public async Task Invoke_hstsEnabled_AddsResponseHeaderWithCorrectValue() { bool nextInvoked = false; RequestDelegate next = (ctxt) => { nextInvoked = true; ctxt.Response.StatusCode = (int)HttpStatusCode.Accepted; return(Task.CompletedTask); }; var options = new HostHstsOptions() { IsEnabled = true, MaxAge = new TimeSpan(10, 0, 0, 0) }; var hstsOptions = new OptionsWrapper <HostHstsOptions>(options); var middleware = new HstsConfigurationMiddleware(hstsOptions); var httpContext = new DefaultHttpContext(); httpContext.Request.IsHttps = true; await middleware.Invoke(httpContext, next); Assert.True(nextInvoked); Assert.Equal(httpContext.Response.Headers["Strict-Transport-Security"].ToString(), "max-age=864000"); }
public void MissingOrValidHstsConfig_DoesNotThrowException(string hostJsonContent) { File.WriteAllText(_hostJsonFile, hostJsonContent); var configuration = BuildHostJsonConfiguration(); HostHstsOptionsSetup setup = new HostHstsOptionsSetup(configuration); HostHstsOptions options = new HostHstsOptions(); var ex = Record.Exception(() => setup.Configure(options)); Assert.Null(ex); }
public void ValidHstsConfig_BindsToOptions() { string hostJsonContent = @"{ 'version': '2.0', 'http': { 'hsts': { 'isEnabled': true, 'maxAge': '10' } } }"; File.WriteAllText(_hostJsonFile, hostJsonContent); var configuration = BuildHostJsonConfiguration(); HostHstsOptionsSetup setup = new HostHstsOptionsSetup(configuration); HostHstsOptions options = new HostHstsOptions(); setup.Configure(options); Assert.Equal(options.MaxAge, new TimeSpan(10, 0, 0, 0)); }