public void VerifyMaliciousApplicationIdIsTruncated()
{
// 50 character string.
var testApplicationId = "a123456789b123546789c123456789d123456798e123456789";
// An arbitrary string that is expected to be truncated.
var malicious = "00000000000000000000000000000000000000000000000000000000000";
var testFormattedApplicationId = ApplicationIdHelper.ApplyFormatting(testApplicationId);
var mockProfileServiceWrapper = GenerateMockServiceWrapper(HttpStatusCode.OK, testApplicationId + malicious);
var aiApplicationIdProvider = new ApplicationInsightsApplicationIdProvider(mockProfileServiceWrapper);
// first request expected to fail
Assert.IsFalse(aiApplicationIdProvider.TryGetApplicationId(testInstrumentationKey, out string ignore));
// wait for async tasks to complete
while (aiApplicationIdProvider.IsFetchAppInProgress(testInstrumentationKey))
{
Console.WriteLine("wait");
Thread.Sleep(taskWaitMilliseconds);
}
Assert.IsTrue(aiApplicationIdProvider.TryGetApplicationId(testInstrumentationKey, out string actual));
Assert.AreEqual(testFormattedApplicationId, actual);
}
/// <summary>
/// Format and store an Instrumentation Key and Application Id pair into the dictionary of known Application Ids.
/// </summary>
/// <param name="instrumentationKey">Instrumentation Key is expected to be a Guid string.</param>
/// <param name="applicationId">Application Id is expected to be a Guid string. </param>
private void FormatAndAddToDictionary(string instrumentationKey, string applicationId)
{
if (!string.IsNullOrEmpty(instrumentationKey) && !string.IsNullOrEmpty(applicationId))
{
this.knownApplicationIds.TryAdd(instrumentationKey, ApplicationIdHelper.ApplyFormatting(applicationId));
}
}