public void MergeOverrides_HeaderConfiguredAndDirectivesNotConfigured_MergesHeaderConfigAndInitializesDirectives()
{
var sourceConfig = new CspOverrideConfiguration {
Enabled = false, EnabledOverride = true
};
var destinationConfig = new CspConfiguration(false)
{
Enabled = true
};
_mapper.MergeOverrides(sourceConfig, destinationConfig);
var directives = CspCommonDirectives.Directives().ToArray();
Assert.IsFalse(destinationConfig.Enabled);
foreach (var directive in directives)
{
Assert.IsNotNull(_mapper.GetCspDirectiveConfig(destinationConfig, directive));
}
Assert.IsNotNull(destinationConfig.PluginTypesDirective);
Assert.IsNotNull(destinationConfig.SandboxDirective);
Assert.IsNotNull(destinationConfig.UpgradeInsecureRequestsDirective);
Assert.IsNotNull(destinationConfig.ReportUriDirective);
}
public void MergeConfiguration_SourceAndTargetDirectivesConfigured_MergesHeaderAttributesAndSourceDirectives()
{
var sourceConfig = new CspConfiguration {
Enabled = false
};
var destinationConfig = new CspConfiguration {
Enabled = true
};
_mapper.MergeConfiguration(sourceConfig, destinationConfig);
var directives = CspCommonDirectives.Directives().ToArray();
Assert.IsFalse(destinationConfig.Enabled);
foreach (var directive in directives)
{
Assert.AreSame(_mapper.GetCspDirectiveConfig(sourceConfig, directive), _mapper.GetCspDirectiveConfig(destinationConfig, directive));
}
Assert.AreSame(sourceConfig.PluginTypesDirective, destinationConfig.PluginTypesDirective);
Assert.AreSame(sourceConfig.SandboxDirective, destinationConfig.SandboxDirective);
Assert.AreSame(sourceConfig.UpgradeInsecureRequestsDirective, destinationConfig.UpgradeInsecureRequestsDirective);
Assert.AreSame(sourceConfig.ReportUriDirective, destinationConfig.ReportUriDirective);
}
public void MergeConfiguration_SourceAndTargetDirectivesNotConfigured_MergesHeaderAttributesAndInitializesDirectives()
{
var sourceConfig = new CspConfiguration(false)
{
Enabled = false
};
var destinationConfig = new CspConfiguration(false)
{
Enabled = true
};
_mapper.MergeConfiguration(sourceConfig, destinationConfig);
var directives = new CspCommonDirectives().ToArray();
Assert.False(destinationConfig.Enabled);
foreach (var directive in directives)
{
Assert.NotNull(_mapper.GetCspDirectiveConfig(destinationConfig, directive));
}
Assert.NotNull(destinationConfig.PluginTypesDirective);
Assert.NotNull(destinationConfig.SandboxDirective);
Assert.NotNull(destinationConfig.UpgradeInsecureRequestsDirective);
Assert.NotNull(destinationConfig.MixedContentDirective);
Assert.NotNull(destinationConfig.ReportUriDirective);
}
public void GetCspDirectiveConfig_DirectiveSet_ReturnsDirective()
{
var directives = CspCommonDirectives.Directives().ToArray();
var config = new CspConfiguration(false);
foreach (var directive in directives)
{
_mapper.SetCspDirectiveConfig(config, directive, new CspDirectiveConfiguration {
Nonce = directive.ToString()
});
}
foreach (var directive in directives)
{
var directiveConfig = _mapper.GetCspDirectiveConfig(config, directive);
Assert.IsNotNull(directiveConfig);
Assert.AreEqual(directive.ToString(), directiveConfig.Nonce);
}
}
public void MergeConfiguration_SourceDirectivesMissingAndTargetDirectivesConfigured_MergesHeaderAttributesAndKeepsTargetDirectives()
{
var directives = new CspCommonDirectives().ToArray();
var sourceConfig = new CspConfiguration(false)
{
Enabled = false
};
var destinationConfig = new CspConfiguration {
Enabled = true
};
var expectedConfig = new CspConfiguration
{
Enabled = destinationConfig.Enabled,
PluginTypesDirective = destinationConfig.PluginTypesDirective,
SandboxDirective = destinationConfig.SandboxDirective,
UpgradeInsecureRequestsDirective = destinationConfig.UpgradeInsecureRequestsDirective,
MixedContentDirective = destinationConfig.MixedContentDirective,
ReportUriDirective = destinationConfig.ReportUriDirective
};
//Poor man's clone, to get directives from destinationconfig to expected config.
