예제 #1
0
        public void CheckIfRestRequest_Cookies_WhenAjaxCSRFTokenInvalid_ThenTokenShouldBeSentFirst()
        {
            var doc = new XmlDocument();
            doc.LoadXml("<r><template id='a' mode='Server' /></r>");

            var httpContextInfo = new HttpContextInfo();
            httpContextInfo.QueryString.Add("xtags-xajax", "xtags-xajax");
            httpContextInfo.QueryString.Add("xtags-http-method", "GET");
            httpContextInfo.QueryString.Add("xtags-id", "a");
            httpContextInfo.QueryString.Add("xtags-token", "Invalid token");

            httpContextInfo.Cookies.Add(new HttpCookie("a"));
            httpContextInfo.Cookies["a"].Value = "Invalid";

            var result =
                new xContext(httpContextInfo)
                    .Do(new LoadLibrary(doc))
                    .Do(new CreateTag("template"))
                    .DoFirst(x => x != null, new CheckIfRestRequest(onGet: EmptyGetHandler, useCsrfCookies: true), new RenderHtml());

            var responseText = result.ResponseText.ToString();

            Assert.IsTrue(responseText.StartsWith("{\"xtags-renew-token\":\""));
            Assert.IsTrue(responseText.EndsWith("\"}"));
            Assert.AreEqual(result.ContentType, "text/plain");
            Assert.AreEqual(result.ResponseCookies["a"].Value, responseText.Replace("{\"xtags-renew-token\":\"", string.Empty).Replace("\"}", string.Empty));
        }
예제 #2
0
        public void FixPathToFileOrHttpPath_WhenNoHttpContextButNoTilde_ThenReturnsBasedOnAbsoluteApplicationPath()
        {
            var link = "/somewhere/else";

            var xContext = new xContext(new HttpContextInfo());

            var transformedLink = xContext.FixPathToFileOrHttpPath(link);

            Assert.AreEqual("/somewhere/else", transformedLink);
        }
예제 #3
0
        public void FixPathToFileOrHttpPath_WhenNoHttpContext_ThenReturnsBasedOnAbsoluteApplicationPath()
        {
            var link = "~/somewhere/else";

            var xContext = new xContext(new HttpContextInfo());

            var transformedLink = xContext.FixPathToFileOrHttpPath(link);

            Assert.AreEqual(AppDomain.CurrentDomain.BaseDirectory + "\\somewhere\\else", transformedLink);
        }
예제 #4
0
        public void FixPathToWebPath_WhenNoHttpContext_ThenReturnsBasedOnAbsoluteApplicationPath()
        {
            var link = "~/somewhere/else";

            var xContext = new xContext(new HttpContextInfo());

            var transformedLink = xContext.FixPathToWebPath(link);

            Assert.IsTrue(transformedLink.StartsWith("/"));
            Assert.IsTrue(transformedLink.EndsWith("/somewhere/else"));
        }
예제 #5
0
        public void Databind_WhenBoundToArray_ThenNodesAreTheSameNumber()
        {
            var doc = new XmlDocument();
            doc.LoadXml("<r><template id='a'><span /></template></r>");

            var result =
                new xContext().Do(new LoadLibrary(doc))
                              .Do(new CreateTag("template"))
                              .Do(new Databind(new[] { "One", "Two", "Three" }));

            Assert.AreEqual(result.xTag.Children.Count, 3);
        }
예제 #6
0
        public void RenderOfflineManifest_WhenNoLibraryIsRendered_ThenItHasAnEmptyManifest()
        {
            var doc = new XmlDocument();
            doc.LoadXml("<r><template id='a'><span /></template></r>");

            var result = new xContext(new HttpContextInfo())
                .Do(new RenderOfflineManifest(new string[0]));

            var resultText = result.ResponseText.ToString();
            Assert.AreEqual(result.ContentType, "text/cache-manifest");
            Assert.IsTrue(resultText.StartsWith("CACHE MANIFEST\n# Last-modified:"));
        }
예제 #7
0
        public void RenderHtml_WhenLcidIsSetOnHtmlTag_ThenLanguageIsRenderedOnHtml()
        {
            var doc = new XmlDocument();
            doc.LoadXml("<r><template tag='html' /></r>");

            var result =
                new xContext().Do(new LoadLibrary(doc))
                              .Do(new CreateTag("template", lcid: 1033))
                              .Do(new RenderHtml());

