public async Task Invoke_hasCustomHeaders_AddsResponseHeaders()
{
var headers = new CustomHttpHeadersOptions
{
{ "X-Content-Type-Options", "nosniff" },
{ "Feature-Policy", "camera 'none'; geolocation 'none'" }
};
var headerOptions = new OptionsWrapper <CustomHttpHeadersOptions>(headers);
bool nextInvoked = false;
RequestDelegate next = (context) =>
{
nextInvoked = true;
context.Response.StatusCode = (int)HttpStatusCode.Accepted;
return(Task.CompletedTask);
};
var middleware = new CustomHttpHeadersMiddleware(headerOptions);
var httpContext = new DefaultHttpContext();
await middleware.Invoke(httpContext, next);
Assert.True(nextInvoked);
Assert.Equal(httpContext.Response.Headers["X-Content-Type-Options"].ToString(), "nosniff");
Assert.Equal(httpContext.Response.Headers["Feature-Policy"].ToString(), "camera 'none'; geolocation 'none'");
}
public void ValidCustomHttpHeadersConfig_BindsToOptions()
{
string hostJsonContent = @"{
'version': '2.0',
'extensions': {
'http': {
'customHeaders': {
'X-Content-Type-Options': 'nosniff'
}
}
}
}";
File.WriteAllText(_hostJsonFile, hostJsonContent);
var configuration = BuildHostJsonConfiguration();
CustomHttpHeadersOptionsSetup setup = new CustomHttpHeadersOptionsSetup(configuration);
CustomHttpHeadersOptions options = new CustomHttpHeadersOptions();
setup.Configure(options);
Assert.Equal(new Dictionary <string, string>()
{
{ "X-Content-Type-Options", "nosniff" }
}, options);
}
public async Task Invoke_hasCustomHeaders_AddsResponseHeaders()
{
var headers = new CustomHttpHeadersOptions
{
{ "X-Content-Type-Options", "nosniff" },
{ "Feature-Policy", "camera 'none'; geolocation 'none'" }
};
var headerOptions = new OptionsWrapper <CustomHttpHeadersOptions>(headers);
using (var host = GetTestHost(o =>
{
o.Add("X-Content-Type-Options", "nosniff");
o.Add("Feature-Policy", "camera 'none'; geolocation 'none'");
}))
{
await host.StartAsync();
HttpResponseMessage response = await host.GetTestClient().GetAsync(string.Empty);
await host.StopAsync();
Assert.True(_nextInvoked);
Assert.Equal(response.Headers.GetValues("X-Content-Type-Options").Single(), "nosniff");
Assert.Equal(response.Headers.GetValues("Feature-Policy").Single(), "camera 'none'; geolocation 'none'");
}
}
public void MissingOrValidCustomHttpHeadersConfig_DoesNotThrowException(string hostJsonContent)
{
File.WriteAllText(_hostJsonFile, hostJsonContent);
var configuration = BuildHostJsonConfiguration();
CustomHttpHeadersOptionsSetup setup = new CustomHttpHeadersOptionsSetup(configuration);
CustomHttpHeadersOptions options = new CustomHttpHeadersOptions();
var ex = Record.Exception(() => setup.Configure(options));
Assert.Null(ex);
}
public CustomHttpHeadersMiddleware(IOptions <CustomHttpHeadersOptions> hostOptions)
{
_hostOptions = hostOptions.Value;
}
