Exemplo n.º 1
0
        public async Task PermissionsPolicyHeaderShouldBeAdded(string[] permissionsPolicies, string expectedValue)
        {
            // Arrange
            var options = new SecurityHeadersOptions
            {
                PermissionsPolicy = permissionsPolicies
            };
            var middleware = new SecurityHeadersMiddleware(options, Request);
            var context    = new DefaultHttpContext();

            // Act
            await middleware.Invoke(context);

            // Assert
            Assert.True(context.Response.Headers.ContainsKey(SecurityHeaderNames.PermissionsPolicy));
            Assert.Equal(expectedValue, context.Response.Headers[SecurityHeaderNames.PermissionsPolicy]);
        }
Exemplo n.º 2
0
        public async Task ContentTypeOptionsHeaderShouldBeAdded()
        {
            // Arrange
            var options = new SecurityHeadersOptions
            {
                ContentTypeOptions = ContentTypeOptionsValue.NoSniff
            };
            var middleware = new SecurityHeadersMiddleware(options, Request);
            var context    = new DefaultHttpContext();

            // Act
            await middleware.Invoke(context);

            // Assert
            Assert.True(context.Response.Headers.ContainsKey(SecurityHeaderNames.XContentTypeOptions));
            Assert.Equal(ContentTypeOptionsValue.NoSniff, context.Response.Headers[SecurityHeaderNames.XContentTypeOptions]);
        }