public void IsAllowedIeOrEdgeAuthorizationRedirect() { Assert.IsTrue( EmbeddedUiCommon.IsAllowedIeOrEdgeAuthorizationRedirect( new System.Uri("https://login.microsoft.com/v2.0/authorize/some_page"))); Assert.IsTrue( EmbeddedUiCommon.IsAllowedIeOrEdgeAuthorizationRedirect( new System.Uri("javascript://bing.com/script.js"))); Assert.IsTrue( EmbeddedUiCommon.IsAllowedIeOrEdgeAuthorizationRedirect( new System.Uri("res://404.html"))); Assert.IsTrue( EmbeddedUiCommon.IsAllowedIeOrEdgeAuthorizationRedirect( new System.Uri("about:blank"))); Assert.IsFalse( EmbeddedUiCommon.IsAllowedIeOrEdgeAuthorizationRedirect( new System.Uri("about:blank.com"))); Assert.IsFalse( EmbeddedUiCommon.IsAllowedIeOrEdgeAuthorizationRedirect( new System.Uri("http://microsoft.com"))); }
private bool CheckForClosingUrl(Uri url, byte[] postData = null) { bool readyToClose = false; if (url.Authority.Equals(_desiredCallbackUri.Authority, StringComparison.OrdinalIgnoreCase) && url.AbsolutePath.Equals(_desiredCallbackUri.AbsolutePath)) { RequestContext.Logger.Info("[Legacy WebView] Redirect URI was reached. Stopping WebView navigation..."); Result = AuthorizationResult.FromPostData(postData); readyToClose = true; } if (!readyToClose && !EmbeddedUiCommon.IsAllowedIeOrEdgeAuthorizationRedirect(url)) // IE error pages { RequestContext.Logger.Error(string.Format(CultureInfo.InvariantCulture, "[Legacy WebView] Redirection to non-HTTPS uri: {0} - WebView1 will fail...", url)); Result = AuthorizationResult.FromStatus( AuthorizationStatus.ErrorHttp, MsalError.NonHttpsRedirectNotSupported, MsalErrorMessage.NonHttpsRedirectNotSupported); readyToClose = true; } if (readyToClose) { StopWebBrowser(); // in this handler object could be already disposed, so it should be the last method OnClosingUrl(); } return(readyToClose); }