public async Task Cors_HttpContext_PolicyNotFound()
{
var cpp = new SnCorsPolicyProvider(null);
var hc = new DefaultHttpContext();
// no origin header
Assert.IsNull(await cpp.GetPolicyAsync(hc, "sensenet"));
// no policy name
hc = new DefaultHttpContext();
hc.Request.Headers.Add("Origin", "abc");
Assert.IsNull(await cpp.GetPolicyAsync(hc, null));
// unknown policy name
Assert.IsNull(await cpp.GetPolicyAsync(hc, "other"));
}
public async Task Cors_HttpContext_PolicyFound()
{
await Test(async() =>
{
// default settings support localhost and sensenet.com
var p = await AssertOriginPrivate("localhost", true);
Assert.IsTrue(p.SupportsCredentials);
p = await AssertOriginPrivate("localhost:123", true);
Assert.IsTrue(p.SupportsCredentials);
p = await AssertOriginPrivate("example.sensenet.com", true);
Assert.IsTrue(p.SupportsCredentials);
await AssertOriginPrivate("sensenet.com", false);
await AssertOriginPrivate("example.com", false);
});
async Task <CorsPolicy> AssertOriginPrivate(string origin, bool expected)
{
var cpp = new SnCorsPolicyProvider(null);
var context = new DefaultHttpContext();
context.Request.Headers["Origin"] = origin;
var p = await cpp.GetPolicyAsync(context, SnCorsPolicyProvider.DefaultSenseNetCorsPolicyName);
Assert.AreEqual(expected, p.Origins.Contains(origin));
return(p);
}
}
public async Task Cors_HttpContext_PolicyFound()
{
await Test(async() =>
{
// set allowed domains for test
var setting = await Node.LoadAsync <Settings>(
RepositoryPath.Combine(Repository.SettingsFolderPath, "Portal.settings"), CancellationToken.None);
var currentSettingText = RepositoryTools.GetStreamString(setting.Binary.GetStream());
var newSettingText = EditJson(currentSettingText, @"
{
""AllowedOriginDomains"": [
""localhost:*"",
""*.sensenet.com""
]
}
");
setting.Binary.SetStream(RepositoryTools.GetStreamFromString(newSettingText));
setting.Save(SavingMode.KeepVersion);
// default settings support localhost and sensenet.com
var p = await AssertOriginPrivate("localhost", true);
Assert.IsTrue(p.SupportsCredentials);
p = await AssertOriginPrivate("localhost:123", true);
Assert.IsTrue(p.SupportsCredentials);
p = await AssertOriginPrivate("example.sensenet.com", true);
Assert.IsTrue(p.SupportsCredentials);
await AssertOriginPrivate("sensenet.com", false);
await AssertOriginPrivate("example.com", false);
});
async Task <CorsPolicy> AssertOriginPrivate(string origin, bool expected)
{
var cpp = new SnCorsPolicyProvider(null);
var context = new DefaultHttpContext();
context.Request.Headers["Origin"] = origin;
var p = await cpp.GetPolicyAsync(context, SnCorsPolicyProvider.DefaultSenseNetCorsPolicyName);
Assert.AreEqual(expected, p.Origins.Contains(origin));
return(p);
}
}
