Add meta tag if it doesn't exist (#13)

Add meta tag if it doesn't exist

Author: Daniel-Khodabakhsh

plugin.js

@@ -93,16 +93,26 @@ class CspHtmlWebpackPlugin {
       decodeEntities: false
     });
 
+    let metaTag = $('meta[http-equiv="Content-Security-Policy"]');
+
     // if not enabled, remove the empty tag
     if (!this.isEnabled(htmlPluginData)) {
-      $('meta[http-equiv="Content-Security-Policy"]').remove();
+      metaTag.remove();
 
       // eslint-disable-next-line no-param-reassign
       htmlPluginData.html = $.html();
 
       return compileCb(null, htmlPluginData);
     }
 
+    // Add element if it doesn't exist.
+    if (!metaTag.length) {
+      metaTag = cheerio.load('<meta http-equiv="Content-Security-Policy">')(
+        'meta'
+      );
+      metaTag.appendTo($('head'));
+    }
+
     const policyObj = JSON.parse(JSON.stringify(this.policy));
 
     const inlineSrc = $('script:not([src])')
@@ -120,10 +130,7 @@ class CspHtmlWebpackPlugin {
       inlineStyle
     );
 
-    $('meta[http-equiv="Content-Security-Policy"]').attr(
-      'content',
-      this.buildPolicy(policyObj)
-    );
+    metaTag.attr('content', this.buildPolicy(policyObj));
 
     // eslint-disable-next-line no-param-reassign
     htmlPluginData.html = $.html();

spec/fixtures/with-no-meta-tag.html

@@ -0,0 +1,10 @@
+<!doctype html>
+<html lang="en-US">
+<head>
+    <meta name="author" content="Slack">
+    <title>Slack CSP HTML Webpack Plugin Tests</title>
+</head>
+<body>
+Body
+</body>
+</html>

spec/plugin.spec.js

@@ -286,6 +286,85 @@ describe('CspHtmlWebpackPlugin', () => {
     );
   });
 
+  it('adds meta tag with completed policy when no meta tag is specified', done => {
+    const webpackConfig = {
+      entry: path.join(__dirname, 'fixtures/index.js'),
+      output: {
+        path: OUTPUT_DIR,
+        filename: 'index.bundle.js'
+      },
+      plugins: [
+        new HtmlWebpackPlugin({
+          filename: path.join(OUTPUT_DIR, 'index.html'),
+          template: path.join(__dirname, 'fixtures', 'with-no-meta-tag.html'),
+          inject: 'body'
+        }),
+        new CspHtmlWebpackPlugin({
+          'base-uri': ["'self'", 'https://slack.com'],
+          'object-src': ["'self'"],
+          'script-src': ["'self'"],
+          'style-src': ["'self'"]
+        })
+      ]
+    };
+
+    testCspHtmlWebpackPlugin(
+      webpackConfig,
+      'index.html',
+      (cspPolicy, _, doneFn) => {
+        const expected =
+          "base-uri 'self' https://slack.com;" +
+          " object-src 'self';" +
+          " script-src 'self';" +
+          " style-src 'self'";
+
+        expect(cspPolicy).toEqual(expected);
+
+        doneFn();
+      },
+      done
+    );
+  });
+
+  it('adds meta tag with completed policy when no template is specified', done => {
+    const webpackConfig = {
+      entry: path.join(__dirname, 'fixtures/index.js'),
+      output: {
+        path: OUTPUT_DIR,
+        filename: 'index.bundle.js'
+      },
+      plugins: [
+        new HtmlWebpackPlugin({
+          filename: path.join(OUTPUT_DIR, 'index.html'),
+          inject: 'body'
+        }),
+        new CspHtmlWebpackPlugin({
+          'base-uri': ["'self'", 'https://slack.com'],
+          'object-src': ["'self'"],
+          'script-src': ["'self'"],
+          'style-src': ["'self'"]
+        })
+      ]
+    };
+
+    testCspHtmlWebpackPlugin(
+      webpackConfig,
+      'index.html',
+      (cspPolicy, _, doneFn) => {
+        const expected =
+          "base-uri 'self' https://slack.com;" +
+          " object-src 'self';" +
+          " script-src 'self';" +
+          " style-src 'self'";
+
+        expect(cspPolicy).toEqual(expected);
+
+        doneFn();
+      },
+      done
+    );
+  });
+
   it('throws an error if an invalid hashing method is used', () => {
     expect(() => {
       // eslint-disable-next-line no-new