internal DefaultCorsPolicyService(CorsPolicy policy)
{
if (policy == null) throw new ArgumentNullException("policy");
AllowedOrigins = policy.AllowedOrigins;
policyCallback = policy.PolicyCallback;
}
public void GetCorsPolicyAsync_NoAllowedOriginsNoCallback_DoesNotAllowOrigin()
{
var policy = new CorsPolicy();
var subject = new CorsPolicyProvider(policy, new string[] { "/" });
var cp = subject.GetCorsPolicyAsync(Request("http://foo.com")).Result;
Assert.IsNull(cp);
}
public CorsPolicyProvider(CorsPolicy policy, string[] allowedPaths)
{
if (policy == null) throw new ArgumentNullException("policy");
if (allowedPaths == null) throw new ArgumentNullException("allowedPaths");
this.policy = policy;
this.paths = allowedPaths.Select(path => Normalize(path)).ToArray();
}
public static void UseCors(this IAppBuilder app, CorsPolicy policy)
{
if (policy != null)
{
app.UseCors(new Microsoft.Owin.Cors.CorsOptions
{
PolicyProvider = new CorsPolicyProvider(policy, Constants.RoutePaths.CorsPaths)
});
}
}
public void GetCorsPolicyAsync_OriginIsInAllowedOrigins_AllowOrigin()
{
var origin = "http://foo.com";
var policy = new CorsPolicy();
policy.AllowedOrigins.Add(origin);
var subject = new CorsPolicyProvider(policy, new string[] { "/" });
var cp = subject.GetCorsPolicyAsync(Request(origin)).Result;
AssertAllowed(origin, cp);
}
public void ctor_UsesCorsPolicyCallback()
{
var wasCalled = false;
var policy = new CorsPolicy();
Func<string, Task<bool>> func = s => { wasCalled = true; return Task.FromResult(true); };
policy.PolicyCallback = func;
subject = new DefaultCorsPolicyService(policy);
var result = subject.IsOriginAllowedAsync("http://foo").Result;
result.Should().Be(true);
wasCalled.Should().Be(true);
}
public void ctor_CopiesCorsPolicyOrigins()
{
var policy = new CorsPolicy();
policy.AllowedOrigins.Add("http://foo");
policy.AllowedOrigins.Add("http://bar");
policy.AllowedOrigins.Add("http://baz");
Func<string, Task<bool>> func = s => Task.FromResult(true);
policy.PolicyCallback = func;
subject = new DefaultCorsPolicyService(policy);
subject.AllowedOrigins.ShouldAllBeEquivalentTo(new string[] { "http://foo", "http://bar", "http://baz" });
}
public void GetCorsPolicyAsync_OriginIsInAllowedOriginsButNoOriginRequested_DoesNotAllowOrigin()
{
var origin = "http://foo.com";
var policy = new CorsPolicy();
policy.AllowedOrigins.Add(origin);
var subject = new CorsPolicyProvider(policy, new string[] { "/" });
var cp = subject.GetCorsPolicyAsync(Request(null)).Result;
Assert.IsNull(cp);
}
public void GetCorsPolicyAsync_CallbackDoesNotAllowOrigin_DoesNotAllowOrigin()
{
var origin = "http://foo.com";
var policy = new CorsPolicy();
policy.PolicyCallback = o => Task.FromResult(false);
var subject = new CorsPolicyProvider(policy, new string[] { "/" });
var cp = subject.GetCorsPolicyAsync(Request(origin)).Result;
Assert.IsNull(cp);
}
public void GetCorsPolicyAsync_CallbackAllowOriginButNoOriginRequested_DoesNotAllowOrigin()
{
var policy = new CorsPolicy();
policy.PolicyCallback = o => Task.FromResult(true);
var subject = new CorsPolicyProvider(policy, new string[] { "/" });
var cp = subject.GetCorsPolicyAsync(Request()).Result;
Assert.IsNull(cp);
}