            // Structural elements
            Assert.IsTrue(result.ResponseText.ToString().Contains("<html lang='en'"));
        }
예제 #8
0
        public void RenderHtml_WhenNoHttpContext_ThenCheckIfRestRequestReturnsNull()
        {
            var doc = new XmlDocument();
            doc.LoadXml("<r><template id='a' /></r>");

            var result =
                new xContext().Do(new LoadLibrary(doc))
                              .Do(new CreateTag("template"))
                              .DoFirst(x => x != null, new CheckIfRestRequest(), new RenderHtml());

            var responseText = result.ResponseText.ToString();
            Assert.AreEqual(responseText, "<div id='a'></div>");
        }
예제 #9
0
        public void RenderHtml_WhenOneTagTemplate_ThenDivIsRenderedAsHtml()
        {
            var doc = new XmlDocument();
            doc.LoadXml("<r><template id='a' /></r>");

            var result =
                new xContext().Do(new LoadLibrary(doc))
                              .Do(new CreateTag("template"))
                              .Do(new RenderHtml());

            // Structural elements
            Assert.AreEqual(result.ResponseText.ToString(), "<div id='a'></div>");
        }
예제 #10
0
        public void Databind_WhenBoundToObjectFromJsonAndDataboundToProperty_ThenNodesHaveTheText()
        {
            var doc = new XmlDocument();
            doc.LoadXml("<r><template id='a'><span>#{this.data()}</span></template></r>");

            var boundObject = JsonConvert.DeserializeObject("{ data:'One' }");

            var result =
                new xContext().Do(new LoadLibrary(doc))
                              .Do(new CreateTag("template"))
                              .Do(new Databind(boundObject));

            Assert.AreEqual(1, result.xTag.Children.Count);
            Assert.AreEqual("One", result.xTag.Children[0].Children[0].Text);
        }
예제 #11
0
        public void SaveTag_Session_WhenTagIsSaved_ThenIsLoadedAgain()
        {
            var doc = new XmlDocument();
            doc.LoadXml("<r><template id='a' modetype='session'><data type='text/name-value' name='test'><![CDATA[starting value]]></data></template></r>");
            var persistedValue = "New value";

            var httpContextInfo = new HttpContextInfo();

            var xTagContext = new xContext(httpContextInfo).Do(new LoadLibrary(doc)).Do(new CreateTag("template"));
            xTagContext.xTag.Data["test"] = persistedValue;
            xTagContext.Do(new SaveTag());

            var xTagContext2 = new xContext(httpContextInfo).Do(new LoadLibrary(doc)).Do(new CreateTag("template")).Do(new LoadTag());

            Assert.AreEqual(xTagContext2.xTag.Data["test"], persistedValue);
        }
예제 #12
0
        public void Databind_WhenBoundToArrayOfObjectsAndDataboundToProperty_ThenNodesHaveTheText()
        {
            var doc = new XmlDocument();
            doc.LoadXml("<r><template id='a'><span>#{this.data()}</span></template></r>");

            object boundObject = new[]
                                 {
                                     new { data = "One" },
                                     new { data = "Two" },
                                     new { data = "Three" }
                                 };

            var result =
                new xContext().Do(new LoadLibrary(doc))
                              .Do(new CreateTag("template"))
                              .Do(new Databind(boundObject));

