Exemplo n.º 1
0
        public void Constructor_WithPolicy_AddsTheGivenPolicy()
        {
            // Arrange
            var originalPolicy = new CorsPolicy();
            originalPolicy.Origins.Add("http://existing.com");
            originalPolicy.Headers.Add("Existing");
            originalPolicy.Methods.Add("GET");
            originalPolicy.ExposedHeaders.Add("ExistingExposed");
            originalPolicy.SupportsCredentials = true;
            originalPolicy.PreflightMaxAge = TimeSpan.FromSeconds(12);

            // Act
            var builder = new CorsPolicyBuilder(originalPolicy);

            // Assert
            var corsPolicy = builder.Build();

            Assert.False(corsPolicy.AllowAnyHeader);
            Assert.False(corsPolicy.AllowAnyMethod);
            Assert.False(corsPolicy.AllowAnyOrigin);
            Assert.True(corsPolicy.SupportsCredentials);
            Assert.NotSame(originalPolicy.Headers, corsPolicy.Headers);
            Assert.Equal(originalPolicy.Headers, corsPolicy.Headers);
            Assert.NotSame(originalPolicy.Methods, corsPolicy.Methods);
            Assert.Equal(originalPolicy.Methods, corsPolicy.Methods);
            Assert.NotSame(originalPolicy.Origins, corsPolicy.Origins);
            Assert.Equal(originalPolicy.Origins, corsPolicy.Origins);
            Assert.NotSame(originalPolicy.ExposedHeaders, corsPolicy.ExposedHeaders);
            Assert.Equal(originalPolicy.ExposedHeaders, corsPolicy.ExposedHeaders);
            Assert.Equal(TimeSpan.FromSeconds(12), corsPolicy.PreflightMaxAge);
        }
Exemplo n.º 2
0
        /// <summary>
        /// Adds a new policy.
        /// </summary>
        /// <param name="name">The name of the policy.</param>
        /// <param name="configurePolicy">A delegate which can use a policy builder to build a policy.</param>
        public void AddPolicy(string name, Action<CorsPolicyBuilder> configurePolicy)
        {
            if (name == null)
            {
                throw new ArgumentNullException(nameof(name));
            }

            if (configurePolicy == null)
            {
                throw new ArgumentNullException(nameof(configurePolicy));
            }

            var policyBuilder = new CorsPolicyBuilder();
            configurePolicy(policyBuilder);
            PolicyMap[name] = policyBuilder.Build();
        }
Exemplo n.º 3
0
        public void Constructor_WithNoOrigin()
        {
            // Arrange & Act
            var builder = new CorsPolicyBuilder();

            // Assert
            var corsPolicy = builder.Build();
            Assert.False(corsPolicy.AllowAnyHeader);
            Assert.False(corsPolicy.AllowAnyMethod);
            Assert.False(corsPolicy.AllowAnyOrigin);
            Assert.False(corsPolicy.SupportsCredentials);
            Assert.Empty(corsPolicy.ExposedHeaders);
            Assert.Empty(corsPolicy.Headers);
            Assert.Empty(corsPolicy.Methods);
            Assert.Empty(corsPolicy.Origins);
            Assert.Null(corsPolicy.PreflightMaxAge);
        }
Exemplo n.º 4
0
        /// <summary>
        /// Adds a CORS middleware to your web application pipeline to allow cross domain requests.
        /// </summary>
        /// <param name="app">The IApplicationBuilder passed to your Configure method.</param>
        /// <param name="configurePolicy">A delegate which can use a policy builder to build a policy.</param>
        /// <returns>The original app parameter</returns>
        public static IApplicationBuilder UseCors(
            this IApplicationBuilder app,
            Action<CorsPolicyBuilder> configurePolicy)
        {
            if (app == null)
            {
                throw new ArgumentNullException(nameof(app));
            }

            if (configurePolicy == null)
            {
                throw new ArgumentNullException(nameof(configurePolicy));
            }

            var policyBuilder = new CorsPolicyBuilder();
            configurePolicy(policyBuilder);
            return app.UseMiddleware<CorsMiddleware>(policyBuilder.Build());
        }
Exemplo n.º 5
0
        public void Constructor_WithParamsOrigin_InitializesOrigin(string origin)
        {
            // Arrange
            var origins = origin.Split(',');

            // Act
            var builder = new CorsPolicyBuilder(origins);