foreach (var directive in directives)
{
_mapper.SetCspDirectiveConfig(expectedConfig, directive, _mapper.GetCspDirectiveConfig(destinationConfig, directive));
}
_mapper.MergeConfiguration(sourceConfig, destinationConfig);
Assert.False(destinationConfig.Enabled);
foreach (var directive in directives)
{
Assert.Same(_mapper.GetCspDirectiveConfig(expectedConfig, directive), _mapper.GetCspDirectiveConfig(destinationConfig, directive));
}
Assert.Same(expectedConfig.PluginTypesDirective, destinationConfig.PluginTypesDirective);
Assert.Same(expectedConfig.SandboxDirective, destinationConfig.SandboxDirective);
Assert.Same(expectedConfig.UpgradeInsecureRequestsDirective, destinationConfig.UpgradeInsecureRequestsDirective);
Assert.Same(expectedConfig.MixedContentDirective, destinationConfig.MixedContentDirective);
Assert.Same(expectedConfig.ReportUriDirective, destinationConfig.ReportUriDirective);
}
public void MergeOverrides_HeaderConfiguredAndDirectivesConfigured_MergesHeaderAndDirectives()
{
var directives = new CspCommonDirectives().ToArray();
var sourceConfig = new CspOverrideConfiguration {
Enabled = false, EnabledOverride = true
};
foreach (var directive in directives)
{
_mapper.SetCspDirectiveConfig(sourceConfig, directive, new CspDirectiveConfiguration {
Nonce = directive.ToString()
});
}
sourceConfig.PluginTypesDirective = new CspPluginTypesDirectiveConfiguration();
sourceConfig.SandboxDirective = new CspSandboxDirectiveConfiguration();
sourceConfig.UpgradeInsecureRequestsDirective = new CspUpgradeDirectiveConfiguration();
sourceConfig.MixedContentDirective = new CspMixedContentDirectiveConfiguration();
sourceConfig.ReportUriDirective = new CspReportUriDirectiveConfiguration();
var destinationConfig = new CspConfiguration(false)
{
Enabled = true
};
_mapper.MergeOverrides(sourceConfig, destinationConfig);
Assert.False(destinationConfig.Enabled);
foreach (var directive in directives)
{
var directiveConfig = _mapper.GetCspDirectiveConfig(destinationConfig, directive);
Assert.NotNull(directiveConfig);
Assert.Equal(directive.ToString(), directiveConfig.Nonce);
}
Assert.Same(sourceConfig.PluginTypesDirective, destinationConfig.PluginTypesDirective);
Assert.Same(sourceConfig.SandboxDirective, destinationConfig.SandboxDirective);
Assert.Same(sourceConfig.UpgradeInsecureRequestsDirective, destinationConfig.UpgradeInsecureRequestsDirective);
Assert.Same(sourceConfig.MixedContentDirective, destinationConfig.MixedContentDirective);
Assert.Same(sourceConfig.ReportUriDirective, destinationConfig.ReportUriDirective);
}
public void MergeOverrides_HeaderNotConfiguredAndDirectivesConfigured_MergesDirectives()
{
var directives = CspCommonDirectives.Directives().ToArray();
var sourceConfig = new CspOverrideConfiguration {
Enabled = false, EnabledOverride = false
};
foreach (var directive in directives)
{
_mapper.SetCspDirectiveConfig(sourceConfig, directive, new CspDirectiveConfiguration {
Nonce = directive.ToString()
});
}
sourceConfig.PluginTypesDirective = new CspPluginTypesDirectiveConfiguration();
sourceConfig.SandboxDirective = new CspSandboxDirectiveConfiguration();
sourceConfig.ReportUriDirective = new CspReportUriDirectiveConfiguration();
var destinationConfig = new CspConfiguration(false)
{
Enabled = true
};
_mapper.MergeOverrides(sourceConfig, destinationConfig);
Assert.IsTrue(destinationConfig.Enabled);
foreach (var directive in directives)
{
var directiveConfig = _mapper.GetCspDirectiveConfig(destinationConfig, directive);
Assert.IsNotNull(directiveConfig);
Assert.AreEqual(directive.ToString(), directiveConfig.Nonce);
}
Assert.AreSame(sourceConfig.PluginTypesDirective, destinationConfig.PluginTypesDirective);
Assert.AreSame(sourceConfig.SandboxDirective, destinationConfig.SandboxDirective);
Assert.AreSame(sourceConfig.ReportUriDirective, destinationConfig.ReportUriDirective);
}
