public void Ctor_CanSetAllAllowSettings_ToRequiredValues() { var elements = new CorsElementCollection(); var fooElement = new CorsElement { Name = "foo", Headers = "X-Api-Rate;Foo", Methods = "GET;POST;PUT", Origins = "http://foo.com;http://www.abc.com" }; elements.Add(fooElement); var corsSection = new CorsSection { CorsPolicies = elements }; var attr = new ConfigurableCorsPolicyAttribute("foo", corsSection); var policy = attr.GetCorsPolicyAsync(new HttpRequestMessage(), default(CancellationToken)).Result; policy.AllowAnyMethod.ShouldEqual(false); policy.Methods.ShouldContain("GET"); policy.Methods.ShouldContain("POST"); policy.Methods.ShouldContain("PUT"); policy.AllowAnyHeader.ShouldEqual(false); policy.Headers.ShouldContain("X-Api-Rate"); policy.Headers.ShouldContain("Foo"); policy.AllowAnyOrigin.ShouldEqual(false); policy.Origins.ShouldContain("http://foo.com"); policy.Origins.ShouldContain("http://www.abc.com"); }
public ConfigurableCorsPolicyAttribute(string name, CorsSection corsSection) { _policy = new CorsPolicy(); if (corsSection != null) { var policy = corsSection.CorsPolicies.Cast<CorsElement>().FirstOrDefault(x => x.Name == name); if (policy != null) { if (policy.Headers == "*") { _policy.AllowAnyHeader = true; } else { policy.Headers.Split(new[] { ";" }, StringSplitOptions.RemoveEmptyEntries).ToList().ForEach(x => _policy.Headers.Add(x.Trim())); } if (policy.Methods == "*") { _policy.AllowAnyMethod = true; } else { policy.Methods.Split(new[] { ";" }, StringSplitOptions.RemoveEmptyEntries).ToList().ForEach(x => _policy.Methods.Add(x.Trim())); } if (policy.Origins == "*") { _policy.AllowAnyOrigin = true; } else { policy.Origins.Split(new [] {";"}, StringSplitOptions.RemoveEmptyEntries).ToList().ForEach(x => _policy.Origins.Add(x.Trim())); } if (policy.ExposedHeaders != null) { policy.ExposedHeaders.Split(new[] { ";" }, StringSplitOptions.RemoveEmptyEntries).ToList().ForEach(x => _policy.ExposedHeaders.Add(x.Trim())); } } } }
public ConfigurableCorsPolicyAttribute(string name, CorsSection corsSection) { _policy = new CorsPolicy(); if (corsSection != null) { var policy = corsSection.CorsPolicies.Cast<CorsElement>().FirstOrDefault(x => x.Name == name); if (policy != null) { if (policy.Headers == "*") { _policy.AllowAnyHeader = true; } else { policy.Headers.Split(';').ToList().ForEach(x => _policy.Headers.Add(x)); } if (policy.Methods == "*") { _policy.AllowAnyMethod = true; } else { policy.Methods.Split(';').ToList().ForEach(x => _policy.Methods.Add(x)); } if (policy.Origins == "*") { _policy.AllowAnyOrigin = true; } else { policy.Origins.Split(';').ToList().ForEach(x => _policy.Origins.Add(x)); } } } }
public void Ctor_CanSetAllAllowSettings_ToStar() { var elements = new CorsElementCollection(); var fooElement = new CorsElement { Name = "foo", Headers = "*", Methods = "*", Origins = "*" }; elements.Add(fooElement); var corsSection = new CorsSection { CorsPolicies = elements }; var attr = new ConfigurableCorsPolicyAttribute("foo", corsSection); var policy = attr.GetCorsPolicyAsync(new HttpRequestMessage(), default(CancellationToken)).Result; policy.AllowAnyMethod.ShouldEqual(true); policy.AllowAnyHeader.ShouldEqual(true); policy.AllowAnyOrigin.ShouldEqual(true); }
public void Ctor_TrimsUnnecessaryWhitespaceAroundEsposedHeaders() { var elements = new CorsElementCollection(); var fooElement = new CorsElement { Name = "foo", Headers = "*", Methods = "*", Origins = "*", ExposedHeaders = "\r\n X-Api-Rate;\r\n Foo" }; elements.Add(fooElement); var corsSection = new CorsSection { CorsPolicies = elements }; var attr = new ConfigurableCorsPolicyAttribute("foo", corsSection); var policy = attr.GetCorsPolicyAsync(new HttpRequestMessage(), default(CancellationToken)).Result; policy.ExposedHeaders.Count.ShouldEqual(2); policy.ExposedHeaders[0].ShouldEqual("X-Api-Rate"); policy.ExposedHeaders[1].ShouldEqual("Foo"); }
internal Config(CorsSection corsSection) { _corsSection = corsSection ?? new CorsSection(); }