2 // HttpRequestCas.cs - CAS unit tests for System.Web.HttpRequest
5 // Sebastien Pouliot <sebastien@ximian.com>
7 // Copyright (C) 2005 Novell, Inc (http://www.novell.com)
9 // Permission is hereby granted, free of charge, to any person obtaining
10 // a copy of this software and associated documentation files (the
11 // "Software"), to deal in the Software without restriction, including
12 // without limitation the rights to use, copy, modify, merge, publish,
13 // distribute, sublicense, and/or sell copies of the Software, and to
14 // permit persons to whom the Software is furnished to do so, subject to
15 // the following conditions:
17 // The above copyright notice and this permission notice shall be
18 // included in all copies or substantial portions of the Software.
20 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
21 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
22 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
23 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
24 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
25 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
26 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
29 using NUnit.Framework;
33 using System.Reflection;
34 using System.Security;
35 using System.Security.Permissions;
38 namespace MonoCasTests.System.Web {
42 public class HttpRequestCas : AspNetHostingMinimal {
44 private HttpRequest request;
45 private string tempfile;
48 public void FixtureSetUp ()
50 request = new HttpRequest (String.Empty, "http://localhost/", String.Empty);
51 tempfile = Path.GetTempFileName ();
55 [PermissionSet (SecurityAction.Deny, Unrestricted = true)]
56 public void Properties_Deny_Unrestricted ()
58 Assert.IsNull (request.AcceptTypes, "AcceptTypes");
59 Assert.IsNull (request.ApplicationPath, "ApplicationPath");
60 request.Browser = null;
62 Assert.IsNotNull (request.Browser, "Browser");
64 catch (NullReferenceException) {
68 request.ContentEncoding = null;
70 Assert.IsNull (request.ContentEncoding, "ContentEncoding");
72 catch (NullReferenceException) {
75 catch (HttpException) {
79 Assert.AreEqual (0, request.ContentLength, "ContentLength");
80 Assert.AreEqual (String.Empty, request.ContentType, "ContentType");
81 request.ContentType = null;
82 Assert.IsNotNull (request.Cookies, "Cookies");
85 Assert.AreEqual ("/", request.CurrentExecutionFilePath, "CurrentExecutionFilePath");
87 catch (NullReferenceException) {
92 Assert.AreEqual ("/", request.FilePath, "FilePath");
94 catch (NullReferenceException) {
98 Assert.IsNotNull (request.Files, "Files");
100 Assert.IsNotNull (request.Filter, "Filter");
101 request.Filter = null;
103 Assert.IsNotNull (request.Form, "Form");
104 Assert.IsNotNull (request.Headers, "Headers");
105 Assert.AreEqual ("GET", request.HttpMethod, "HttpMethod");
106 Assert.IsNotNull (request.InputStream, "InputStream");
107 Assert.IsFalse (request.IsSecureConnection, "IsSecureConnection");
108 Assert.IsNotNull (request.Path, "Path");
111 Assert.IsNotNull (request.PathInfo, "PathInfo");
113 catch (NullReferenceException) {
117 Assert.IsNotNull (request.QueryString, "QueryString");
118 Assert.IsNotNull (request.RawUrl, "RawUrl");
119 Assert.AreEqual ("GET", request.RequestType, "RequestType");
120 request.RequestType = null;
121 Assert.AreEqual (0, request.TotalBytes, "TotalBytes");
122 Assert.IsNotNull (request.Url, "Url");
123 Assert.IsNull (request.UrlReferrer, "UrlReferrer");
124 Assert.IsNull (request.UserAgent, "UserAgent");
125 Assert.IsNull (request.UserHostAddress, "UserHostAddress");
126 Assert.IsNull (request.UserHostName, "UserHostName");
127 Assert.IsNull (request.UserLanguages, "UserLanguages");
129 Assert.IsFalse (request.IsLocal, "IsLocal");
135 [AspNetHostingPermission (SecurityAction.Deny, Level = AspNetHostingPermissionLevel.Low)]
136 [ExpectedException (typeof (SecurityException))]
137 public void ClientCertificate_Deny_Low ()
139 Assert.IsNotNull (request.ClientCertificate, "ClientCertificate");
143 [AspNetHostingPermission (SecurityAction.PermitOnly, Level = AspNetHostingPermissionLevel.Low)]
144 [ExpectedException (typeof (NullReferenceException))]
145 public void ClientCertificate_PermitOnly_Low ()