            Assert.AreEqual(result.xTag.Children.Count, 3);
            Assert.AreEqual(result.xTag.Children[0].Children[0].Text, "One");
            Assert.AreEqual(result.xTag.Children[1].Children[0].Text, "Two");
            Assert.AreEqual(result.xTag.Children[2].Children[0].Text, "Three");
        }
예제 #13
0
        public void RenderHtml_WhenHtmlTemplate_ThenHasHtmlTextOnOutput()
        {
            var doc = new XmlDocument();
            doc.LoadXml("<r><template tag='html'><head /><body /></template></r>");

            var result =
                new xContext().Do(new LoadLibrary(doc))
                              .Do(new CreateTag("template"))
                              .Do(new RenderHtml());

            var responseText = result.ResponseText.ToString();
            // Structural elements
            Assert.IsTrue(responseText.Contains("<html><head>"));
            Assert.IsTrue(responseText.Contains("</head><body id='__body'>"));
            Assert.IsTrue(responseText.Contains("</body>"));
            // Clickjacking
            Assert.IsNotNull(result.ResponseHeaders["X-Frame-Options"]);
            Assert.IsTrue(responseText.Contains("top.location.replace(self.location.href);"));
            // Javascript Libraries
            Assert.IsTrue(responseText.Contains(RenderPageJavascript.jQueryUri));
            Assert.IsTrue(responseText.Contains(RenderPageJavascript.xTagUri));
            // No style
            Assert.IsFalse(responseText.Contains("<style"));
        }
예제 #14
0
        public void Datasource_WhenBoundToArrayOfObjectsAndADatasourceIsIncluded_ThenNodeHaveTheText()
        {
            var doc = new XmlDocument();
            doc.LoadXml("<r><template id='a'><span>Not bound</span><span datasource='BoundSource'><span>#{this.data()}</span></span></template></r>");

            object boundObject = new
                                 {
                                     BoundSource = new
                                                   {
                                                       data = "One"
                                                   }
                                 };

            var result =
                new xContext().Do(new LoadLibrary(doc))
                              .Do(new CreateTag("template"))
                              .Do(new Databind(boundObject));

            Assert.AreEqual(2, result.xTag.Children.Count);
            Assert.AreEqual(1, result.xTag.Children[1].Children.Count);
            Assert.AreEqual(1, result.xTag.Children[1].Children[0].Children.Count);
            Assert.AreEqual("One", result.xTag.Children[1].Children[0].Children[0].Text);
        }
예제 #15
0
        public void CheckIfRestRequest_FormPost_WhenCSRFTokenIsValidButValuesAreMixedBetweenFormAndQuerystring_ThenTheHandlerShouldNotBeExecuted()
        {
            var doc = new XmlDocument();
            doc.LoadXml("<r><template id='a' mode='Server' /></r>");

            var validToken = "valid-token";

            var httpContextInfo = new HttpContextInfo(httpMethod: "POST");
            httpContextInfo.QueryString.Add("xtags-id", "a");
            httpContextInfo.Form.Add("xtags-token", validToken);

            httpContextInfo.Session("a", validToken);

            var isMethodCalled = false;

            var result =
                new xContext(httpContextInfo)
                    .Do(new LoadLibrary(doc))
                    .Do(new CreateTag("template"))
                    .DoFirst(x => x != null, new CheckIfRestRequest(onPost: (tag, isAjax) =>
                    {
                        isMethodCalled = true;
                    }), new RenderHtml());

            var responseText = result.ResponseText.ToString();
            Assert.AreEqual(responseText, "<div id='a'></div>");
            Assert.AreEqual(result.ContentType, "text/html");
            Assert.IsFalse(isMethodCalled);
        }
예제 #16
0
        public void CheckIfRestRequest_FormPost_WhenAjaxCSRFTokenIsValid_ThenGetRequestShouldBeAjax()
        {
            var doc = new XmlDocument();
            doc.LoadXml("<r><template id='a' mode='Server' /></r>");

            var validToken = "valid-token";

            var httpContextInfo = new HttpContextInfo(httpMethod: "POST");
            httpContextInfo.QueryString.Add("xtags-id", "a");
            httpContextInfo.Form.Add("xtags-token", validToken);

            httpContextInfo.Session("a", validToken);

            var result =
                new xContext(httpContextInfo)
                    .Do(new LoadLibrary(doc))
                    .Do(new CreateTag("template"))
                    .DoFirst(x => x != null, new CheckIfRestRequest(onPost: (context, isAjax) =>
                    {
                        Assert.IsFalse(isAjax);
                        Assert.AreEqual(context.xTag.Id, "a");
                    }), new RenderHtml());

