public void SetNoCacheHeaders_OverrideAndEnabled_SetsCacheHeaders()
{
var responseHeaders = new HeaderDictionary();
var response = new Mock <HttpResponse>();
response.Setup(r => r.Headers).Returns(responseHeaders);
Mock.Get(_mockContext).Setup(c => c.Response).Returns(response.Object);
var overrideConfig = new SimpleBooleanConfiguration {
Enabled = true
};
_configurationOverrideHelper.Setup(h => h.GetNoCacheHeadersWithOverride(It.IsAny <HttpContext>())).Returns(overrideConfig);
_overrideHelper.SetNoCacheHeaders(_mockContext);
var headers = response.Object.GetTypedHeaders();
var cachePolicy = headers.CacheControl;
var expiresHeader = responseHeaders["Expires"].Single();
var pragmaHeader = responseHeaders["Pragma"].Single();
Assert.True(cachePolicy.NoCache);
Assert.True(cachePolicy.NoStore);
Assert.True(cachePolicy.MustRevalidate);
Assert.Equal("-1", expiresHeader);
Assert.Equal("no-cache", pragmaHeader);
}
public void SetNoCacheHeaders_OverrideAndEnabled_SetsCacheHeaders()
{
//Get ASP.NET stuff in order
//var cachePolicy = new Mock<HttpCachePolicyBase>();
var responseHeaders = new HeaderDictionary();
var response = new Mock <HttpResponse>();
//response.Setup(r => r.Cache).Returns(cachePolicy.Object);
response.Setup(r => r.Headers).Returns(responseHeaders);
Mock.Get(_mockContext).Setup(c => c.Response).Returns(response.Object);
var overrideConfig = new SimpleBooleanConfiguration {
Enabled = true
};
_configurationOverrideHelper.Setup(h => h.GetNoCacheHeadersWithOverride(It.IsAny <HttpContext>())).Returns(overrideConfig);
_overrideHelper.SetNoCacheHeaders(_mockContext);
var headers = response.Object.GetTypedHeaders();
var cachePolicy = headers.CacheControl;
var expiresHeader = responseHeaders["Expires"].Single();
var pragmaHeader = responseHeaders["Pragma"].Single();
Assert.IsTrue(cachePolicy.NoCache);
Assert.IsTrue(cachePolicy.NoStore);
Assert.IsTrue(cachePolicy.MustRevalidate);
Assert.AreEqual("-1", expiresHeader);
Assert.AreEqual("no-cache", pragmaHeader);
//cachePolicy.Verify(c => c.SetCacheability(HttpCacheability.NoCache), Times.Once());
//cachePolicy.Verify(c => c.SetNoStore(), Times.Once());
//cachePolicy.Verify(c => c.SetRevalidation(HttpCacheRevalidation.AllCaches), Times.Once());
}
public void SetNoCacheHeaders_OverrideAndDisabled_DoesNothing()
{
//Get ASP.NET stuff in order
//var cachePolicy = new Mock<HttpCachePolicyBase>();
var responseHeaders = new HeaderDictionary();
var response = new Mock <HttpResponse>();
//response.Setup(r => r.Cache).Returns(cachePolicy.Object);
response.Setup(r => r.Headers).Returns(responseHeaders);
Mock.Get(_mockContext).Setup(c => c.Response).Returns(response.Object);
var overrideConfig = new SimpleBooleanConfiguration {
Enabled = false
};
_configurationOverrideHelper.Setup(h => h.GetNoCacheHeadersWithOverride(It.IsAny <HttpContext>())).Returns(overrideConfig);
_overrideHelper.SetNoCacheHeaders(_mockContext);
//TODO cleanup
//cachePolicy.Verify(c => c.SetCacheability(It.IsAny<HttpCacheability>()), Times.Never());
//cachePolicy.Verify(c => c.SetNoStore(), Times.Never());
//cachePolicy.Verify(c => c.SetRevalidation(It.IsAny<HttpCacheRevalidation>()), Times.Never());
Assert.IsEmpty(responseHeaders);
}
/// <summary>
/// Initializes a new instance of the <see cref="XContentTypeOptionsAttribute"/> class
/// </summary>
public XContentTypeOptionsAttribute()
{
_config = new SimpleBooleanConfiguration {
Enabled = true
};
_headerConfigurationOverrideHelper = new HeaderConfigurationOverrideHelper();
_headerOverrideHelper = new HeaderOverrideHelper();
}
/// <summary>
/// Initializes a new instance of the <see cref="SetNoCacheHttpHeadersAttribute"/> class
/// </summary>
public SetNoCacheHttpHeadersAttribute()
{
_config = new SimpleBooleanConfiguration {
Enabled = true
};
_configurationOverrideHelper = new HeaderConfigurationOverrideHelper();
_headerOverrideHelper = new HeaderOverrideHelper();
}
/// <summary>
/// Initializes a new instance of the <see cref="XDownloadOptionsAttribute"/> class
/// </summary>
public XDownloadOptionsAttribute()
{
_config = new SimpleBooleanConfiguration {
