public void GivenValidTextWhenChallengingValidationThenSecurityThreatDiagnosticsMustRaiseExceptionDueToFoundInjection()
{
string validXml = "This is a valid content.";
validation.Payload = validXml;
options.MaxIterations = 2;
SecurityThreatDiagnosticsResult result = SecurityThreatDiagnostics.ChallengeAgainstSecurityThreats(validation, options, CancellationToken.None);
Assert.IsTrue(result.IsValid);
}
public void GivenStandardHeaderInWhenChallengingHeadersForValidationThenSecurityThreatDiagnosticsMustByPassRelevantHeaders()
{
WhiteListedHeaders whiteListedHeaders = new WhiteListedHeaders();
whiteListedHeaders.AllowedHttpHeaders = new [] { StaticHeader };
whiteListedHeaders.CurrentHttpHeaders = new Dictionary <string, string>();
whiteListedHeaders.CurrentHttpHeaders.Add("Authorization: ", "Bearer hashme");
SecurityThreatDiagnosticsResult result = SecurityThreatDiagnostics.ChallengeSecurityHeaders(whiteListedHeaders, options, CancellationToken.None);
Assert.IsTrue(result.IsValid);
}