internal bool TryGetCspReportFromRequest(HttpRequestBase request, out CspViolationReport violationReport)
{
violationReport = null;
var serializer = new DataContractJsonSerializer(typeof(CspViolationReport));
try
{
violationReport = (CspViolationReport) serializer.ReadObject(request.InputStream);
violationReport.UserAgent = request.UserAgent;
return true;
}
catch (Exception)
{
return false;
}
}
internal bool TryGetCspReportFromRequest(HttpRequestBase request, out CspViolationReport violationReport)
{
violationReport = null;
var serializer = new DataContractJsonSerializer(typeof(CspViolationReport));
try
{
violationReport = (CspViolationReport)serializer.ReadObject(request.InputStream);
violationReport.UserAgent = request.UserAgent;
return(true);
}
catch (Exception)
{
return(false);
}
}
private static string GetCspViolationReportString(CspViolationReport cspViolationReport)
{
cspViolationReport.ToString();
return string.Format(
"Content Security Policy (CSP) was violated. Either adjust your policy to allow the use of the specified resource or stop using the resource.\r\nUserAgent:<{0}>\r\nBlockedUri:<{1}>\r\nColumnNumber:<{2}>\r\nDocumentUri:<{3}>\r\nEffectiveDirective:<{4}>\r\nLineNumber:<{5}>\r\nOriginalPolicy:<{6}>\r\nReferrer:<{7}>\r\nScriptSample:<{8}>\r\nSourceFile:<{9}>\r\nStatusCode:<{10}>\r\nViolatedDirective:<{11}>",
cspViolationReport.UserAgent,
cspViolationReport.Details.BlockedUri,
cspViolationReport.Details.ColumnNumber,
cspViolationReport.Details.DocumentUri,
cspViolationReport.Details.EffectiveDirective,
cspViolationReport.Details.LineNumber,
cspViolationReport.Details.OriginalPolicy,
cspViolationReport.Details.Referrer,
cspViolationReport.Details.ScriptSample,
cspViolationReport.Details.SourceFile,
cspViolationReport.Details.StatusCode,
cspViolationReport.Details.ViolatedDirective);
}
public void ToString_ReturnsFormattedString()
{
var reportDetails = new CspReportDetails
{
BlockedUri = "blockeduri",
ColumnNumber = "columnnumber",
DocumentUri = "documenturi",
EffectiveDirective = "effectivedirective",
LineNumber = "linenumber",
OriginalPolicy = "originalpolicy",
Referrer = "referrer",
ScriptSample = "scriptsample",
SourceFile = "sourcefile",
StatusCode = "statuscode",
ViolatedDirective = "violateddirective"
};
var violationReport = new CspViolationReport
{
Details = reportDetails,
UserAgent = "useragent"
};
const string expectedResult =
@"DocumentUri=""documenturi""
EffectiveDirective=""effectivedirective""
ViolatedDirective=""violateddirective""
OriginalPolicy=""originalpolicy""
BlockedUri=""blockeduri""
UserAgent=""useragent""
Referrer=""referrer""
StatusCode=""statuscode""
SourceFile=""sourcefile""
LineNumber=""linenumber""
ColumnNumber=""columnnumber""
ScriptSample=""scriptsample""";
var result = violationReport.ToString();
Assert.AreEqual(expectedResult, result);
}
public CspViolationException(CspViolationReport cspViolationReport, Exception inner)
: this(GetCspViolationReportString(cspViolationReport), inner)
{
}
public CspViolationException(CspViolationReport cspViolationReport)
: this(GetCspViolationReportString(cspViolationReport))
{
}
