void AppBeginRequest(object sender, EventArgs e) { var app = (HttpApplication)sender; var context = new HttpContextWrapper(app.Context); if (_cspUpgradeRequestHelper.UaSupportsUpgradeInsecureRequests(context.Request) && _cspUpgradeRequestHelper.TryUpgradeInsecureRequest(context)) { return; } _configHeaderSetter.SetSitewideHeadersFromConfig(context); if (!_cspReportHelper.IsRequestForBuiltInCspReportHandler(context.Request)) { return; } CspViolationReport cspReport; if (_cspReportHelper.TryGetCspReportFromRequest(context.Request, out cspReport)) { var eventArgs = new CspViolationReportEventArgs { ViolationReport = cspReport }; OnCspViolationReport(eventArgs); context.Response.StatusCode = 204; app.CompleteRequest(); } else { context.Response.StatusCode = 400; app.CompleteRequest(); } }
public void UaSupportsUpgradeInsecureRequests_UpgradeHeaderNotOk_ReturnsFalse() { SetRequestUpgradeHeader("yolo"); var helper = new CspUpgradeInsecureRequestHelper(); Assert.IsFalse(helper.UaSupportsUpgradeInsecureRequests(_request.Object)); }
public void UaSupportsUpgradeInsecureRequests_UpgradeHeaderOk_ReturnsTrue() { SetRequestUpgradeHeader(); var helper = new CspUpgradeInsecureRequestHelper(); Assert.True(helper.UaSupportsUpgradeInsecureRequests(_request.Object)); }
public void UaSupportsUpgradeInsecureRequests_NotSupported_ReturnsFalse() { var helper = new CspUpgradeInsecureRequestHelper(); Assert.IsFalse(helper.UaSupportsUpgradeInsecureRequests(_request.Object)); }