Enabled = true
};
_headerConfigurationOverrideHelper = new HeaderConfigurationOverrideHelper();
_headerOverrideHelper = new HeaderOverrideHelper(new CspReportHelper());
}
public void GetXDownloadOptionsWithOverride_ConfigOverriden_ReturnsOverrideElement()
{
var configOverride = new SimpleBooleanConfiguration {
Enabled = true
};
_headerConfigurationOverrideHelper.SetXDownloadOptionsOverride(_mockContext, configOverride);
Assert.AreSame(configOverride, _headerConfigurationOverrideHelper.GetXDownloadOptionsWithOverride(_mockContext));
}
public void GetXDownloadOptionsConfiguration_NoOwinContext_ReturnsSystemWebConfig()
{
var config = new SimpleBooleanConfiguration();
_systemWebContext.XDownloadOptions = config;
var result = _contextHelper.GetXDownloadOptionsConfiguration(_mockContext);
Assert.Same(config, result);
}
public void CreateXContentTypeOptionsResult_Disabled_ReturnsNull()
{
var contentTypeOptions = new SimpleBooleanConfiguration {
Enabled = false
};
var result = _generator.CreateXContentTypeOptionsResult(contentTypeOptions);
Assert.IsNull(result);
}
public void CreateXDownloadOptionsResult_Disabled_ReturnsNull()
{
var downloadOptions = new SimpleBooleanConfiguration {
Enabled = false
};
var result = _generator.CreateXDownloadOptionsResult(downloadOptions);
Assert.Null(result);
}
public void GetXContentTypeOptionsConfiguration_ReturnsContextConfig()
{
var config = new SimpleBooleanConfiguration();
_nwContext.XContentTypeOptions = config;
var result = _contextHelper.GetXContentTypeOptionsConfiguration(_mockContext);
Assert.Same(config, result);
}
public void GetXDownloadOptionsConfiguration_HasOwinConfig_ReturnsOwinConfig()
{
SetupOwinContext();
var config = new SimpleBooleanConfiguration();
_owinContext.XDownloadOptions = config;
var result = _contextHelper.GetXDownloadOptionsConfiguration(_mockContext);
Assert.Same(config, result);
}
public void GetXContentTypeOptionsConfiguration_OwinContextWithoutConfig_ReturnsSystemWebConfig()
{
SetupOwinContext();
var config = new SimpleBooleanConfiguration();
_systemWebContext.XContentTypeOptions = config;
var result = _contextHelper.GetXContentTypeOptionsConfiguration(_mockContext);
Assert.Same(config, result);
}
public void SetNoCacheHeaders_OverrideAndEnabled_SetsCacheHeaders()
{
var overrideConfig = new SimpleBooleanConfiguration {
Enabled = true
};
_configurationOverrideHelper.Setup(h => h.GetNoCacheHeadersWithOverride(It.IsAny <IHttpContextWrapper>())).Returns(overrideConfig);
_overrideHelper.SetNoCacheHeaders(_httpContext);
Mock.Get(_httpContext).Verify(ctx => ctx.SetNoCacheHeaders(), Times.Once);
}
public void SetXDownloadOptionsHeader_NoOverride_DoesNothing()
{
var contextConfig = new SimpleBooleanConfiguration();
_contextHelper.Setup(h => h.GetXDownloadOptionsConfiguration(It.IsAny <HttpContextBase>())).Returns(contextConfig);
_configurationOverrideHelper.Setup(h => h.GetXDownloadOptionsWithOverride(It.IsAny <HttpContextBase>())).Returns((SimpleBooleanConfiguration)null);
_overrideHelper.SetXDownloadOptionsHeader(_mockContext);
_headerGenerator.Verify(g => g.CreateXDownloadOptionsResult(It.IsAny <SimpleBooleanConfiguration>(), It.IsAny <SimpleBooleanConfiguration>()), Times.Never);
_headerResultHandler.Verify(h => h.HandleHeaderResult(It.IsAny <HttpResponseBase>(), It.IsAny <HeaderResult>()), Times.Never);
}
public void CreateXContentTypeOptionsResult_Enabled_ReturnsSetXXContentTypeOptionsResult()
{
var contentTypeOptions = new SimpleBooleanConfiguration {
Enabled = true
};
var result = _generator.CreateXContentTypeOptionsResult(contentTypeOptions);
Assert.NotNull(result);
Assert.Equal(HeaderResult.ResponseAction.Set, result.Action);
Assert.Equal("X-Content-Type-Options", result.Name);
Assert.Equal("nosniff", result.Value);
}
public void CreateXDownloadOptionsResult_Enabled_ReturnsSetXDownloadOptionsResult()
{
var downloadOptions = new SimpleBooleanConfiguration {
Enabled = true
};
var result = _generator.CreateXDownloadOptionsResult(downloadOptions);
Assert.NotNull(result);
Assert.Equal(HeaderResult.ResponseAction.Set, result.Action);
