public void Ctor_ArgumentNextIsNull_ThrowsArgumentNullException() { Assert.Throws <ArgumentNullException>(() => { _ = new HstsMiddleware(next: null, options: new OptionsWrapper <HstsOptions>(new HstsOptions())); }); }
public void Ctor_ArgumentOptionsIsNull_ThrowsArgumentNullException() { Assert.Throws <ArgumentNullException>(() => { _ = new HstsMiddleware(innerHttpContext => Task.CompletedTask, options: null); }); }
public async void WhenSchemeIsHttps_SetTheHeader() { // Arrange var middleware = new HstsMiddleware(null); // Act await middleware.Invoke(_mockContext.Object); _stubResponse.InvokeOnSendingHeaders(); // Assert Assert.True(_mockContext.Object.Response.Headers.ContainsKey(HstsHeaderName)); }
public async void WhenSchemeIsNotHttps_DontSetTheHeader() { // Arrange var middleware = new HstsMiddleware(null); _mockRequest.Setup(r => r.Scheme).Returns("http"); // Act await middleware.Invoke(_mockContext.Object); _stubResponse.InvokeOnSendingHeaders(); // Assert Assert.False(_mockContext.Object.Response.Headers.ContainsKey(HstsHeaderName)); }
public async void WhenHeaderIsAlreadySet_DontSetTheHeader() { // Arrange const string presetHeader = "max-age=1"; _stubResponse.Headers.Add(HstsHeaderName, new[] { presetHeader }); var middleware = new HstsMiddleware(null); // Act await middleware.Invoke(_mockContext.Object); _stubResponse.InvokeOnSendingHeaders(); // Assert Assert.AreEqual(presetHeader, _mockContext.Object.Response.Headers[HstsHeaderName]); }
public async void WhenHeaderIsAlreadySetAndOverrideIsSet_SetTheHeader() { // Arrange const string presetHeader = "max-age=1"; var settings = new HstsSettings { OverwriteExisting = true }; _stubResponse.Headers.Add(HstsHeaderName, new[] { presetHeader }); var middleware = new HstsMiddleware(null, settings); // Act await middleware.Invoke(_mockContext.Object); _stubResponse.InvokeOnSendingHeaders(); // Assert Assert.AreEqual(settings.GenerateResponseValue(), _mockContext.Object.Response.Headers[HstsHeaderName]); }
public HstsConfigurationMiddleware(IOptions <HostHstsOptions> hostHstsOptions) { RequestDelegate contextNext = async context => { if (context.Items.Remove(ScriptConstants.HstsMiddlewareRequestDelegate, out object requestDelegate) && requestDelegate is RequestDelegate next) { await next(context); } }; if (hostHstsOptions.Value.IsEnabled) { var hstsMiddleware = new HstsMiddleware(contextNext, hostHstsOptions); _invoke = hstsMiddleware.Invoke; } else { _invoke = contextNext; } }
public async Task HstsHeaderIsNotIncluded_WhenRequestHeadersAlreadyContainHstsHeader() { RequestDelegate mockNext = (HttpContext ctx) => { return(Task.CompletedTask); }; var options = Options.Create(new HstsOptions() { Duration = TimeSpan.FromHours(1) }); var sut = new HstsMiddleware(mockNext, options); var mockContext = new DefaultHttpContext(); mockContext.Request.Scheme = "https"; mockContext.Response.Headers.Add("Strict-Transport-Security", "max-age=31536000"); await sut.Invoke(mockContext); //Invoke throws System.ArgumentException if it tries to add the header again }