public async Task Invoke_hasCustomHeaders_AddsResponseHeaders() { var headers = new CustomHttpHeadersOptions { { "X-Content-Type-Options", "nosniff" }, { "Feature-Policy", "camera 'none'; geolocation 'none'" } }; var headerOptions = new OptionsWrapper <CustomHttpHeadersOptions>(headers); bool nextInvoked = false; RequestDelegate next = (context) => { nextInvoked = true; context.Response.StatusCode = (int)HttpStatusCode.Accepted; return(Task.CompletedTask); }; var middleware = new CustomHttpHeadersMiddleware(headerOptions); var httpContext = new DefaultHttpContext(); await middleware.Invoke(httpContext, next); Assert.True(nextInvoked); Assert.Equal(httpContext.Response.Headers["X-Content-Type-Options"].ToString(), "nosniff"); Assert.Equal(httpContext.Response.Headers["Feature-Policy"].ToString(), "camera 'none'; geolocation 'none'"); }
public void ValidCustomHttpHeadersConfig_BindsToOptions() { string hostJsonContent = @"{ 'version': '2.0', 'extensions': { 'http': { 'customHeaders': { 'X-Content-Type-Options': 'nosniff' } } } }"; File.WriteAllText(_hostJsonFile, hostJsonContent); var configuration = BuildHostJsonConfiguration(); CustomHttpHeadersOptionsSetup setup = new CustomHttpHeadersOptionsSetup(configuration); CustomHttpHeadersOptions options = new CustomHttpHeadersOptions(); setup.Configure(options); Assert.Equal(new Dictionary <string, string>() { { "X-Content-Type-Options", "nosniff" } }, options); }
public async Task Invoke_hasCustomHeaders_AddsResponseHeaders() { var headers = new CustomHttpHeadersOptions { { "X-Content-Type-Options", "nosniff" }, { "Feature-Policy", "camera 'none'; geolocation 'none'" } }; var headerOptions = new OptionsWrapper <CustomHttpHeadersOptions>(headers); using (var host = GetTestHost(o => { o.Add("X-Content-Type-Options", "nosniff"); o.Add("Feature-Policy", "camera 'none'; geolocation 'none'"); })) { await host.StartAsync(); HttpResponseMessage response = await host.GetTestClient().GetAsync(string.Empty); await host.StopAsync(); Assert.True(_nextInvoked); Assert.Equal(response.Headers.GetValues("X-Content-Type-Options").Single(), "nosniff"); Assert.Equal(response.Headers.GetValues("Feature-Policy").Single(), "camera 'none'; geolocation 'none'"); } }
public void MissingOrValidCustomHttpHeadersConfig_DoesNotThrowException(string hostJsonContent) { File.WriteAllText(_hostJsonFile, hostJsonContent); var configuration = BuildHostJsonConfiguration(); CustomHttpHeadersOptionsSetup setup = new CustomHttpHeadersOptionsSetup(configuration); CustomHttpHeadersOptions options = new CustomHttpHeadersOptions(); var ex = Record.Exception(() => setup.Configure(options)); Assert.Null(ex); }
public CustomHttpHeadersMiddleware(IOptions <CustomHttpHeadersOptions> hostOptions) { _hostOptions = hostOptions.Value; }