internal void ValidateIfRedirect(HttpContextBase context)
        {
            if (!Config.Enabled)
            {
                return;
            }

            var response = context.Response;

            if (!_redirectValidator.IsRedirectStatusCode(response.StatusCode))
            {
                return;
            }

            var redirectLocation = response.RedirectLocation;

            if (String.IsNullOrEmpty(redirectLocation))
            {
                redirectLocation = response.Headers["Location"];
                if (String.IsNullOrEmpty(redirectLocation))
                {
                    throw new Exception(String.Format("Response had statuscode {0}, but Location header was null or the empty string.", response.StatusCode));
                }
            }

            var requestUri = context.Request.Url;

            if (requestUri == null)
            {
                throw new Exception("The current request's url was null.");
            }

            _redirectValidator.ValidateRedirect(context.Response.StatusCode, redirectLocation, requestUri, Config);
        }
        internal override void PostInvokeNext(HttpContext context)
        {
            var statusCode = context.Response.StatusCode;

            if (!_redirectValidator.IsRedirectStatusCode(statusCode))
            {
                return;
            }

            var scheme      = context.Request.Scheme;
            var hostandport = context.Request.Host;
            var requestUri  = new Uri(scheme + "://" + hostandport);

            _redirectValidator.ValidateRedirect(statusCode, context.Response.Headers["Location"], requestUri, _config);
        }
        internal override void PostInvokeNext(OwinEnvironment environment)
        {
            var statusCode = environment.ResponseStatusCode;

            if (!_redirectValidator.IsRedirectStatusCode(statusCode))
            {
                return;
            }

            var scheme      = environment.RequestScheme;
            var hostandport = environment.RequestHeaders.Host;
            var requestUri  = new Uri(scheme + "://" + hostandport);

            _redirectValidator.ValidateRedirect(statusCode, environment.ResponseHeaders.Location, requestUri, _config);
        }
        public void ValidateRedirect_DisabledAndRedirect_NoException()
        {
            const int    statusCode = 302;
            const string location   = "http://evilsite.com";
            var          config     = new RedirectValidationConfiguration {
                Enabled = false
            };

            _redirectValidator.ValidateRedirect(statusCode, location, RequestUriHttps, config);
        }