public void CheckIfRestRequest_Cookies_WhenAjaxCSRFTokenInvalid_ThenTokenShouldBeSentFirst() { var doc = new XmlDocument(); doc.LoadXml("<r><template id='a' mode='Server' /></r>"); var httpContextInfo = new HttpContextInfo(); httpContextInfo.QueryString.Add("xtags-xajax", "xtags-xajax"); httpContextInfo.QueryString.Add("xtags-http-method", "GET"); httpContextInfo.QueryString.Add("xtags-id", "a"); httpContextInfo.QueryString.Add("xtags-token", "Invalid token"); httpContextInfo.Cookies.Add(new HttpCookie("a")); httpContextInfo.Cookies["a"].Value = "Invalid"; var result = new xContext(httpContextInfo) .Do(new LoadLibrary(doc)) .Do(new CreateTag("template")) .DoFirst(x => x != null, new CheckIfRestRequest(onGet: EmptyGetHandler, useCsrfCookies: true), new RenderHtml()); var responseText = result.ResponseText.ToString(); Assert.IsTrue(responseText.StartsWith("{\"xtags-renew-token\":\"")); Assert.IsTrue(responseText.EndsWith("\"}")); Assert.AreEqual(result.ContentType, "text/plain"); Assert.AreEqual(result.ResponseCookies["a"].Value, responseText.Replace("{\"xtags-renew-token\":\"", string.Empty).Replace("\"}", string.Empty)); }
public void FixPathToFileOrHttpPath_WhenNoHttpContextButNoTilde_ThenReturnsBasedOnAbsoluteApplicationPath() { var link = "/somewhere/else"; var xContext = new xContext(new HttpContextInfo()); var transformedLink = xContext.FixPathToFileOrHttpPath(link); Assert.AreEqual("/somewhere/else", transformedLink); }
public void FixPathToFileOrHttpPath_WhenNoHttpContext_ThenReturnsBasedOnAbsoluteApplicationPath() { var link = "~/somewhere/else"; var xContext = new xContext(new HttpContextInfo()); var transformedLink = xContext.FixPathToFileOrHttpPath(link); Assert.AreEqual(AppDomain.CurrentDomain.BaseDirectory + "\\somewhere\\else", transformedLink); }
public void FixPathToWebPath_WhenNoHttpContext_ThenReturnsBasedOnAbsoluteApplicationPath() { var link = "~/somewhere/else"; var xContext = new xContext(new HttpContextInfo()); var transformedLink = xContext.FixPathToWebPath(link); Assert.IsTrue(transformedLink.StartsWith("/")); Assert.IsTrue(transformedLink.EndsWith("/somewhere/else")); }
public void Databind_WhenBoundToArray_ThenNodesAreTheSameNumber() { var doc = new XmlDocument(); doc.LoadXml("<r><template id='a'><span /></template></r>"); var result = new xContext().Do(new LoadLibrary(doc)) .Do(new CreateTag("template")) .Do(new Databind(new[] { "One", "Two", "Three" })); Assert.AreEqual(result.xTag.Children.Count, 3); }
public void RenderOfflineManifest_WhenNoLibraryIsRendered_ThenItHasAnEmptyManifest() { var doc = new XmlDocument(); doc.LoadXml("<r><template id='a'><span /></template></r>"); var result = new xContext(new HttpContextInfo()) .Do(new RenderOfflineManifest(new string[0])); var resultText = result.ResponseText.ToString(); Assert.AreEqual(result.ContentType, "text/cache-manifest"); Assert.IsTrue(resultText.StartsWith("CACHE MANIFEST\n# Last-modified:")); }
public void RenderHtml_WhenLcidIsSetOnHtmlTag_ThenLanguageIsRenderedOnHtml() { var doc = new XmlDocument(); doc.LoadXml("<r><template tag='html' /></r>"); var result = new xContext().Do(new LoadLibrary(doc)) .Do(new CreateTag("template", lcid: 1033)) .Do(new RenderHtml()); // Structural elements Assert.IsTrue(result.ResponseText.ToString().Contains("<html lang='en'")); }
public void RenderHtml_WhenNoHttpContext_ThenCheckIfRestRequestReturnsNull() { var doc = new XmlDocument(); doc.LoadXml("<r><template id='a' /></r>"); var result = new xContext().Do(new LoadLibrary(doc)) .Do(new CreateTag("template")) .DoFirst(x => x != null, new CheckIfRestRequest(), new RenderHtml()); var responseText = result.ResponseText.ToString(); Assert.AreEqual(responseText, "<div id='a'></div>"); }
