getRequest()->setMethod('GET'); $this->dispatch('csputil/csp/aware'); $header = $this->getResponse()->getHeader('Content-Security-Policy'); $this->assertNotEmpty($header); $this->assertStringContainsString( 'script-src https://controller.magento.com' .' \'self\' \'sha256-H4RRnauTM2X2Xg/z9zkno1crqhsaY3uKKu97uwmnXXE=\'', $header->getFieldValue() ); } }