            var responseText = result.ResponseText.ToString();
            Assert.AreEqual(responseText, "<div id='a'></div>");
            Assert.AreEqual(result.ContentType, "text/html");
        }
예제 #17
0
        public void RenderHtml_WhenUriWithTilde_ThenCheckIfLoadsTheFile()
        {
            const string xmlTemplate =
                "<?xml version=\"1.0\"?><r><template id=\"a\"><data type=\"text/javascript-events\" src=\"~/file.xml\" /></template></r>";

            var doc = new XmlDocument();
            doc.LoadXml(xmlTemplate);
            using (var writer = new XmlTextWriter("file.xml", null))
            {
                writer.Formatting = Formatting.None;
                doc.Save(writer);
            }

            var result =
                new xContext(new HttpContextInfo()).Do(new LoadLibrary(doc))
                                                   .Do(new CreateTag("template"));

            var responseText = result.Do(new RenderHtml()).ResponseText.ToString();
            Assert.AreEqual(responseText, "<div id='a'></div>");
            Assert.AreEqual(result.xTag.EventsData, xmlTemplate);
        }
예제 #18
0
        public void CheckIfRestRequest_Session_WhenAjaxHasCallback_ThenJsonpResponseRendered()
        {
            var doc = new XmlDocument();
            doc.LoadXml("<r><template id='a' mode='Server' /></r>");

            var validToken = "valid-token";

            var httpContextInfo = new HttpContextInfo();
            httpContextInfo.QueryString.Add("xtags-xajax", "xtags-xajax");
            httpContextInfo.QueryString.Add("xtags-http-method", "GET");
            httpContextInfo.QueryString.Add("xtags-id", "a");
            httpContextInfo.QueryString.Add("xtags-token", validToken);
            httpContextInfo.QueryString.Add("callback", "callbackMethod");

            httpContextInfo.Session("a", validToken);

            var result =
                new xContext(httpContextInfo)
                    .Do(new LoadLibrary(doc))
                    .Do(new CreateTag("template"))
                    .DoFirst(x => x != null, new CheckIfRestRequest(onGet: (context, isAjax) =>
                    {
                        Assert.IsTrue(isAjax);
                        Assert.AreEqual(context.xTag.Id, "a");
                    }), new RenderHtml())
                    .Do(new RenderJsonpIfRequested());

            var responseText = result.ResponseText.ToString();

            Assert.IsTrue(responseText.StartsWith("callbackMethod(\"(function(){"));
            Assert.IsTrue(responseText.Contains("'a'"));
            Assert.IsTrue(responseText.Contains("'" + httpContextInfo.PageUri() + "'"));
            Assert.IsTrue(responseText.EndsWith("})();\");"));
            Assert.AreEqual(result.ContentType, "text/javascript");
        }
예제 #19
0
        public void CheckIfRestRequest_WhenAjaxSentWithoutCSRFTokenWhenCSRFIsDisabled_ThenNormalAjaxRequest()
        {
            var doc = new XmlDocument();
            doc.LoadXml("<r><template id='b' mode='Server' /></r>");

            var httpContextInfo = new HttpContextInfo();
            httpContextInfo.QueryString.Add("xtags-xajax", "xtags-xajax");
            httpContextInfo.QueryString.Add("xtags-http-method", "GET");
            httpContextInfo.QueryString.Add("xtags-id", "b");

            var result =
                new xContext(httpContextInfo)
                    .Do(new LoadLibrary(doc))
                    .Do(new CreateTag("template"))
                    .DoFirst(x => x != null, new CheckIfRestRequest(onGet: (context, isAjax) =>
                    {
                        Assert.IsTrue(isAjax);
                        Assert.AreEqual(context.xTag.Id, "b");
                    }, csrfProtectionEnabled: false), new RenderHtml());

