public virtual void TestPatternMatchingOrigins() { // Setup the configuration settings of the server IDictionary <string, string> conf = new Dictionary <string, string>(); conf[CrossOriginFilter.AllowedOrigins] = "*.example.com"; FilterConfig filterConfig = new TestCrossOriginFilter.FilterConfigTest(conf); // Object under test CrossOriginFilter filter = new CrossOriginFilter(); filter.Init(filterConfig); // match multiple sub-domains NUnit.Framework.Assert.IsFalse(filter.AreOriginsAllowed("example.com")); NUnit.Framework.Assert.IsFalse(filter.AreOriginsAllowed("foo:example.com")); Assert.True(filter.AreOriginsAllowed("foo.example.com")); Assert.True(filter.AreOriginsAllowed("foo.bar.example.com")); // First origin is allowed Assert.True(filter.AreOriginsAllowed("foo.example.com foo.nomatch.com" )); // Second origin is allowed Assert.True(filter.AreOriginsAllowed("foo.nomatch.com foo.example.com" )); // No origin in list is allowed NUnit.Framework.Assert.IsFalse(filter.AreOriginsAllowed("foo.nomatch1.com foo.nomatch2.com" )); }
public virtual void TestAllowAllOrigins() { // Setup the configuration settings of the server IDictionary <string, string> conf = new Dictionary <string, string>(); conf[CrossOriginFilter.AllowedOrigins] = "*"; FilterConfig filterConfig = new TestCrossOriginFilter.FilterConfigTest(conf); // Object under test CrossOriginFilter filter = new CrossOriginFilter(); filter.Init(filterConfig); Assert.True(filter.AreOriginsAllowed("example.com")); }
public virtual void TestCrossOriginFilterAfterRestart() { // Setup the configuration settings of the server IDictionary <string, string> conf = new Dictionary <string, string>(); conf[CrossOriginFilter.AllowedOrigins] = "example.com"; conf[CrossOriginFilter.AllowedHeaders] = "X-Requested-With,Accept"; conf[CrossOriginFilter.AllowedMethods] = "GET,POST"; FilterConfig filterConfig = new TestCrossOriginFilter.FilterConfigTest(conf); // Object under test CrossOriginFilter filter = new CrossOriginFilter(); filter.Init(filterConfig); //verify filter values Assert.True("Allowed headers do not match", string.CompareOrdinal (filter.GetAllowedHeadersHeader(), "X-Requested-With,Accept") == 0); Assert.True("Allowed methods do not match", string.CompareOrdinal (filter.GetAllowedMethodsHeader(), "GET,POST") == 0); Assert.True(filter.AreOriginsAllowed("example.com")); //destroy filter values and clear conf filter.Destroy(); conf.Clear(); // Setup the configuration settings of the server conf[CrossOriginFilter.AllowedOrigins] = "newexample.com"; conf[CrossOriginFilter.AllowedHeaders] = "Content-Type,Origin"; conf[CrossOriginFilter.AllowedMethods] = "GET,HEAD"; filterConfig = new TestCrossOriginFilter.FilterConfigTest(conf); //initialize filter filter.Init(filterConfig); //verify filter values Assert.True("Allowed headers do not match", string.CompareOrdinal (filter.GetAllowedHeadersHeader(), "Content-Type,Origin") == 0); Assert.True("Allowed methods do not match", string.CompareOrdinal (filter.GetAllowedMethodsHeader(), "GET,HEAD") == 0); Assert.True(filter.AreOriginsAllowed("newexample.com")); //destroy filter values filter.Destroy(); }