C# (CSharp) SecurityThreatDiagnostics.ChallengeAttributesAgainstSecurityThreats示例

编程语言: C# (CSharp)

方法/功能: ChallengeAttributesAgainstSecurityThreats

hotexamples.com的示例: 3

C# (CSharp) SecurityThreatDiagnostics.ChallengeAttributesAgainstSecurityThreats - 已找到3个示例。这些是从开源项目中提取的最受好评的SecurityThreatDiagnostics.ChallengeAttributesAgainstSecurityThreats现实C# (CSharp)示例。您可以评价示例，以帮助我们提高示例质量。

常用方法

显示隐藏

ChallengeAgainstSecurityThreats(5)

ChallengeAttributesAgainstSecurityThreats(3)

ChallengeSecurityHeaders(2)

ChallengeCharacterSetEncoding(1)

ChallengeIPAddresses(1)

ChallengeUrlEncoding(1)

示例#1

显示文件

文件： Frends.Community.SecurityThreatDiagnostics.Tests.cs 项目： CommunityHiQ/Frends.Community.SecurityThreatDiagnostics

        public void GivenInvalidAttributesWhenChallengingPayloadAttributesForValidationThenSecurityThreatDiagnosticsMustRaiseExceptionDueToInjectedAttributss()
        {
            string invalidAttribute1 = "<script>function xss() { alert('injection'); } xss();</script>";
            string invalidAttribute2 = "<script>function xss() { alert('injection'); } xss();</script>";

            string[] attributes = { invalidAttribute1, invalidAttribute2 };
            validationAttributes.Attribute = attributes;

            Assert.Throws <ApplicationException>(() => SecurityThreatDiagnostics.ChallengeAttributesAgainstSecurityThreats(validationAttributes, options, CancellationToken.None));
        }

示例#2

显示文件

文件： Frends.Community.SecurityThreatDiagnostics.Tests.cs 项目： CommunityHiQ/Frends.Community.SecurityThreatDiagnostics

        public void GivenAttackVectorWithCharacterEscapedAttributesWhenChallengingPayloadAttributesForValidationThenSecurityThreatDiagnosticsMustRaiseExceptionDueToInvalidException()
        {
            string invalidAttribute1 = "{payload : {Name" + ":" + "PHNjcmlwdD5mdW5jdGlvbiBhdHRhY2sgKCkge2FsZXJ0KCd4c3MnKTt9YXR0YWNrKCk7PC9zY3JpcHQ+";
            string invalidAttribute2 = "Address : test";
            string invalidAttribute3 = "Mobile +358123456789 }}' >> mysqldump --all-databases > dump.sql";
            string parallel          = invalidAttribute1 + invalidAttribute2 + invalidAttribute3;

            string[] attributes = { invalidAttribute1, invalidAttribute2, invalidAttribute3, parallel };
            validationAttributes.Attribute = attributes;
            options.Base64Decode           = true;
            Assert.Throws <ApplicationException>(() => SecurityThreatDiagnostics.ChallengeAttributesAgainstSecurityThreats(validationAttributes, options, CancellationToken.None));
        }

示例#3

显示文件

文件： Frends.Community.SecurityThreatDiagnostics.Tests.cs 项目： CommunityHiQ/Frends.Community.SecurityThreatDiagnostics

        public void GivenAttackVectorWithMultipleAttributesWhenChallengingPayloadAttributesForValidationThenSecurityThreatDiagnosticsMustRaiseExceptionDueToFoundAttackPattern()
        {
            string invalidAttribute1 = "{ payload : {Name" + ":" + "%27 %3E%3E";
            string invalidAttribute2 = "Address" + ":" + "%3Cscript%3E function attack() %7B alert(%27xss%27)%3B %7D";
            string invalidAttribute3 = "Mobile" + ":" + "attack()%3B %3C%2Fscript%3E}}";
            string parallel          = invalidAttribute1 + invalidAttribute2 + invalidAttribute3;

            string[] attributes = { invalidAttribute1, invalidAttribute2, invalidAttribute3, parallel };
            validationAttributes.Attribute = attributes;

            Assert.Throws <ApplicationException>(() => SecurityThreatDiagnostics.ChallengeAttributesAgainstSecurityThreats(validationAttributes, options, CancellationToken.None));
        }