public void GetXFrameoptionsWithOverride_ConfigOverriden_ReturnsOverrideElement()
{
var configOverride = new XFrameOptionsConfiguration { Policy = XfoPolicy.Deny };
_headerConfigurationOverrideHelper.SetXFrameoptionsOverride(_mockContext, configOverride);
Assert.AreSame(configOverride, _headerConfigurationOverrideHelper.GetXFrameoptionsWithOverride(_mockContext));
}
public void CreateXfoResult_Disabled_ReturnsNull()
{
var xFrameConfig = new XFrameOptionsConfiguration { Policy = XfoPolicy.Disabled };
var result = _generator.CreateXfoResult(xFrameConfig);
Assert.IsNull(result);
}
public void GetXFrameOptionsConfiguration_NoOwinContext_ReturnsSystemWebConfig()
{
var config = new XFrameOptionsConfiguration();
_systemWebContext.XFrameOptions = config;
var result = _contextHelper.GetXFrameOptionsConfiguration(_mockContext);
Assert.AreSame(config, result);
}
public void CreateXfoResult_DisabledWithSameOriginInOldConfig_ReturnsRemoveXfoResult()
{
var xFrameConfig = new XFrameOptionsConfiguration { Policy = XfoPolicy.Disabled };
var oldXFrameConfig = new XFrameOptionsConfiguration { Policy = XfoPolicy.SameOrigin };
var result = _generator.CreateXfoResult(xFrameConfig,oldXFrameConfig);
Assert.IsNotNull(result);
Assert.AreEqual(HeaderResult.ResponseAction.Remove, result.Action);
Assert.AreEqual("X-Frame-Options", result.Name);
}
public void CreateXfoResult_Sameorigin_ReturnsSetXfoSameOriginResult()
{
var xFrameConfig = new XFrameOptionsConfiguration { Policy = XfoPolicy.SameOrigin };
var result = _generator.CreateXfoResult(xFrameConfig);
Assert.IsNotNull(result);
Assert.AreEqual(HeaderResult.ResponseAction.Set, result.Action);
Assert.AreEqual("X-Frame-Options", result.Name);
Assert.AreEqual("SameOrigin", result.Value);
}
public void SetXFrameoptionsHeader_NoOverride_DoesNothing()
{
var contextConfig = new XFrameOptionsConfiguration();
_contextHelper.Setup(h => h.GetXFrameOptionsConfiguration(It.IsAny<HttpContextBase>())).Returns(contextConfig);
_configurationOverrideHelper.Setup(h => h.GetXFrameoptionsWithOverride(It.IsAny<HttpContextBase>())).Returns((XFrameOptionsConfiguration)null);
_overrideHelper.SetXFrameoptionsHeader(_mockContext);
_headerGenerator.Verify(g => g.CreateXfoResult(It.IsAny<XFrameOptionsConfiguration>(), It.IsAny<XFrameOptionsConfiguration>()), Times.Never);
_headerResultHandler.Verify(h => h.HandleHeaderResult(It.IsAny<HttpResponseBase>(), It.IsAny<HeaderResult>()), Times.Never);
}
public void SetXFrameoptionsHeader_Override_CreatesAndHandlesHeaderResult()
{
var contextConfig = new XFrameOptionsConfiguration();
var overrideConfig = new XFrameOptionsConfiguration();
_contextHelper.Setup(h => h.GetXFrameOptionsConfiguration(It.IsAny<HttpContextBase>())).Returns(contextConfig);
_configurationOverrideHelper.Setup(h => h.GetXFrameoptionsWithOverride(It.IsAny<HttpContextBase>())).Returns(overrideConfig);
_headerGenerator.Setup(g => g.CreateXfoResult(overrideConfig, contextConfig)).Returns(_expectedHeaderResult);
_overrideHelper.SetXFrameoptionsHeader(_mockContext);
_headerResultHandler.Verify(h => h.HandleHeaderResult(It.IsAny<HttpResponseBase>(), _expectedHeaderResult), Times.Once);
}
public void GetXFrameOptionsConfiguration_HasOwinConfig_ReturnsOwinConfig()
{
SetupOwinContext();
var config = new XFrameOptionsConfiguration();
_owinContext.XFrameOptions = config;
var result = _contextHelper.GetXFrameOptionsConfiguration(_mockContext);
Assert.AreSame(config, result);
}
