C# (CSharp) NWebsec.Helpers CspUpgradeInsecureRequestHelper示例

示例#1

文件： CspUpgradeInsecureRequestHelperTests.cs 项目： modulexcite/NWebsec

        public void UaSupportsUpgradeInsecureRequests_UpgradeHeaderNotOk_ReturnsFalse()
        {
            SetRequestUpgradeHeader("yolo");

            var helper = new CspUpgradeInsecureRequestHelper();

            Assert.IsFalse(helper.UaSupportsUpgradeInsecureRequests(_request.Object));
        }

示例#2

文件： ConfigurationHeaderSetter.cs 项目： wc1432/NWebsec

 public ConfigurationHeaderSetter()
 {
     _headerGenerator         = new HeaderGenerator();
     _headerResultHandler     = new HeaderResultHandler();
     _handlerHelper           = new HandlerTypeHelper();
     _cspUpgradeRequestHelper = new CspUpgradeInsecureRequestHelper();
     _reportHelper            = new CspReportHelper();
 }

示例#3

文件： ConfigurationHeaderSetter.cs 项目： modulexcite/NWebsec

 public ConfigurationHeaderSetter()
 {
     _headerGenerator = new HeaderGenerator();
     _headerResultHandler = new HeaderResultHandler();
     _handlerHelper = new HandlerTypeHelper();
     _cspUpgradeRequestHelper = new CspUpgradeInsecureRequestHelper();
     _reportHelper = new CspReportHelper();
 }

示例#4

文件： HttpHeaderSecurityModule.cs 项目： modulexcite/NWebsec

 public HttpHeaderSecurityModule()
 {
     _cspUpgradeRequestHelper = new CspUpgradeInsecureRequestHelper();
     _cspReportHelper = new CspReportHelper();
     _configHeaderSetter = new ConfigurationHeaderSetter();
     _handlerTypeHelper = new HandlerTypeHelper();
     _redirectValidationHelper = new RedirectValidationHelper();
 }

示例#5

文件： CspUpgradeInsecureRequestHelperTests.cs 项目： modulexcite/NWebsec

        public void TryUpgradeInsecureRequest_UpgradeEnabledAndUpgradableRequest_RedirectsAndReturnsTrue()
        {
            _response.Setup(r => r.AppendHeader(It.IsAny<string>(), It.IsAny<string>()));
            _response.Setup(r => r.Redirect(It.IsAny<string>(), false));
            _response.Setup(r => r.End());
            SetRequestUri("http://www.nwebsec.com");
            SetSecureConnection(false);
            var cspConfig = new CspConfiguration
            {
                Enabled = true,
                UpgradeInsecureRequestsDirective = { Enabled = true }
            };
            var helper = new CspUpgradeInsecureRequestHelper(cspConfig);

            Assert.IsTrue(helper.TryUpgradeInsecureRequest(_context.Object));

            _response.Verify(r => r.AppendHeader("Vary", "Upgrade-Insecure-Requests"), Times.Once);
            _response.Verify(r => r.Redirect("https://www.nwebsec.com/", false), Times.Once);
            _response.Verify(r => r.End(), Times.Once);
            Assert.AreEqual(307, _response.Object.StatusCode);
        }

示例#6

文件： CspUpgradeInsecureRequestHelperTests.cs 项目： modulexcite/NWebsec

        public void UaSupportsUpgradeInsecureRequests_NotSupported_ReturnsFalse()
        {
            var helper = new CspUpgradeInsecureRequestHelper();

            Assert.IsFalse(helper.UaSupportsUpgradeInsecureRequests(_request.Object));
        }

示例#7

文件： CspUpgradeInsecureRequestHelperTests.cs 项目： modulexcite/NWebsec

        public void TryUpgradeInsecureRequest_CspDisabledAndHttpRequest_ReturnsFalse()
        {
            SetSecureConnection(false);
            var cspConfig = new CspConfiguration
            {
                Enabled = false,
                UpgradeInsecureRequestsDirective = { Enabled = true }
            };
            var helper = new CspUpgradeInsecureRequestHelper(cspConfig);

            Assert.IsFalse(helper.TryUpgradeInsecureRequest(_context.Object));
            Assert.AreEqual(200, _response.Object.StatusCode);
        }