2 // HttpRequestCas.cs - CAS unit tests for System.Web.HttpRequest
5 // Sebastien Pouliot <sebastien@ximian.com>
7 // Copyright (C) 2005 Novell, Inc (http://www.novell.com)
9 // Permission is hereby granted, free of charge, to any person obtaining
10 // a copy of this software and associated documentation files (the
11 // "Software"), to deal in the Software without restriction, including
12 // without limitation the rights to use, copy, modify, merge, publish,
13 // distribute, sublicense, and/or sell copies of the Software, and to
14 // permit persons to whom the Software is furnished to do so, subject to
15 // the following conditions:
17 // The above copyright notice and this permission notice shall be
18 // included in all copies or substantial portions of the Software.
20 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
21 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
22 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
23 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
24 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
25 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
26 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
29 using NUnit.Framework;
33 using System.Reflection;
34 using System.Security;
35 using System.Security.Permissions;
38 namespace MonoCasTests.System.Web {
42 public class HttpRequestCas : AspNetHostingMinimal {
44 private HttpRequest request;
45 private string tempfile;
48 public void FixtureSetUp ()
50 request = new HttpRequest (String.Empty, "http://localhost/", String.Empty);
51 tempfile = Path.GetTempFileName ();
55 [PermissionSet (SecurityAction.Deny, Unrestricted = true)]
56 public void Properties_Deny_Unrestricted ()
58 Assert.IsNull (request.AcceptTypes, "AcceptTypes");
59 Assert.IsNull (request.ApplicationPath, "ApplicationPath");
60 request.Browser = null;
62 Assert.IsNotNull (request.Browser, "Browser");
64 catch (NullReferenceException) {
68 request.ContentEncoding = null;
70 Assert.IsNull (request.ContentEncoding, "ContentEncoding");
72 catch (NullReferenceException) {
75 catch (HttpException) {
79 Assert.AreEqual (0, request.ContentLength, "ContentLength");
80 Assert.AreEqual (String.Empty, request.ContentType, "ContentType");
81 request.ContentType = null;
82 Assert.IsNotNull (request.Cookies, "Cookies");
85 Assert.AreEqual ("/", request.CurrentExecutionFilePath, "CurrentExecutionFilePath");
87 catch (NullReferenceException) {
92 Assert.AreEqual ("/", request.FilePath, "FilePath");
94 catch (NullReferenceException) {
98 Assert.IsNotNull (request.Files, "Files");
100 Assert.IsNotNull (request.Filter, "Filter");
101 request.Filter = null;
103 Assert.IsNotNull (request.Form, "Form");
104 Assert.IsNotNull (request.Headers, "Headers");
105 Assert.AreEqual ("GET", request.HttpMethod, "HttpMethod");
106 Assert.IsNotNull (request.InputStream, "InputStream");
107 Assert.IsFalse (request.IsSecureConnection, "IsSecureConnection");
108 Assert.IsNotNull (request.Path, "Path");
111 Assert.IsNotNull (request.PathInfo, "PathInfo");
113 catch (NullReferenceException) {
117 Assert.IsNotNull (request.QueryString, "QueryString");
118 Assert.IsNotNull (request.RawUrl, "RawUrl");
119 Assert.AreEqual ("GET", request.RequestType, "RequestType");
120 request.RequestType = null;
121 Assert.AreEqual (0, request.TotalBytes, "TotalBytes");
122 Assert.IsNotNull (request.Url, "Url");
123 Assert.IsNull (request.UrlReferrer, "UrlReferrer");
124 Assert.IsNull (request.UserAgent, "UserAgent");
125 Assert.IsNull (request.UserHostAddress, "UserHostAddress");
126 Assert.IsNull (request.UserHostName, "UserHostName");
127 Assert.IsNull (request.UserLanguages, "UserLanguages");
128 Assert.IsFalse (request.IsLocal, "IsLocal");
132 [AspNetHostingPermission (SecurityAction.Deny, Level = AspNetHostingPermissionLevel.Low)]
133 [ExpectedException (typeof (SecurityException))]
134 public void ClientCertificate_Deny_Low ()
136 Assert.IsNotNull (request.ClientCertificate, "ClientCertificate");
140 [AspNetHostingPermission (SecurityAction.PermitOnly, Level = AspNetHostingPermissionLevel.Low)]
141 [ExpectedException (typeof (NullReferenceException))]
