protected CspBlockAllMixedContentAttributeBase() { _directive = new CspMixedContentOverride { Enabled = true }; _configurationOverrideHelper = new CspConfigurationOverrideHelper(); _headerOverrideHelper = new HeaderOverrideHelper(new CspReportHelper()); }
public void GetOverridenCspMixedContentConfig_EnableOverride_OverridesEnabled(bool expectedResult) { var directiveConfig = new CspMixedContentDirectiveConfiguration { Enabled = !expectedResult }; var directiveOverride = new CspMixedContentOverride { Enabled = expectedResult }; var newConfig = _overrideHelper.GetOverridenCspMixedContentConfig(directiveOverride, directiveConfig); Assert.Equal(expectedResult, newConfig.Enabled); }
public void SetCspMixedContentOverride(IHttpContextWrapper context, CspMixedContentOverride config, Boolean reportOnly) { var overrides = _contextConfigurationHelper.GetCspConfigurationOverride(context, reportOnly, false); var directiveToOverride = overrides.MixedContentDirective; if (directiveToOverride == null) { var baseConfig = _contextConfigurationHelper.GetCspConfiguration(context, reportOnly); directiveToOverride = _configMapper.GetCspMixedContentConfigCloned(baseConfig); } var newConfig = _cspDirectiveOverrideHelper.GetOverridenCspMixedContentConfig(config, directiveToOverride); overrides.MixedContentDirective = newConfig; }
public void SetCspMixedContentOverride_HasOverride_OverridesExistingOverride(bool reportOnly) { //There's an override for directive var currentDirectiveOverride = new CspMixedContentDirectiveConfiguration(); var overrideConfig = new CspOverrideConfiguration { MixedContentDirective = currentDirectiveOverride }; _contextHelper.Setup(h => h.GetCspConfigurationOverride(It.IsAny <HttpContext>(), reportOnly, false)).Returns(overrideConfig); //We need an override and a result. var directiveOverride = new CspMixedContentOverride(); var directiveOverrideResult = new CspMixedContentDirectiveConfiguration(); _directiveOverrideHelper.Setup(h => h.GetOverridenCspMixedContentConfig(directiveOverride, currentDirectiveOverride)).Returns(directiveOverrideResult); _cspConfigurationOverrideHelper.SetCspMixedContentOverride(MockContext, directiveOverride, reportOnly); //Verify that the override result was set on the override config. Assert.Same(directiveOverrideResult, overrideConfig.MixedContentDirective); }
public void SetCspMixedContentOverride_NoCurrentOverride_ClonesConfigFromContextAndOverrides(bool reportOnly) { var contextConfig = new CspConfiguration(); var overrideConfig = new CspOverrideConfiguration(); //Returns CSP config from context _contextHelper.Setup(h => h.GetCspConfiguration(It.IsAny <HttpContext>(), reportOnly)).Returns(contextConfig); _contextHelper.Setup(h => h.GetCspConfigurationOverride(It.IsAny <HttpContext>(), reportOnly, false)).Returns(overrideConfig); //Returns cloned directive config from context config var clonedContextDirective = new CspMixedContentDirectiveConfiguration(); _directiveConfigMapper.Setup(m => m.GetCspMixedContentConfigCloned(contextConfig)).Returns(clonedContextDirective); //We need an override and a result. var directiveOverride = new CspMixedContentOverride(); var directiveOverrideResult = new CspMixedContentDirectiveConfiguration(); _directiveOverrideHelper.Setup(h => h.GetOverridenCspMixedContentConfig(directiveOverride, clonedContextDirective)).Returns(directiveOverrideResult); _cspConfigurationOverrideHelper.SetCspMixedContentOverride(MockContext, directiveOverride, reportOnly); //Verify that the override result was set on the override config. Assert.Same(directiveOverrideResult, overrideConfig.MixedContentDirective); }
public ICspMixedContentDirectiveConfiguration GetOverridenCspMixedContentConfig(CspMixedContentOverride directiveOverride, ICspMixedContentDirectiveConfiguration directiveConfig) { var result = directiveConfig ?? new CspMixedContentDirectiveConfiguration(); result.Enabled = directiveOverride.Enabled; return(result); }