/// <summary> /// Deny access to any application page without user acknowledgment. /// </summary> public override void OnAuthorization(AuthorizationContext filterContext) { var context = filterContext.HttpContext; var request = filterContext.HttpContext.Request; // force acknowledgement if (request.Cookies[NoticeAndConsent] == null) { // redirect if return URL exists if (context.Response.Cookies[ReturnUrl] == null || string.IsNullOrWhiteSpace(context.Response.Cookies[ReturnUrl].Value)) { context.Response.SetCookie( HttpCookieFactory.Create( ReturnUrl, request.Url.PathAndQuery, secure: request.Url.Scheme.Equals("https") ) ); } // redirect to application home filterContext.Result = new RedirectToRouteResult( new RouteValueDictionary(new { controller = ControllerName, action = ActionName }) ); } }
public void Create_WithValueParameter_CookieSetsValue() { _cookie = HttpCookieFactory.Create(COOKIE_KEY, "my value"); CookieKeyExists(); Assert.Equal("my value", _cookie.Value); }
public void Create_WithoutValueParameter_CookieValueIsNull() { _cookie = HttpCookieFactory.Create(COOKIE_KEY); CookieKeyExists(); Assert.Null(_cookie.Value); }
public void Create_WithHttpOnlyAndSecureParameters_SetProperties() { _cookie = HttpCookieFactory.Create(COOKIE_KEY, httpOnly: false, secure: false); CookieKeyExists(); Assert.False(_cookie.HttpOnly); Assert.False(_cookie.Secure); }
public void Create_DefaultHttpOnlyAndSecureParameters_AreHttpOnlyAndSecure() { _cookie = HttpCookieFactory.Create(COOKIE_KEY); CookieKeyExists(); Assert.True(_cookie.HttpOnly); Assert.True(_cookie.Secure); }
public void Create_WithWhiteSpaceNameParameter_Throws() { var exception = Assert.Throws <ArgumentNullException>( () => HttpCookieFactory.Create(" ") ); Assert.Equal(HttpCookieFactory.InvalidCreateParameter, exception.ParamName); }