public void EncodeUri_RelativePlainUri_ReturnsPlainUri() { const string expectedUri = "/CspReport"; var result = CspUriSource.EncodeUri(new Uri(expectedUri, UriKind.Relative)); Assert.Equal(expectedUri, result); }
public void EncodeUri_AbsolutePlainUri_ReturnsPlainUri() { const string expectedUri = "https://report.nwebsec.com/CspReport"; var result = CspUriSource.EncodeUri(new Uri(expectedUri, UriKind.Absolute)); Assert.Equal(expectedUri, result); }
public void EncodeUri_RelativeUriNeedsEncoding_ReturnsEncodedUri() { const string originalUri = "/CspReport,;"; const string expectedUri = "/CspReport%2C%3B"; var result = CspUriSource.EncodeUri(new Uri(originalUri, UriKind.Relative)); Assert.Equal(expectedUri, result); }
public void EncodeUri_AbsoluteUriNeedsEncoding_ReturnsEncodedUri() { const string originalUri = "https://üüüüüü.de/CspReport,;/andré?a=b"; const string expectedUri = "https://xn--tdaaaaaa.de/CspReport%2C%3B/andr%C3%A9?a=b"; var result = CspUriSource.EncodeUri(new Uri(originalUri, UriKind.Absolute)); Assert.Equal(expectedUri, result); }
public void EncodeUri_RelativeUriWithNoneAsciiChars_ReturnsEncodedUri() { const string originalUri = "/CspReport/André?a=b"; const string expectedUri = "/CspReport/Andr%C3%A9?a=b"; var result = CspUriSource.EncodeUri(new Uri(originalUri, UriKind.Relative)); Assert.Equal(expectedUri, result); }
public override void Validate(object value) { var source = (string)value; if (String.IsNullOrEmpty(source)) { return; } try { CspUriSource.Parse(source); } catch (Exception e) { throw new ConfigurationErrorsException("Invalid source " + source + ". Details: " + e.Message, e); } }
/// <summary> /// Sets custom sources for the CSP directive. /// </summary> /// <typeparam name="T">The type of the CSP directive configuration object.</typeparam> /// <param name="directive">The CSP directive configuration object.</param> /// <param name="sources">One or more custom sources.</param> /// <returns>The CSP directive configuration object.</returns> public static T CustomSources<T>(this T directive, params string[] sources) where T : class, ICspDirectiveBasicConfiguration { if (directive == null) throw new ArgumentNullException(nameof(directive)); if (sources.Length == 0) throw new ArgumentException("You must supply at least one source.", nameof(sources)); try { var type = typeof(T); var enableHashes = type == typeof(ICspDirectiveConfiguration) || type == typeof(ICspDirectiveUnsafeInlineConfiguration); directive.CustomSources = sources .Select(s => (enableHashes ? CspHashSource.Parse(s) : null) ?? CspUriSource.Parse(s).ToString()) .ToArray(); } catch (InvalidCspSourceException e) { throw new ArgumentException("Invalid source. Details: " + e.Message, nameof(sources), e); } return directive; }
public void Uris(params string[] reportUris) { if (reportUris.Length == 0) { throw new ArgumentException("You must supply at least one report URI.", "reportUris"); } var reportUriList = new List <string>(); foreach (var reportUri in reportUris) { Uri uri; if (!Uri.TryCreate(reportUri, UriKind.RelativeOrAbsolute, out uri)) { throw new ArgumentException("Could not parse reportUri: " + reportUri); } reportUriList.Add(CspUriSource.EncodeUri(uri)); } ReportUris = reportUriList.ToArray(); }
/// <summary> /// Sets custom sources for the CSP directive. /// </summary> /// <typeparam name="T">The type of the CSP directive configuration object.</typeparam> /// <param name="directive">The CSP directive configuration object.</param> /// <param name="sources">One or more custom sources.</param> /// <returns>The CSP directive configuration object.</returns> public static T CustomSources <T>(this T directive, params string[] sources) where T : class, ICspDirectiveBasicConfiguration { if (directive == null) { throw new ArgumentNullException(nameof(directive)); } if (sources.Length == 0) { throw new ArgumentException("You must supply at least one source.", nameof(sources)); } try { directive.CustomSources = sources.Select(s => CspUriSource.Parse(s).ToString()).ToArray(); } catch (InvalidCspSourceException e) { throw new ArgumentException("Invalid source. Details: " + e.Message, nameof(sources), e); } return(directive); }