            Assert.AreEqual(result.ContentType, "text/plain");
            Assert.IsNull(httpContextInfo.Session("b"));
            Assert.IsNull(result.ResponseCookies["b"]);
        }
예제 #20
0
        public void CheckIfRestRequest_Session_WhenAjaxIsValidValuesOnlyRequest_ThenJsonResponseRendered()
        {
            var doc = new XmlDocument();
            doc.LoadXml("<r><template id='a' mode='Server' /></r>");

            var validToken = "valid-token";

            var httpContextInfo = new HttpContextInfo();
            httpContextInfo.QueryString.Add("xtags-xajax", "xtags-xajax");
            httpContextInfo.QueryString.Add("xtags-http-method", "GET");
            httpContextInfo.QueryString.Add("xtags-id", "a");
            httpContextInfo.QueryString.Add("xtags-token", validToken);
            httpContextInfo.QueryString.Add("callback", "callbackMethod");
            httpContextInfo.QueryString.Add("xtags-values-only", "xtags-values-only");

            httpContextInfo.Session("a", validToken);

            var result =
                new xContext(httpContextInfo)
                    .Do(new LoadLibrary(doc))
                    .Do(new CreateTag("template"))
                    .DoFirst(x => x != null, new CheckIfRestRequest(onGet: (context, isAjax) =>
                    {
                        Assert.IsTrue(isAjax);
                        Assert.AreEqual(context.xTag.Id, "a");
                    }), new RenderHtml());

            var responseText = result.ResponseText.ToString();
            var json = JsonConvert.DeserializeObject(responseText);
            Assert.AreEqual(result.ContentType, "text/plain");
        }
예제 #21
0
        public void CheckIfRestRequest_Cookie_WhenAjaxCSRFTokenIsValid_ThenGetRequestShouldBeAjax()
        {
            var doc = new XmlDocument();
            doc.LoadXml("<r><template id='a' mode='Server' /></r>");

            var validToken = "valid-token";

            var httpContextInfo = new HttpContextInfo();
            httpContextInfo.QueryString.Add("xtags-xajax", "xtags-xajax");
            httpContextInfo.QueryString.Add("xtags-http-method", "GET");
            httpContextInfo.QueryString.Add("xtags-id", "a");
            httpContextInfo.QueryString.Add("xtags-token", validToken);

            httpContextInfo.Cookies.Add(new HttpCookie("a"));
            httpContextInfo.Cookies["a"].Value = validToken;

            var result =
                new xContext(httpContextInfo)
                    .Do(new LoadLibrary(doc))
                    .Do(new CreateTag("template"))
                    .DoFirst(x => x != null, new CheckIfRestRequest(onGet: (context, isAjax) =>
                    {
                        Assert.IsTrue(isAjax);
                        Assert.AreEqual(context.xTag.Id, "a");
                    }, useCsrfCookies: true), new RenderHtml());

            var responseText = result.ResponseText.ToString();

            Assert.IsTrue(responseText.StartsWith("(function(){"));
            Assert.IsTrue(responseText.Contains("'a'"));
            Assert.IsTrue(responseText.Contains("'" + httpContextInfo.PageUri() + "'"));
            Assert.IsTrue(responseText.EndsWith("})();"));
            Assert.AreEqual(result.ContentType, "text/plain");
        }
예제 #22
0
        public void CheckIfRestRequest_WhenRequestBeenSendForNotAServerTemplate_ThenNormaHtmlShouldBeProcessed()
        {
            var doc = new XmlDocument();
            doc.LoadXml("<r><template id='a' /></r>");

            var httpContextInfo = new HttpContextInfo();
            httpContextInfo.QueryString.Add("xtags-xajax", "xtags-xajax");
            httpContextInfo.QueryString.Add("xtags-http-method", "GET");
            httpContextInfo.QueryString.Add("xtags-id", "a");

            var result =
                new xContext(httpContextInfo)
                    .Do(new LoadLibrary(doc))
                    .Do(new CreateTag("template"))
                    .DoFirst(x => x != null, new CheckIfRestRequest(), new RenderHtml());

            var responseText = result.ResponseText.ToString();
            Assert.AreEqual(responseText, "<div id='a'></div>");
        }
예제 #23
0
        public void RenderPageHeadCss_WhenOneTagTemplate_ThenClickjackingButNoStyleTagIsRendered()
        {
            var doc = new XmlDocument();
            doc.LoadXml("<r><template id='a' /></r>");