public void RenderHtml_WhenOneTagTemplate_ThenDivIsRenderedAsHtml() { var doc = new XmlDocument(); doc.LoadXml("<r><template id='a' /></r>"); var result = new xContext().Do(new LoadLibrary(doc)) .Do(new CreateTag("template")) .Do(new RenderHtml()); // Structural elements Assert.AreEqual(result.ResponseText.ToString(), "<div id='a'></div>"); }
public void Databind_WhenBoundToObjectFromJsonAndDataboundToProperty_ThenNodesHaveTheText() { var doc = new XmlDocument(); doc.LoadXml("<r><template id='a'><span>#{this.data()}</span></template></r>"); var boundObject = JsonConvert.DeserializeObject("{ data:'One' }"); var result = new xContext().Do(new LoadLibrary(doc)) .Do(new CreateTag("template")) .Do(new Databind(boundObject)); Assert.AreEqual(1, result.xTag.Children.Count); Assert.AreEqual("One", result.xTag.Children[0].Children[0].Text); }
public void SaveTag_Session_WhenTagIsSaved_ThenIsLoadedAgain() { var doc = new XmlDocument(); doc.LoadXml("<r><template id='a' modetype='session'><data type='text/name-value' name='test'><![CDATA[starting value]]></data></template></r>"); var persistedValue = "New value"; var httpContextInfo = new HttpContextInfo(); var xTagContext = new xContext(httpContextInfo).Do(new LoadLibrary(doc)).Do(new CreateTag("template")); xTagContext.xTag.Data["test"] = persistedValue; xTagContext.Do(new SaveTag()); var xTagContext2 = new xContext(httpContextInfo).Do(new LoadLibrary(doc)).Do(new CreateTag("template")).Do(new LoadTag()); Assert.AreEqual(xTagContext2.xTag.Data["test"], persistedValue); }
public void Databind_WhenBoundToArrayOfObjectsAndDataboundToProperty_ThenNodesHaveTheText() { var doc = new XmlDocument(); doc.LoadXml("<r><template id='a'><span>#{this.data()}</span></template></r>"); object boundObject = new[] { new { data = "One" }, new { data = "Two" }, new { data = "Three" } }; var result = new xContext().Do(new LoadLibrary(doc)) .Do(new CreateTag("template")) .Do(new Databind(boundObject)); Assert.AreEqual(result.xTag.Children.Count, 3); Assert.AreEqual(result.xTag.Children[0].Children[0].Text, "One"); Assert.AreEqual(result.xTag.Children[1].Children[0].Text, "Two"); Assert.AreEqual(result.xTag.Children[2].Children[0].Text, "Three"); }
public void RenderHtml_WhenHtmlTemplate_ThenHasHtmlTextOnOutput() { var doc = new XmlDocument(); doc.LoadXml("<r><template tag='html'><head /><body /></template></r>"); var result = new xContext().Do(new LoadLibrary(doc)) .Do(new CreateTag("template")) .Do(new RenderHtml()); var responseText = result.ResponseText.ToString(); // Structural elements Assert.IsTrue(responseText.Contains("<html><head>")); Assert.IsTrue(responseText.Contains("</head><body id='__body'>")); Assert.IsTrue(responseText.Contains("</body>")); // Clickjacking Assert.IsNotNull(result.ResponseHeaders["X-Frame-Options"]); Assert.IsTrue(responseText.Contains("top.location.replace(self.location.href);")); // Javascript Libraries Assert.IsTrue(responseText.Contains(RenderPageJavascript.jQueryUri)); Assert.IsTrue(responseText.Contains(RenderPageJavascript.xTagUri)); // No style Assert.IsFalse(responseText.Contains("<style")); }
public void Datasource_WhenBoundToArrayOfObjectsAndADatasourceIsIncluded_ThenNodeHaveTheText() { var doc = new XmlDocument(); doc.LoadXml("<r><template id='a'><span>Not bound</span><span datasource='BoundSource'><span>#{this.data()}</span></span></template></r>"); object boundObject = new { BoundSource = new { data = "One" } }; var result = new xContext().Do(new LoadLibrary(doc)) .Do(new CreateTag("template")) .Do(new Databind(boundObject)); Assert.AreEqual(2, result.xTag.Children.Count); Assert.AreEqual(1, result.xTag.Children[1].Children.Count); Assert.AreEqual(1, result.xTag.Children[1].Children[0].Children.Count); Assert.AreEqual("One", result.xTag.Children[1].Children[0].Children[0].Text); }