public void Parse_WildcardTld_ThrowsException() { Assert.Throws <InvalidCspSourceException>(() => CspUriSource.Parse("www.nwebsec.*")); }
public void Parse_MissingScheme_ThrowsException() { Assert.Throws <InvalidCspSourceException>(() => CspUriSource.Parse("//www.nwebsec.*")); }
public void Parse_InvalidSchemeHost_ThrowsException() { Assert.Throws <InvalidCspSourceException>(() => CspUriSource.Parse("0https://www.nwebsec.com")); }
public void Parse_InvalidScheme_ThrowsException() { Assert.Throws <InvalidCspSourceException>(() => CspUriSource.Parse("0https:")); }
public void Parse_WildcardIdnHostWildcardPortAndPath_ReturnsResult() { var result = CspUriSource.Parse("*.üüüüüü.com:*/some/path"); Assert.Equal("*.xn--tdaaaaaa.com:*/some/path", result.ToString()); }
public void Parse_HostPortAndPath_ReturnsResult() { var result = CspUriSource.Parse("www.nwebsec.com:8000/some/path"); Assert.Equal("www.nwebsec.com:8000/some/path", result.ToString()); }
public void Parse_SchemeAndHostUpperCase_ReturnsLowerCaseResult() { var result = CspUriSource.Parse("HTTPS://www.NWEBSEC.com"); Assert.Equal("https://www.nwebsec.com", result.ToString()); }
public void Parse_SchemeOnly_ReturnsResult(string scheme) { var result = CspUriSource.Parse(scheme); Assert.Equal(scheme, result.ToString()); }
public void Parse_SchemeHostAndInvalidPortNumber_ThrowsException() { Assert.Throws <InvalidCspSourceException>(() => CspUriSource.Parse("https://www.nwebsec.com:65536")); }
public void Parse_IdnHostAndWildCardPort_ReturnsResult() { var result = CspUriSource.Parse("www.üüüüüü.com:*"); Assert.Equal("www.xn--tdaaaaaa.com:*", result.ToString()); }
public void Parse_HostAndWildCardPort_ReturnsResult() { var result = CspUriSource.Parse("www.nwebsec.com:*"); Assert.Equal("www.nwebsec.com:*", result.ToString()); }
public void Parse_IdnHostPortAndPath_ReturnsResult() { var result = CspUriSource.Parse("www.üüüüüü.com:8000/some/path"); Assert.Equal("www.xn--tdaaaaaa.com:8000/some/path", result.ToString()); }
public void Parse_SchemeAndWildcardWithinHostname_ThrowsException() { Assert.Throws <InvalidCspSourceException>(() => CspUriSource.Parse("https://www.*.com")); }
public void Parse_SchemeHostAndDoublePort_ThrowsException() { Assert.Throws <InvalidCspSourceException>(() => CspUriSource.Parse("https://www.nwebsec.com:80:80")); }
public void Parse_Host_ReturnsResult() { var result = CspUriSource.Parse("www.demo-nwebsec.com"); Assert.Equal("www.demo-nwebsec.com", result.ToString()); }
public void Parse_Wildcard_ReturnsResult() { var result = CspUriSource.Parse("*"); Assert.Equal("*", result.ToString()); }
public void Parse_WildcardIdnHost_ReturnsResult() { var result = CspUriSource.Parse("*.üüüüüü.com"); Assert.Equal("*.xn--tdaaaaaa.com", result.ToString()); }
public void Parse_SchemeAndHost_ReturnsResult() { var result = CspUriSource.Parse("https://www.nwebsec.com"); Assert.Equal("https://www.nwebsec.com", result.ToString()); }
public void Parse_WildcardHostAndPort_ReturnsResult() { var result = CspUriSource.Parse("*.nwebsec.com:8000"); Assert.Equal("*.nwebsec.com:8000", result.ToString()); }
public void Parse_SchemeAndIdnHost_ReturnsIdnResult() { var result = CspUriSource.Parse("https://www.üüüüüü.de"); Assert.Equal("https://www.xn--tdaaaaaa.de", result.ToString()); }
public void Parse_WildcardHostWildcardPortAndPath_ReturnsResult() { var result = CspUriSource.Parse("*.nwebsec.com:*/some/path"); Assert.Equal("*.nwebsec.com:*/some/path", result.ToString()); }