public void Validate_InvalidPreloadSubdomains_ThrowsException() { var config = new HstsConfiguration { MaxAge = new TimeSpan(18 * 7, 0, 0, 0), IncludeSubdomains = false, Preload = true }; Assert.Throws <Exception>(() => _validator.Validate(config)); }
public void Validate_ValidMaxAge_NoException() { var config = new HstsConfiguration { MaxAge = new TimeSpan(1) }; Assert.DoesNotThrow(() => _validator.Validate(config)); }
public void Validate_ValidPreload_NoException() { var config = new HstsConfiguration { MaxAge = new TimeSpan(18 * 7, 0, 0, 0), IncludeSubdomains = true, Preload = true }; Assert.DoesNotThrow(() => _validator.Validate(config)); }
public void Validate_ValidMaxAgeAndSubdomains_NoException() { var config = new HstsConfiguration { MaxAge = new TimeSpan(1), IncludeSubdomains = true }; _validator.Validate(config); }
public void Validate_ValidMaxAge_NoException() { var config = new HstsConfiguration { MaxAge = new TimeSpan(1) }; _validator.Validate(config); }
public void CreateHstsResult_LessThan18WeeksAndPreload_ReturnsNull() { var hstsConfig = new HstsConfiguration { MaxAge = new TimeSpan(18 * 7 - 1, 23, 59, 59), IncludeSubdomains = false, Preload = true }; var result = _generator.CreateHstsResult(hstsConfig); Assert.IsNull(result); }
public void CreateHstsResult_NegativeTimespanInConfig_ReturnsNull() { var hstsConfig = new HstsConfiguration { MaxAge = new TimeSpan(-1) }; var result = _generator.CreateHstsResult(hstsConfig); Assert.IsNull(result); }
public void CreateHstsResult_18WeeksWithPreload_ReturnsNull() { var hstsConfig = new HstsConfiguration { MaxAge = new TimeSpan(18 * 7, 0, 0, 0), IncludeSubdomains = false, Preload = true }; var result = _generator.CreateHstsResult(hstsConfig); Assert.Null(result); }
public void CreateHstsResult_18WeeksAndIncludesubdomainsWithPreload_ReturnsSetHstsPreloadResult() { var hstsConfig = new HstsConfiguration { MaxAge = new TimeSpan(18 * 7, 0, 0, 0), IncludeSubdomains = true, Preload = true }; var result = _generator.CreateHstsResult(hstsConfig); Assert.IsNotNull(result); Assert.AreEqual(HeaderResult.ResponseAction.Set, result.Action); Assert.AreEqual("Strict-Transport-Security", result.Name); Assert.AreEqual("max-age=10886400; includeSubdomains; preload", result.Value); }
public void CreateHstsResult_24hAndIncludesubdomainsConfig_ReturnsSetHstsIncludesubdomainsResult() { var hstsConfig = new HstsConfiguration { MaxAge = new TimeSpan(24, 0, 0), IncludeSubdomains = true }; var result = _generator.CreateHstsResult(hstsConfig); Assert.IsNotNull(result); Assert.AreEqual(HeaderResult.ResponseAction.Set, result.Action); Assert.AreEqual("Strict-Transport-Security", result.Name); Assert.AreEqual("max-age=86400; includeSubdomains", result.Value); }
public void CreateHstsResult_ZeroTimespanInConfig_ReturnsSetHstsResult() { var hstsConfig = new HstsConfiguration { MaxAge = new TimeSpan(0) }; var result = _generator.CreateHstsResult(hstsConfig); Assert.IsNotNull(result); Assert.AreEqual(HeaderResult.ResponseAction.Set, result.Action); Assert.AreEqual("Strict-Transport-Security", result.Name); Assert.AreEqual("max-age=0", result.Value); }
public SecureHeadersMiddlewareConfiguration() { UseHsts = false; UseHpkp = false; UseXFrameOptions = false; UseXssProtection = false; UseXContentTypeOptions = false; UseContentSecurityPolicy = false; UsePermittedCrossDomainPolicy = false; UseReferrerPolicy = false; HstsConfiguration = new HstsConfiguration(); HpkpConfiguration = new HPKPConfiguration(); XFrameOptionsConfiguration = new XFrameOptionsConfiguration(); XssConfiguration = new XssConfiguration(); ContentSecurityPolicyConfiguration = new ContentSecurityPolicyConfiguration(); PermittedCrossDomainPolicyConfiguration = new PermittedCrossDomainPolicyConfiguration(); ReferrerPolicy = new ReferrerPolicy(); }