public void CheckIfRestRequest_FormPost_WhenCSRFTokenIsValidButValuesAreMixedBetweenFormAndQuerystring_ThenTheHandlerShouldNotBeExecuted() { var doc = new XmlDocument(); doc.LoadXml("<r><template id='a' mode='Server' /></r>"); var validToken = "valid-token"; var httpContextInfo = new HttpContextInfo(httpMethod: "POST"); httpContextInfo.QueryString.Add("xtags-id", "a"); httpContextInfo.Form.Add("xtags-token", validToken); httpContextInfo.Session("a", validToken); var isMethodCalled = false; var result = new xContext(httpContextInfo) .Do(new LoadLibrary(doc)) .Do(new CreateTag("template")) .DoFirst(x => x != null, new CheckIfRestRequest(onPost: (tag, isAjax) => { isMethodCalled = true; }), new RenderHtml()); var responseText = result.ResponseText.ToString(); Assert.AreEqual(responseText, "<div id='a'></div>"); Assert.AreEqual(result.ContentType, "text/html"); Assert.IsFalse(isMethodCalled); }
public void CheckIfRestRequest_FormPost_WhenAjaxCSRFTokenIsValid_ThenGetRequestShouldBeAjax() { var doc = new XmlDocument(); doc.LoadXml("<r><template id='a' mode='Server' /></r>"); var validToken = "valid-token"; var httpContextInfo = new HttpContextInfo(httpMethod: "POST"); httpContextInfo.QueryString.Add("xtags-id", "a"); httpContextInfo.Form.Add("xtags-token", validToken); httpContextInfo.Session("a", validToken); var result = new xContext(httpContextInfo) .Do(new LoadLibrary(doc)) .Do(new CreateTag("template")) .DoFirst(x => x != null, new CheckIfRestRequest(onPost: (context, isAjax) => { Assert.IsFalse(isAjax); Assert.AreEqual(context.xTag.Id, "a"); }), new RenderHtml()); var responseText = result.ResponseText.ToString(); Assert.AreEqual(responseText, "<div id='a'></div>"); Assert.AreEqual(result.ContentType, "text/html"); }
public void RenderHtml_WhenUriWithTilde_ThenCheckIfLoadsTheFile() { const string xmlTemplate = "<?xml version=\"1.0\"?><r><template id=\"a\"><data type=\"text/javascript-events\" src=\"~/file.xml\" /></template></r>"; var doc = new XmlDocument(); doc.LoadXml(xmlTemplate); using (var writer = new XmlTextWriter("file.xml", null)) { writer.Formatting = Formatting.None; doc.Save(writer); } var result = new xContext(new HttpContextInfo()).Do(new LoadLibrary(doc)) .Do(new CreateTag("template")); var responseText = result.Do(new RenderHtml()).ResponseText.ToString(); Assert.AreEqual(responseText, "<div id='a'></div>"); Assert.AreEqual(result.xTag.EventsData, xmlTemplate); }
public void CheckIfRestRequest_Session_WhenAjaxHasCallback_ThenJsonpResponseRendered() { var doc = new XmlDocument(); doc.LoadXml("<r><template id='a' mode='Server' /></r>"); var validToken = "valid-token"; var httpContextInfo = new HttpContextInfo(); httpContextInfo.QueryString.Add("xtags-xajax", "xtags-xajax"); httpContextInfo.QueryString.Add("xtags-http-method", "GET"); httpContextInfo.QueryString.Add("xtags-id", "a"); httpContextInfo.QueryString.Add("xtags-token", validToken); httpContextInfo.QueryString.Add("callback", "callbackMethod"); httpContextInfo.Session("a", validToken); var result = new xContext(httpContextInfo) .Do(new LoadLibrary(doc)) .Do(new CreateTag("template")) .DoFirst(x => x != null, new CheckIfRestRequest(onGet: (context, isAjax) => { Assert.IsTrue(isAjax); Assert.AreEqual(context.xTag.Id, "a"); }), new RenderHtml()) .Do(new RenderJsonpIfRequested()); var responseText = result.ResponseText.ToString(); Assert.IsTrue(responseText.StartsWith("callbackMethod(\"(function(){")); Assert.IsTrue(responseText.Contains("'a'")); Assert.IsTrue(responseText.Contains("'" + httpContextInfo.PageUri() + "'")); Assert.IsTrue(responseText.EndsWith("})();\");")); Assert.AreEqual(result.ContentType, "text/javascript"); }
