//TODO It might make sense to allow reporting to be enabled without reportUri's, they might be defined in middleware
//TODO Add unit tests for this?
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
if (_directive.Enabled && _directive.ReportUris == null)
{
throw CreateAttributeException("You need to supply at least one Reporturi to enable the reporturi directive.");
}
_configurationOverrideHelper.SetCspReportUriOverride(filterContext.HttpContext, _directive, ReportOnly);
base.OnActionExecuting(filterContext);
}
public void SetCspReportUriOverride_ReportUriDisabledAndOverridden_ReturnsOverridenReportUri([Values(false, true)] bool reportOnly)
{
var overrideConfig = new CspOverrideConfiguration();
_contextHelper.Setup(h => h.GetCspConfigurationOverride(It.IsAny <HttpContextBase>(), reportOnly, false)).Returns(overrideConfig);
var reportUri = new CspReportUriDirectiveConfiguration {
Enabled = true, EnableBuiltinHandler = true
};
CspConfigurationOverrideHelper.SetCspReportUriOverride(MockContext, reportUri, reportOnly);
Assert.IsTrue(overrideConfig.ReportUriDirective.Enabled);
Assert.IsTrue(overrideConfig.ReportUriDirective.EnableBuiltinHandler);
}
