public void TryUpgradeInsecureRequest_UpgradeEnabledAndUpgradableRequest_RedirectsAndReturnsTrue()
{
_response.Setup(r => r.AppendHeader(It.IsAny<string>(), It.IsAny<string>()));
_response.Setup(r => r.Redirect(It.IsAny<string>(), false));
_response.Setup(r => r.End());
SetRequestUri("http://www.nwebsec.com");
SetSecureConnection(false);
var cspConfig = new CspConfiguration
{
Enabled = true,
UpgradeInsecureRequestsDirective = { Enabled = true }
};
var helper = new CspUpgradeInsecureRequestHelper(cspConfig);
Assert.IsTrue(helper.TryUpgradeInsecureRequest(_context.Object));
_response.Verify(r => r.AppendHeader("Vary", "Upgrade-Insecure-Requests"), Times.Once);
_response.Verify(r => r.Redirect("https://www.nwebsec.com/", false), Times.Once);
_response.Verify(r => r.End(), Times.Once);
Assert.AreEqual(307, _response.Object.StatusCode);
}
public void TryUpgradeInsecureRequest_CspDisabledAndHttpRequest_ReturnsFalse()
{
SetSecureConnection(false);
var cspConfig = new CspConfiguration
{
Enabled = false,
UpgradeInsecureRequestsDirective = { Enabled = true }
};
var helper = new CspUpgradeInsecureRequestHelper(cspConfig);
Assert.IsFalse(helper.TryUpgradeInsecureRequest(_context.Object));
Assert.AreEqual(200, _response.Object.StatusCode);
}