public void CheckIfRestRequest_WhenAjaxSentWithoutCSRFTokenWhenCSRFIsDisabled_ThenNormalAjaxRequest() { var doc = new XmlDocument(); doc.LoadXml("<r><template id='b' mode='Server' /></r>"); var httpContextInfo = new HttpContextInfo(); httpContextInfo.QueryString.Add("xtags-xajax", "xtags-xajax"); httpContextInfo.QueryString.Add("xtags-http-method", "GET"); httpContextInfo.QueryString.Add("xtags-id", "b"); var result = new xContext(httpContextInfo) .Do(new LoadLibrary(doc)) .Do(new CreateTag("template")) .DoFirst(x => x != null, new CheckIfRestRequest(onGet: (context, isAjax) => { Assert.IsTrue(isAjax); Assert.AreEqual(context.xTag.Id, "b"); }, csrfProtectionEnabled: false), new RenderHtml()); Assert.AreEqual(result.ContentType, "text/plain"); Assert.IsNull(httpContextInfo.Session("b")); Assert.IsNull(result.ResponseCookies["b"]); }
public void CheckIfRestRequest_Session_WhenAjaxIsValidValuesOnlyRequest_ThenJsonResponseRendered() { var doc = new XmlDocument(); doc.LoadXml("<r><template id='a' mode='Server' /></r>"); var validToken = "valid-token"; var httpContextInfo = new HttpContextInfo(); httpContextInfo.QueryString.Add("xtags-xajax", "xtags-xajax"); httpContextInfo.QueryString.Add("xtags-http-method", "GET"); httpContextInfo.QueryString.Add("xtags-id", "a"); httpContextInfo.QueryString.Add("xtags-token", validToken); httpContextInfo.QueryString.Add("callback", "callbackMethod"); httpContextInfo.QueryString.Add("xtags-values-only", "xtags-values-only"); httpContextInfo.Session("a", validToken); var result = new xContext(httpContextInfo) .Do(new LoadLibrary(doc)) .Do(new CreateTag("template")) .DoFirst(x => x != null, new CheckIfRestRequest(onGet: (context, isAjax) => { Assert.IsTrue(isAjax); Assert.AreEqual(context.xTag.Id, "a"); }), new RenderHtml()); var responseText = result.ResponseText.ToString(); var json = JsonConvert.DeserializeObject(responseText); Assert.AreEqual(result.ContentType, "text/plain"); }
public void CheckIfRestRequest_Cookie_WhenAjaxCSRFTokenIsValid_ThenGetRequestShouldBeAjax() { var doc = new XmlDocument(); doc.LoadXml("<r><template id='a' mode='Server' /></r>"); var validToken = "valid-token"; var httpContextInfo = new HttpContextInfo(); httpContextInfo.QueryString.Add("xtags-xajax", "xtags-xajax"); httpContextInfo.QueryString.Add("xtags-http-method", "GET"); httpContextInfo.QueryString.Add("xtags-id", "a"); httpContextInfo.QueryString.Add("xtags-token", validToken); httpContextInfo.Cookies.Add(new HttpCookie("a")); httpContextInfo.Cookies["a"].Value = validToken; var result = new xContext(httpContextInfo) .Do(new LoadLibrary(doc)) .Do(new CreateTag("template")) .DoFirst(x => x != null, new CheckIfRestRequest(onGet: (context, isAjax) => { Assert.IsTrue(isAjax); Assert.AreEqual(context.xTag.Id, "a"); }, useCsrfCookies: true), new RenderHtml()); var responseText = result.ResponseText.ToString(); Assert.IsTrue(responseText.StartsWith("(function(){")); Assert.IsTrue(responseText.Contains("'a'")); Assert.IsTrue(responseText.Contains("'" + httpContextInfo.PageUri() + "'")); Assert.IsTrue(responseText.EndsWith("})();")); Assert.AreEqual(result.ContentType, "text/plain"); }
