protected CspBlockAllMixedContentAttributeBase()
{
_directive = new CspMixedContentOverride {
Enabled = true
};
_configurationOverrideHelper = new CspConfigurationOverrideHelper();
_headerOverrideHelper = new HeaderOverrideHelper(new CspReportHelper());
}
public void GetOverridenCspMixedContentConfig_EnableOverride_OverridesEnabled(bool expectedResult)
{
var directiveConfig = new CspMixedContentDirectiveConfiguration {
Enabled = !expectedResult
};
var directiveOverride = new CspMixedContentOverride {
Enabled = expectedResult
};
var newConfig = _overrideHelper.GetOverridenCspMixedContentConfig(directiveOverride, directiveConfig);
Assert.Equal(expectedResult, newConfig.Enabled);
}
public void SetCspMixedContentOverride(IHttpContextWrapper context, CspMixedContentOverride config, Boolean reportOnly)
{
var overrides = _contextConfigurationHelper.GetCspConfigurationOverride(context, reportOnly, false);
var directiveToOverride = overrides.MixedContentDirective;
if (directiveToOverride == null)
{
var baseConfig = _contextConfigurationHelper.GetCspConfiguration(context, reportOnly);
directiveToOverride = _configMapper.GetCspMixedContentConfigCloned(baseConfig);
}
var newConfig = _cspDirectiveOverrideHelper.GetOverridenCspMixedContentConfig(config, directiveToOverride);
overrides.MixedContentDirective = newConfig;
}
public void SetCspMixedContentOverride_HasOverride_OverridesExistingOverride(bool reportOnly)
{
//There's an override for directive
var currentDirectiveOverride = new CspMixedContentDirectiveConfiguration();
var overrideConfig = new CspOverrideConfiguration {
MixedContentDirective = currentDirectiveOverride
};
_contextHelper.Setup(h => h.GetCspConfigurationOverride(It.IsAny <HttpContext>(), reportOnly, false)).Returns(overrideConfig);
//We need an override and a result.
var directiveOverride = new CspMixedContentOverride();
var directiveOverrideResult = new CspMixedContentDirectiveConfiguration();
_directiveOverrideHelper.Setup(h => h.GetOverridenCspMixedContentConfig(directiveOverride, currentDirectiveOverride)).Returns(directiveOverrideResult);
_cspConfigurationOverrideHelper.SetCspMixedContentOverride(MockContext, directiveOverride, reportOnly);
//Verify that the override result was set on the override config.
Assert.Same(directiveOverrideResult, overrideConfig.MixedContentDirective);
}
public void SetCspMixedContentOverride_NoCurrentOverride_ClonesConfigFromContextAndOverrides(bool reportOnly)
{
var contextConfig = new CspConfiguration();
var overrideConfig = new CspOverrideConfiguration();
//Returns CSP config from context
_contextHelper.Setup(h => h.GetCspConfiguration(It.IsAny <HttpContext>(), reportOnly)).Returns(contextConfig);
_contextHelper.Setup(h => h.GetCspConfigurationOverride(It.IsAny <HttpContext>(), reportOnly, false)).Returns(overrideConfig);
//Returns cloned directive config from context config
var clonedContextDirective = new CspMixedContentDirectiveConfiguration();
_directiveConfigMapper.Setup(m => m.GetCspMixedContentConfigCloned(contextConfig)).Returns(clonedContextDirective);
//We need an override and a result.
var directiveOverride = new CspMixedContentOverride();
var directiveOverrideResult = new CspMixedContentDirectiveConfiguration();
_directiveOverrideHelper.Setup(h => h.GetOverridenCspMixedContentConfig(directiveOverride, clonedContextDirective)).Returns(directiveOverrideResult);
_cspConfigurationOverrideHelper.SetCspMixedContentOverride(MockContext, directiveOverride, reportOnly);
//Verify that the override result was set on the override config.
Assert.Same(directiveOverrideResult, overrideConfig.MixedContentDirective);
}
public ICspMixedContentDirectiveConfiguration GetOverridenCspMixedContentConfig(CspMixedContentOverride directiveOverride,
ICspMixedContentDirectiveConfiguration directiveConfig)
{
var result = directiveConfig ?? new CspMixedContentDirectiveConfiguration();
result.Enabled = directiveOverride.Enabled;
return(result);
}
