public void SetXXssProtectionHeader_NoOverride_DoesNothing()
{
var contextConfig = new XXssProtectionConfiguration();
_contextHelper.Setup(h => h.GetXXssProtectionConfiguration(It.IsAny <HttpContextBase>())).Returns(contextConfig);
_configurationOverrideHelper.Setup(h => h.GetXXssProtectionWithOverride(It.IsAny <HttpContextBase>())).Returns((XXssProtectionConfiguration)null);
_overrideHelper.SetXXssProtectionHeader(_mockContext);
_headerGenerator.Verify(g => g.CreateXXssProtectionResult(It.IsAny <XXssProtectionConfiguration>(), It.IsAny <XXssProtectionConfiguration>()), Times.Never);
_headerResultHandler.Verify(h => h.HandleHeaderResult(It.IsAny <HttpResponseBase>(), It.IsAny <HeaderResult>()), Times.Never);
}
public override void SetHttpHeadersOnActionExecuted(ActionExecutedContext filterContext)
{
_headerOverrideHelper.SetXXssProtectionHeader(filterContext.HttpContext);
}