public void CheckIfRestRequest_WhenRequestBeenSendForNotAServerTemplate_ThenNormaHtmlShouldBeProcessed() { var doc = new XmlDocument(); doc.LoadXml("<r><template id='a' /></r>"); var httpContextInfo = new HttpContextInfo(); httpContextInfo.QueryString.Add("xtags-xajax", "xtags-xajax"); httpContextInfo.QueryString.Add("xtags-http-method", "GET"); httpContextInfo.QueryString.Add("xtags-id", "a"); var result = new xContext(httpContextInfo) .Do(new LoadLibrary(doc)) .Do(new CreateTag("template")) .DoFirst(x => x != null, new CheckIfRestRequest(), new RenderHtml()); var responseText = result.ResponseText.ToString(); Assert.AreEqual(responseText, "<div id='a'></div>"); }
public void RenderPageHeadCss_WhenOneTagTemplate_ThenClickjackingButNoStyleTagIsRendered() { var doc = new XmlDocument(); doc.LoadXml("<r><template id='a' /></r>"); var result = new xContext().Do(new LoadLibrary(doc)) .Do(new CreateTag("template")) .Parent .Do(new RenderPageHeadCss()); var responseText = result.ResponseText.ToString(); // Clickjacking Assert.IsNotNull(result.ResponseHeaders["X-Frame-Options"]); Assert.IsTrue(responseText.Contains("top.location.replace(self.location.href);")); // Does not contain style Assert.IsFalse(responseText.Contains("<style")); }
public void RenderPageBodyCss_WhenOneTagTemplate_ThenNoStyleTagIsRendered() { var doc = new XmlDocument(); doc.LoadXml("<r><template id='a' /></r>"); var result = new xContext().Do(new LoadLibrary(doc)) .Do(new CreateTag("template")) .Parent .Do(new RenderPageBodyCss()); // No garbage is rendered when having no styles Assert.IsTrue(string.IsNullOrEmpty(result.ResponseText.ToString())); }
public void RenderPageBodyCssJsHtml_WhenOneTagTemplate_ThenDivIsRenderedInHtmlCssJavascript() { var doc = new XmlDocument(); doc.LoadXml("<r><template id='a' /></r>"); var result = new xContext().Do(new LoadLibrary(doc)) .Do(new CreateTag("template")) .Do(new RenderPageBodyCssJsHtml()); var responseText = result.ResponseText.ToString(); // Structural elements Assert.IsTrue(responseText.Contains("<div id='a'></div>")); // Javascript Libraries Assert.IsTrue(responseText.Contains(RenderPageJavascript.jQueryUri)); Assert.IsTrue(responseText.Contains(RenderPageJavascript.xTagUri)); // No style Assert.IsFalse(responseText.Contains("<style")); }
public void Databind_WhenBoundToXml_ThenChildNodesHaveTheCorrectText() { var doc = new XmlDocument(); doc.LoadXml("<r><template id='a' datasource='/r/a'><span>#{this.Text()}</span></template></r>"); var dataDoc = new XmlDocument(); dataDoc.LoadXml("<r> <a>1</a> <a>2</a> <a>3</a> </r>"); var result = new xContext().Do(new LoadLibrary(doc)) .Do(new CreateTag("template")) .Do(new Databind(dataDoc)); Assert.AreEqual(result.xTag.Children.Count, 3); Assert.AreEqual(result.xTag.Children[0].Children[0].Text, "1"); Assert.AreEqual(result.xTag.Children[1].Children[0].Text, "2"); Assert.AreEqual(result.xTag.Children[2].Children[0].Text, "3"); }
public void CheckIfRestRequest_FormGet_WhenAjaxCSRFTokenInvalid_ThenServerGetIsNotRequestedAndJustRenderResponse() { var doc = new XmlDocument(); doc.LoadXml("<r><template id='a' mode='Server' /></r>"); var validToken = "valid-token"; var httpContextInfo = new HttpContextInfo(); httpContextInfo.QueryString.Add("xtags-http-method", "GET"); httpContextInfo.QueryString.Add("xtags-id", "a"); httpContextInfo.QueryString.Add("xtags-token", validToken); httpContextInfo.Session("a", "invalid-token"); var isMethodCalled = false; var result = new xContext(httpContextInfo) .Do(new LoadLibrary(doc)) .Do(new CreateTag("template")) .DoFirst(x => x != null, new CheckIfRestRequest(onGet: (tag, isAjax) => { isMethodCalled = true; }), new RenderHtml()); var responseText = result.ResponseText.ToString(); Assert.AreEqual(responseText, "<div id='a'></div>"); Assert.AreEqual(result.ContentType, "text/html"); Assert.IsFalse(isMethodCalled); }