            var result =
                new xContext().Do(new LoadLibrary(doc))
                              .Do(new CreateTag("template"))
                              .Parent
                              .Do(new RenderPageHeadCss());

            var responseText = result.ResponseText.ToString();
            // Clickjacking
            Assert.IsNotNull(result.ResponseHeaders["X-Frame-Options"]);
            Assert.IsTrue(responseText.Contains("top.location.replace(self.location.href);"));
            // Does not contain style
            Assert.IsFalse(responseText.Contains("<style"));
        }
예제 #24
0
        public void RenderPageBodyCss_WhenOneTagTemplate_ThenNoStyleTagIsRendered()
        {
            var doc = new XmlDocument();
            doc.LoadXml("<r><template id='a' /></r>");

            var result =
                new xContext().Do(new LoadLibrary(doc))
                              .Do(new CreateTag("template"))
                              .Parent
                              .Do(new RenderPageBodyCss());

            // No garbage is rendered when having no styles
            Assert.IsTrue(string.IsNullOrEmpty(result.ResponseText.ToString()));
        }
예제 #25
0
        public void RenderPageBodyCssJsHtml_WhenOneTagTemplate_ThenDivIsRenderedInHtmlCssJavascript()
        {
            var doc = new XmlDocument();
            doc.LoadXml("<r><template id='a' /></r>");

            var result =
                new xContext().Do(new LoadLibrary(doc))
                              .Do(new CreateTag("template"))
                              .Do(new RenderPageBodyCssJsHtml());

            var responseText = result.ResponseText.ToString();
            // Structural elements
            Assert.IsTrue(responseText.Contains("<div id='a'></div>"));
            // Javascript Libraries
            Assert.IsTrue(responseText.Contains(RenderPageJavascript.jQueryUri));
            Assert.IsTrue(responseText.Contains(RenderPageJavascript.xTagUri));
            // No style
            Assert.IsFalse(responseText.Contains("<style"));
        }
예제 #26
0
        public void Databind_WhenBoundToXml_ThenChildNodesHaveTheCorrectText()
        {
            var doc = new XmlDocument();
            doc.LoadXml("<r><template id='a' datasource='/r/a'><span>#{this.Text()}</span></template></r>");

            var dataDoc = new XmlDocument();
            dataDoc.LoadXml("<r> <a>1</a> <a>2</a> <a>3</a> </r>");

            var result =
                new xContext().Do(new LoadLibrary(doc))
                              .Do(new CreateTag("template"))
                              .Do(new Databind(dataDoc));

            Assert.AreEqual(result.xTag.Children.Count, 3);
            Assert.AreEqual(result.xTag.Children[0].Children[0].Text, "1");
            Assert.AreEqual(result.xTag.Children[1].Children[0].Text, "2");
            Assert.AreEqual(result.xTag.Children[2].Children[0].Text, "3");
        }
예제 #27
0
        public void CheckIfRestRequest_FormGet_WhenAjaxCSRFTokenInvalid_ThenServerGetIsNotRequestedAndJustRenderResponse()
        {
            var doc = new XmlDocument();
            doc.LoadXml("<r><template id='a' mode='Server' /></r>");

            var validToken = "valid-token";

            var httpContextInfo = new HttpContextInfo();
            httpContextInfo.QueryString.Add("xtags-http-method", "GET");
            httpContextInfo.QueryString.Add("xtags-id", "a");
            httpContextInfo.QueryString.Add("xtags-token", validToken);

            httpContextInfo.Session("a", "invalid-token");

            var isMethodCalled = false;

            var result =
                new xContext(httpContextInfo)
                    .Do(new LoadLibrary(doc))
                    .Do(new CreateTag("template"))
                    .DoFirst(x => x != null, new CheckIfRestRequest(onGet: (tag, isAjax) =>
                    {
                        isMethodCalled = true;
                    }), new RenderHtml());

            var responseText = result.ResponseText.ToString();
            Assert.AreEqual(responseText, "<div id='a'></div>");
            Assert.AreEqual(result.ContentType, "text/html");
            Assert.IsFalse(isMethodCalled);
        }