147 Assert.IsNotNull (request.ClientCertificate, "ClientCertificate");
150 // ClientCertificate fails before hitting the SecurityException
154 [PermissionSet (SecurityAction.Deny, Unrestricted = true)]
155 [ExpectedException (typeof (NullReferenceException))]
156 public void IsAuthenticated_Deny_Unrestricted ()
158 Assert.IsNull (request.IsAuthenticated, "IsAuthenticated");
162 [AspNetHostingPermission (SecurityAction.Deny, Level = AspNetHostingPermissionLevel.Low)]
163 [ExpectedException (typeof (SecurityException))]
164 public void Params_Deny_Low ()
166 Assert.IsNotNull (request.Params, "Params");
170 [AspNetHostingPermission (SecurityAction.PermitOnly, Level = AspNetHostingPermissionLevel.Low)]
171 public void Params_PermitOnly_Low ()
173 Assert.IsNotNull (request.Params, "Params");
177 [AspNetHostingPermission (SecurityAction.Deny, Level = AspNetHostingPermissionLevel.Low)]
178 [ExpectedException (typeof (SecurityException))]
179 public void ServerVariables_Deny_Low ()
181 Assert.IsNotNull (request.ServerVariables, "ServerVariables");
185 [AspNetHostingPermission (SecurityAction.PermitOnly, Level = AspNetHostingPermissionLevel.Low)]
186 public void ServerVariables_PermitOnly_Low ()
188 Assert.IsNotNull (request.ServerVariables, "ServerVariables");
189 Assert.IsNull (request["mono"], "this[string]");
193 [AspNetHostingPermission (SecurityAction.Deny, Level = AspNetHostingPermissionLevel.Low)]
194 [ExpectedException (typeof (SecurityException))]
195 public void This_Deny_Low ()
197 Assert.IsNull (request["mono"], "this[string]");
201 [FileIOPermission (SecurityAction.Deny, Unrestricted = true)]
202 // default path is null [ExpectedException (typeof (SecurityException))]
203 public void PhysicalApplicationPath_Deny_FileIOPermission ()
206 Assert.IsNull (request.PhysicalApplicationPath, "PhysicalApplicationPath");
208 catch (ArgumentNullException) {
211 catch (TypeInitializationException) {
217 [FileIOPermission (SecurityAction.PermitOnly, Unrestricted = true)]
218 // default path is null and mess up the security check
219 public void PhysicalApplicationPath_PermitOnly_FileIOPermission ()
222 Assert.IsNull (request.PhysicalApplicationPath, "PhysicalApplicationPath");
224 catch (ArgumentNullException) {
227 catch (TypeInitializationException) {
233 [FileIOPermission (SecurityAction.Deny, Unrestricted = true)]
234 //[ExpectedException (typeof (ArgumentException))]
235 public void PhysicalPath_Deny_FileIOPermission ()
237 // strange - must be a special case not to check (and fail) a
238 // FileIOPermission check (strangeest part being that this isn't
239 // done for PhysicalApplicationPath)
240 Assert.AreEqual (String.Empty, request.PhysicalPath, "PhysicalPath");
244 [FileIOPermission (SecurityAction.PermitOnly, Unrestricted = true)]
245 public void PhysicalPath_PermitOnly_FileIOPermission ()
247 Assert.IsNotNull (request.PhysicalPath, "PhysicalPath");
251 [PermissionSet (SecurityAction.Deny, Unrestricted = true)]
252 public void Methods_Deny_Unrestricted ()
254 Assert.IsNotNull (request.BinaryRead (0), "BinaryRead");
255 Assert.IsNull (request.MapImageCoordinates ("mono"), "MapImageCoordinates");
258 Assert.IsNull (request.MapPath ("/mono"), "MapPath");
260 catch (NullReferenceException) {
265 request.MapPath ("/mono", "/", true);
267 catch (HttpException) {
270 catch (TypeInitializationException) {
274 request.ValidateInput ();
278 [FileIOPermission (SecurityAction.Deny, Unrestricted = true)]
279 [ExpectedException (typeof (SecurityException))]
280 public void SaveAs_Deny_Write ()
282 request.SaveAs (tempfile, true);
286 [FileIOPermission (SecurityAction.PermitOnly, Unrestricted = true)]
287 public void SaveAs_PermitOnly_Write ()
289 request.SaveAs (tempfile, true);
294 public override object CreateControl (SecurityAction action, AspNetHostingPermissionLevel level)
296 ConstructorInfo ci = this.Type.GetConstructor (new Type[3] { typeof (string), typeof (string), typeof (string) });
297 Assert.IsNotNull (ci, ".ctor(string,string,string)");
298 return ci.Invoke (new object[3] { String.Empty, "http://localhost/", String.Empty });
301 public override Type Type {
302 get { return typeof (HttpRequest); }