            // Assert
            var corsPolicy = builder.Build();
            Assert.False(corsPolicy.AllowAnyHeader);
            Assert.False(corsPolicy.AllowAnyMethod);
            Assert.False(corsPolicy.AllowAnyOrigin);
            Assert.False(corsPolicy.SupportsCredentials);
            Assert.Empty(corsPolicy.ExposedHeaders);
            Assert.Empty(corsPolicy.Headers);
            Assert.Empty(corsPolicy.Methods);
            Assert.Equal(origins.ToList(), corsPolicy.Origins);
            Assert.Null(corsPolicy.PreflightMaxAge);
        }
Exemplo n.º 6
0
        public void ConstructorWithPolicy_HavingNullPreflightMaxAge_AddsTheGivenPolicy()
        {
            // Arrange
            var originalPolicy = new CorsPolicy();
            originalPolicy.Origins.Add("http://existing.com");

            // Act
            var builder = new CorsPolicyBuilder(originalPolicy);

            // Assert
            var corsPolicy = builder.Build();

            Assert.Null(corsPolicy.PreflightMaxAge);
            Assert.False(corsPolicy.AllowAnyHeader);
            Assert.False(corsPolicy.AllowAnyMethod);
            Assert.False(corsPolicy.AllowAnyOrigin);
            Assert.NotSame(originalPolicy.Origins, corsPolicy.Origins);
            Assert.Equal(originalPolicy.Origins, corsPolicy.Origins);
            Assert.Empty(corsPolicy.Headers);
            Assert.Empty(corsPolicy.Methods);
            Assert.Empty(corsPolicy.ExposedHeaders);
        }
Exemplo n.º 7
0
        public void DisallowCredential_SetsSupportsCredentials_ToFalse()
        {
            // Arrange
            var builder = new CorsPolicyBuilder();

            // Act
            builder.DisallowCredentials();

            // Assert
            var corsPolicy = builder.Build();
            Assert.False(corsPolicy.SupportsCredentials);
        }
Exemplo n.º 8
0
        public void SetPreFlightMaxAge_SetsThePreFlightAge()
        {
            // Arrange
            var builder = new CorsPolicyBuilder();

            // Act
            builder.SetPreflightMaxAge(TimeSpan.FromSeconds(12));

            // Assert
            var corsPolicy = builder.Build();
            Assert.Equal(TimeSpan.FromSeconds(12), corsPolicy.PreflightMaxAge);
        }
Exemplo n.º 9
0
        public void WithExposedHeaders_AddsExposedHeaders()
        {
            // Arrange
            var builder = new CorsPolicyBuilder();

            // Act
            builder.WithExposedHeaders("exposed1", "exposed2");

            // Assert
            var corsPolicy = builder.Build();
            Assert.Equal(new List<string>() { "exposed1", "exposed2" }, corsPolicy.ExposedHeaders);
        }
Exemplo n.º 10
0
        public void AllowAnyHeaders_AllowsAny()
        {
            // Arrange
            var builder = new CorsPolicyBuilder();

            // Act
            builder.AllowAnyHeader();

            // Assert
            var corsPolicy = builder.Build();
            Assert.True(corsPolicy.AllowAnyHeader);
            Assert.Equal(new List<string>() { "*" }, corsPolicy.Headers);
        }
Exemplo n.º 11
0
        public void WithHeaders_AddsHeaders()
        {
            // Arrange
            var builder = new CorsPolicyBuilder();

            // Act
            builder.WithHeaders("example1", "example2");

            // Assert
            var corsPolicy = builder.Build();
            Assert.False(corsPolicy.AllowAnyHeader);
            Assert.Equal(new List<string>() { "example1", "example2" }, corsPolicy.Headers);
        }
Exemplo n.º 12
0
        public void WithMethods_AddsMethods()
        {
            // Arrange
            var builder = new CorsPolicyBuilder();

            // Act
            builder.WithMethods("PUT", "GET");

            // Assert
            var corsPolicy = builder.Build();
            Assert.False(corsPolicy.AllowAnyOrigin);
            Assert.Equal(new List<string>() { "PUT", "GET" }, corsPolicy.Methods);
        }
Exemplo n.º 13
0
        public void WithOrigins_AddsOrigins()
        {
            // Arrange
            var builder = new CorsPolicyBuilder();

            // Act
            builder.WithOrigins("http://example.com", "http://example2.com");

            // Assert
            var corsPolicy = builder.Build();
            Assert.False(corsPolicy.AllowAnyOrigin);
            Assert.Equal(new List<string>() { "http://example.com", "http://example2.com" }, corsPolicy.Origins);
        }
        private void ConfigureCors(IServiceCollection services)
        {
            // For this demo allow everything so we don't have to hastle around
            var corsBuilder = new CorsPolicyBuilder();
            corsBuilder.AllowAnyHeader();
            corsBuilder.AllowAnyMethod();
            corsBuilder.AllowAnyOrigin();
            corsBuilder.AllowCredentials();

            services.AddCors(options =>
            {
                options.AddPolicy(CORS_POLICY_NAME, corsBuilder.Build());
            });
        }