public static void CheckSameSite(this AppendCookieContext context)
{
if (context.CookieOptions.SameSite == SameSiteMode.None)
{
var userAgent = context.Context.Request.Headers["User-Agent"].ToString();
if (DisallowsSameSiteNone(userAgent))
{
context.CookieOptions.SameSite = SameSiteMode.Unspecified;
}
}
}
public void HandleSameSiteCookieCompatibility_CustomFilter_ExecutesSuccessfully(SameSiteMode initialSameSiteMode, SameSiteMode expectedSameSiteMode, bool expectedEventCalled, string userAgent)
{
_httpContext.Request.Headers.Add(Constants.UserAgent, userAgent);
var appendCookieOptions = new CookieOptions()
{
SameSite = initialSameSiteMode
};
var deleteCookieOptions = new CookieOptions()
{
SameSite = initialSameSiteMode
};
var appendCookieContext = new AppendCookieContext(_httpContext, appendCookieOptions, _cookieName, _cookieValue);
var deleteCookieContext = new DeleteCookieContext(_httpContext, deleteCookieOptions, _cookieName);
var appendEventCalled = false;
var deleteEventCalled = false;
_cookiePolicyOptions.HandleSameSiteCookieCompatibility((userAgent) =>
{
appendEventCalled = true;
return(CookiePolicyOptionsExtensions.DisallowsSameSiteNone(userAgent));
});
Assert.Equal(SameSiteMode.Unspecified, _cookiePolicyOptions.MinimumSameSitePolicy);
_cookiePolicyOptions.OnAppendCookie(appendCookieContext);
Assert.Equal(expectedSameSiteMode, appendCookieOptions.SameSite);
Assert.Equal(expectedEventCalled, appendEventCalled);
_cookiePolicyOptions.HandleSameSiteCookieCompatibility((userAgent) =>
{
deleteEventCalled = true;
return(CookiePolicyOptionsExtensions.DisallowsSameSiteNone(userAgent));
});
_cookiePolicyOptions.OnDeleteCookie(deleteCookieContext);
Assert.Equal(expectedSameSiteMode, deleteCookieOptions.SameSite);
Assert.Equal(expectedEventCalled, deleteEventCalled);
}
public void HandleSameSiteCookieCompatibility_Default_ExecutesSuccessfully(SameSiteMode initialSameSiteMode, SameSiteMode expectedSameSiteMode, string userAgent)
{
_httpContext.Request.Headers.Add(_userAgentHeaderName, userAgent);
var appendCookieOptions = new CookieOptions()
{
SameSite = initialSameSiteMode
};
var deleteCookieOptions = new CookieOptions()
{
SameSite = initialSameSiteMode
};
var appendCookieContext = new AppendCookieContext(_httpContext, appendCookieOptions, _cookieName, _cookieValue);
var deleteCookieContext = new DeleteCookieContext(_httpContext, deleteCookieOptions, _cookieName);
_cookiePolicyOptions.HandleSameSiteCookieCompatibility();
Assert.Equal(SameSiteMode.Unspecified, _cookiePolicyOptions.MinimumSameSitePolicy);
_cookiePolicyOptions.OnAppendCookie(appendCookieContext);
Assert.Equal(expectedSameSiteMode, appendCookieOptions.SameSite);
_cookiePolicyOptions.OnDeleteCookie(deleteCookieContext);
Assert.Equal(expectedSameSiteMode, deleteCookieOptions.SameSite);
}