142 public void ClientCertificate_PermitOnly_Low ()
144 Assert.IsNotNull (request.ClientCertificate, "ClientCertificate");
148 [PermissionSet (SecurityAction.Deny, Unrestricted = true)]
149 [ExpectedException (typeof (NullReferenceException))]
150 public void IsAuthenticated_Deny_Unrestricted ()
152 Assert.IsNull (request.IsAuthenticated, "IsAuthenticated");
156 [AspNetHostingPermission (SecurityAction.Deny, Level = AspNetHostingPermissionLevel.Low)]
157 [ExpectedException (typeof (SecurityException))]
158 public void Params_Deny_Low ()
160 Assert.IsNotNull (request.Params, "Params");
164 [AspNetHostingPermission (SecurityAction.PermitOnly, Level = AspNetHostingPermissionLevel.Low)]
165 public void Params_PermitOnly_Low ()
167 Assert.IsNotNull (request.Params, "Params");
171 [AspNetHostingPermission (SecurityAction.Deny, Level = AspNetHostingPermissionLevel.Low)]
172 [ExpectedException (typeof (SecurityException))]
173 public void ServerVariables_Deny_Low ()
175 Assert.IsNotNull (request.ServerVariables, "ServerVariables");
179 [AspNetHostingPermission (SecurityAction.PermitOnly, Level = AspNetHostingPermissionLevel.Low)]
180 public void ServerVariables_PermitOnly_Low ()
182 Assert.IsNotNull (request.ServerVariables, "ServerVariables");
183 Assert.IsNull (request["mono"], "this[string]");
187 [AspNetHostingPermission (SecurityAction.Deny, Level = AspNetHostingPermissionLevel.Low)]
188 [ExpectedException (typeof (SecurityException))]
189 public void This_Deny_Low ()
191 Assert.IsNull (request["mono"], "this[string]");
195 [FileIOPermission (SecurityAction.Deny, Unrestricted = true)]
196 // default path is null [ExpectedException (typeof (SecurityException))]
197 public void PhysicalApplicationPath_Deny_FileIOPermission ()
200 Assert.IsNull (request.PhysicalApplicationPath, "PhysicalApplicationPath");
202 catch (ArgumentNullException) {
205 catch (TypeInitializationException) {
211 [FileIOPermission (SecurityAction.PermitOnly, Unrestricted = true)]
212 // default path is null and mess up the security check
213 public void PhysicalApplicationPath_PermitOnly_FileIOPermission ()
216 Assert.IsNull (request.PhysicalApplicationPath, "PhysicalApplicationPath");
218 catch (ArgumentNullException) {
221 catch (TypeInitializationException) {
227 [FileIOPermission (SecurityAction.Deny, Unrestricted = true)]
228 //[ExpectedException (typeof (ArgumentException))]
229 public void PhysicalPath_Deny_FileIOPermission ()
231 // strange - must be a special case not to check (and fail) a
232 // FileIOPermission check (strangeest part being that this isn't
233 // done for PhysicalApplicationPath)
234 Assert.AreEqual (String.Empty, request.PhysicalPath, "PhysicalPath");
238 [FileIOPermission (SecurityAction.PermitOnly, Unrestricted = true)]
239 public void PhysicalPath_PermitOnly_FileIOPermission ()
241 Assert.IsNotNull (request.PhysicalPath, "PhysicalPath");
245 [PermissionSet (SecurityAction.Deny, Unrestricted = true)]
246 public void Methods_Deny_Unrestricted ()
248 Assert.IsNotNull (request.BinaryRead (0), "BinaryRead");
249 Assert.IsNull (request.MapImageCoordinates ("mono"), "MapImageCoordinates");
252 Assert.IsNull (request.MapPath ("/mono"), "MapPath");
254 catch (NullReferenceException) {
259 request.MapPath ("/mono", "/", true);
261 catch (HttpException) {
264 catch (TypeInitializationException) {
268 request.ValidateInput ();
272 [FileIOPermission (SecurityAction.Deny, Unrestricted = true)]
273 [ExpectedException (typeof (SecurityException))]
274 public void SaveAs_Deny_Write ()
276 request.SaveAs (tempfile, true);
280 [FileIOPermission (SecurityAction.PermitOnly, Unrestricted = true)]
281 public void SaveAs_PermitOnly_Write ()
283 request.SaveAs (tempfile, true);
288 public override object CreateControl (SecurityAction action, AspNetHostingPermissionLevel level)
290 ConstructorInfo ci = this.Type.GetConstructor (new Type[3] { typeof (string), typeof (string), typeof (string) });
291 Assert.IsNotNull (ci, ".ctor(string,string,string)");
292 return ci.Invoke (new object[3] { String.Empty, "http://localhost/", String.Empty });
295 public override Type Type {
296 get { return typeof (HttpRequest); }