Assert.Equal("X-Download-Options", result.Name);
Assert.Equal("noopen", result.Value);
}
public void SetXDownloadOptionsHeader_Override_CreatesAndHandlesHeaderResult()
{
var contextConfig = new SimpleBooleanConfiguration();
var overrideConfig = new SimpleBooleanConfiguration();
_contextHelper.Setup(h => h.GetXDownloadOptionsConfiguration(It.IsAny <HttpContextBase>())).Returns(contextConfig);
_configurationOverrideHelper.Setup(h => h.GetXDownloadOptionsWithOverride(It.IsAny <HttpContextBase>())).Returns(overrideConfig);
_headerGenerator.Setup(g => g.CreateXDownloadOptionsResult(overrideConfig, contextConfig)).Returns(_expectedHeaderResult);
_overrideHelper.SetXDownloadOptionsHeader(_mockContext);
_headerResultHandler.Verify(h => h.HandleHeaderResult(It.IsAny <HttpResponseBase>(), _expectedHeaderResult), Times.Once);
}
public void SetXContentTypeOptionsHeader_Override_CreatesAndHandlesHeaderResult()
{
var contextConfig = new SimpleBooleanConfiguration();
var overrideConfig = new SimpleBooleanConfiguration();
_contextHelper.Setup(h => h.GetXContentTypeOptionsConfiguration(It.IsAny <IHttpContextWrapper>())).Returns(contextConfig);
_configurationOverrideHelper.Setup(h => h.GetXContentTypeOptionsWithOverride(It.IsAny <IHttpContextWrapper>())).Returns(overrideConfig);
_headerGenerator.Setup(g => g.CreateXContentTypeOptionsResult(overrideConfig, contextConfig)).Returns(_expectedHeaderResult);
_overrideHelper.SetXContentTypeOptionsHeader(_httpContext);
_headerResultHandler.Verify(h => h.HandleHeaderResult(_httpContext, _expectedHeaderResult), Times.Once);
}
public void CreateXContentTypeOptionsResult_DisabledButEnabledInOldConfig_ReturnsRemoveXXContentTypeOptionsResult()
{
var contentTypeOptions = new SimpleBooleanConfiguration {
Enabled = false
};
var oldcontentTypeOptions = new SimpleBooleanConfiguration {
Enabled = true
};
var result = _generator.CreateXContentTypeOptionsResult(contentTypeOptions, oldcontentTypeOptions);
Assert.IsNotNull(result);
Assert.AreEqual(HeaderResult.ResponseAction.Remove, result.Action);
Assert.AreEqual("X-Content-Type-Options", result.Name);
}
public void CreateXDownloadOptionsResult_DisabledButEnabledInOldConfig_ReturnsRemoveXDownloadOptionsResult()
{
var downloadOptions = new SimpleBooleanConfiguration {
Enabled = false
};
var oldDownloadOptions = new SimpleBooleanConfiguration {
Enabled = true
};
var result = _generator.CreateXDownloadOptionsResult(downloadOptions, oldDownloadOptions);
Assert.NotNull(result);
Assert.Equal(HeaderResult.ResponseAction.Remove, result.Action);
Assert.Equal("X-Download-Options", result.Name);
}
public void SetNoCacheHeaders_OverrideAndDisabled_DoesNothing()
{
var responseHeaders = new HeaderDictionary();
var response = new Mock <HttpResponse>();
response.Setup(r => r.Headers).Returns(responseHeaders);
Mock.Get(_mockContext).Setup(c => c.Response).Returns(response.Object);
var overrideConfig = new SimpleBooleanConfiguration {
Enabled = false
};
_configurationOverrideHelper.Setup(h => h.GetNoCacheHeadersWithOverride(It.IsAny <HttpContext>())).Returns(overrideConfig);
_overrideHelper.SetNoCacheHeaders(_mockContext);
Assert.Empty(responseHeaders);
}
public void SetNoCacheHeaders_OverrideAndEnabled_SetsCacheHeaders()
{
//Get ASP.NET stuff in order
var cachePolicy = new Mock <HttpCachePolicyBase>();
var responseHeaders = new NameValueCollection();
var response = new Mock <HttpResponseBase>();
response.Setup(r => r.Cache).Returns(cachePolicy.Object);
response.Setup(r => r.Headers).Returns(responseHeaders);
Mock.Get(_mockContext).Setup(c => c.Response).Returns(response.Object);
var overrideConfig = new SimpleBooleanConfiguration {
Enabled = true
};
_configurationOverrideHelper.Setup(h => h.GetNoCacheHeadersWithOverride(It.IsAny <HttpContextBase>())).Returns(overrideConfig);
_overrideHelper.SetNoCacheHeaders(_mockContext);
cachePolicy.Verify(c => c.SetCacheability(HttpCacheability.NoCache), Times.Once());
cachePolicy.Verify(c => c.SetNoStore(), Times.Once());
cachePolicy.Verify(c => c.SetRevalidation(HttpCacheRevalidation.AllCaches), Times.Once());
}
