public void Test_Execute()
{
IIntrusionDetector detector = Esapi.IntrusionDetector;
string url = Guid.NewGuid().ToString();
RedirectAction action = new RedirectAction(url);
// Set context
MockHttpContext.InitializeCurrentContext();
SurrogateWebPage page = new SurrogateWebPage();
HttpContext.Current.Handler = page;
// Block
try {
Assert.AreNotEqual(HttpContext.Current.Request.RawUrl, action.Url);
action.Execute(ActionArgs.Empty);
Assert.Fail("Request not terminated");
}
catch (Exception exp) {
// FIXME : so far there is no other way to test the redirect except to check
// the stack of the exception. Ideally we should be able to mock the request
// redirect itself
Assert.IsTrue(exp.StackTrace.Contains("at System.Web.HttpResponse.Redirect(String url, Boolean endResponse)"));
}
}
public void Test_Execute()
{
IntrusionDetector detector = Esapi.IntrusionDetector as IntrusionDetector;
Assert.IsNotNull(detector);
// Should be loaded by default
BlockAction action = new BlockAction();
// Set context
MockHttpContext.InitializeCurrentContext();
SurrogateWebPage page = new SurrogateWebPage();
HttpContext.Current.Handler = page;
// Block
Assert.AreNotEqual(HttpContext.Current.Response.StatusCode, action.StatusCode);
action.Execute(ActionArgs.Empty);
Assert.AreEqual(HttpContext.Current.Response.StatusCode, action.StatusCode);
}
