Пример #1
0
 internal bool TryGetCspReportFromRequest(HttpRequestBase request, out CspViolationReport violationReport)
 {
     violationReport = null;
     var serializer = new DataContractJsonSerializer(typeof(CspViolationReport));
     try
     {
         violationReport = (CspViolationReport) serializer.ReadObject(request.InputStream);
         violationReport.UserAgent = request.UserAgent;
         return true;
     }
     catch (Exception)
     {
         return false;
     }
 }
Пример #2
0
        internal bool TryGetCspReportFromRequest(HttpRequestBase request, out CspViolationReport violationReport)
        {
            violationReport = null;
            var serializer = new DataContractJsonSerializer(typeof(CspViolationReport));

            try
            {
                violationReport           = (CspViolationReport)serializer.ReadObject(request.InputStream);
                violationReport.UserAgent = request.UserAgent;
                return(true);
            }
            catch (Exception)
            {
                return(false);
            }
        }
 private static string GetCspViolationReportString(CspViolationReport cspViolationReport)
 {
     cspViolationReport.ToString();
     return string.Format(
         "Content Security Policy (CSP) was violated. Either adjust your policy to allow the use of the specified resource or stop using the resource.\r\nUserAgent:<{0}>\r\nBlockedUri:<{1}>\r\nColumnNumber:<{2}>\r\nDocumentUri:<{3}>\r\nEffectiveDirective:<{4}>\r\nLineNumber:<{5}>\r\nOriginalPolicy:<{6}>\r\nReferrer:<{7}>\r\nScriptSample:<{8}>\r\nSourceFile:<{9}>\r\nStatusCode:<{10}>\r\nViolatedDirective:<{11}>",
         cspViolationReport.UserAgent,
         cspViolationReport.Details.BlockedUri,
         cspViolationReport.Details.ColumnNumber,
         cspViolationReport.Details.DocumentUri,
         cspViolationReport.Details.EffectiveDirective,
         cspViolationReport.Details.LineNumber,
         cspViolationReport.Details.OriginalPolicy,
         cspViolationReport.Details.Referrer,
         cspViolationReport.Details.ScriptSample,
         cspViolationReport.Details.SourceFile,
         cspViolationReport.Details.StatusCode,
         cspViolationReport.Details.ViolatedDirective);
 }
        public void ToString_ReturnsFormattedString()
        {
            var reportDetails = new CspReportDetails
            {
                BlockedUri = "blockeduri",
                ColumnNumber = "columnnumber",
                DocumentUri = "documenturi",
                EffectiveDirective = "effectivedirective",
                LineNumber = "linenumber",
                OriginalPolicy = "originalpolicy",
                Referrer = "referrer",
                ScriptSample = "scriptsample",
                SourceFile = "sourcefile",
                StatusCode = "statuscode",
                ViolatedDirective = "violateddirective"
            };

            var violationReport = new CspViolationReport
            {
                Details = reportDetails,
                UserAgent = "useragent"
            };

            const string expectedResult =
@"DocumentUri=""documenturi""
EffectiveDirective=""effectivedirective""
ViolatedDirective=""violateddirective""
OriginalPolicy=""originalpolicy""
BlockedUri=""blockeduri""
UserAgent=""useragent""
Referrer=""referrer""
StatusCode=""statuscode""
SourceFile=""sourcefile""
LineNumber=""linenumber""
ColumnNumber=""columnnumber""
ScriptSample=""scriptsample""";

            var result = violationReport.ToString();

            Assert.AreEqual(expectedResult, result);
        }
 public CspViolationException(CspViolationReport cspViolationReport, Exception inner)
     : this(GetCspViolationReportString(cspViolationReport), inner)
 {
 }
 public CspViolationException(CspViolationReport cspViolationReport)
     : this(GetCspViolationReportString(cspViolationReport))
 {
 }