referrer": "",
-            "violated-directive": "connect-src",
+            # The Content Security Policy report is a dictionary as documented at
+            # https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP#violation_report_syntax
+            # The app only forwards the browser-generate CSP report to the
+            # endpoint for the reports.
         }
     }
     response = client.post(