public void GetFilter_NonXsrfMethods_ReturnsNull()
{
foreach (var method in _nonXsrfMethods)
{
_fakeContext = MvcMockHelpers.FakeHttpContext();
_fakeContext.Request.SetHttpMethodResult(method);
_output.WriteLine("HttpMethod => {0}", method);
var postResult = XsrfFilter.GetFilter(_fakeContext.Request, new object[0]);
Assert.False(_fakeContext.Request.IsAjaxRequest());
Assert.Equal(method, _fakeContext.Request.HttpMethod);
Assert.Null(postResult);
}
}
public void GetFilter_XsrfMethods_ReturnsValidateAntiForgeryTokenAttribute()
{
foreach (var method in XsrfFilter.XsrfMethods)
{
_fakeContext = MvcMockHelpers.FakeHttpContext();
_fakeContext.Request.SetHttpMethodResult(method);
_output.WriteLine("HttpMethod => {0}", method);
var postResult = XsrfFilter.GetFilter(_fakeContext.Request, new object[0]);
Assert.False(_fakeContext.Request.IsAjaxRequest());
Assert.Equal(method, _fakeContext.Request.HttpMethod);
Assert.IsType <ValidateAntiForgeryTokenAttribute>(postResult);
}
}
public void GetFilter_XsrfMethodsIsAjaxWithIgnoreAttribute_ReturnsNull()
{
foreach (var method in XsrfFilter.XsrfMethods)
{
_fakeContext = MvcMockHelpers.FakeHttpContext();
_fakeContext.Request.SetHttpMethodResult(method);
_fakeContext.Request.SetAjaxHeaders();
_output.WriteLine("HttpMethod => {0}", method);
var postResult = XsrfFilter.GetFilter(
_fakeContext.Request,
new object[] { new IgnoreXsrfFilterAttribute() }
);
Assert.True(_fakeContext.Request.IsAjaxRequest());
Assert.Equal(method, _fakeContext.Request.HttpMethod);
Assert.Null(postResult);
}
}
