From 0f8542e4b27c1e6dc26f83a18b4bc7c7e050dd9b Mon Sep 17 00:00:00 2001
From: Kristian Hellang <kristian@hellang.com>
Date: Thu, 12 May 2016 14:05:19 +0200
Subject: [PATCH] Throw a more descriptive exception for missing CORS policies

---
 .../CorsAuthorizationFilter.cs                |   7 +
 .../Properties/Resources.Designer.cs          |  46 +++++++
 .../Resources.resx                            | 123 ++++++++++++++++++
 3 files changed, 176 insertions(+)
 create mode 100644 src/Microsoft.AspNetCore.Mvc.Cors/Properties/Resources.Designer.cs
 create mode 100644 src/Microsoft.AspNetCore.Mvc.Cors/Resources.resx

diff --git a/src/Microsoft.AspNetCore.Mvc.Cors/CorsAuthorizationFilter.cs b/src/Microsoft.AspNetCore.Mvc.Cors/CorsAuthorizationFilter.cs
index 793e9945d6..4e2cc209c1 100644
--- a/src/Microsoft.AspNetCore.Mvc.Cors/CorsAuthorizationFilter.cs
+++ b/src/Microsoft.AspNetCore.Mvc.Cors/CorsAuthorizationFilter.cs
@@ -68,6 +68,13 @@ namespace Microsoft.AspNetCore.Mvc.Cors
             if (request.Headers.ContainsKey(CorsConstants.Origin))
             {
                 var policy = await _corsPolicyProvider.GetPolicyAsync(httpContext, PolicyName);
+
+                if (policy == null)
+                {
+                    throw new InvalidOperationException(
+                        Resources.FormatCorsAuthorizationFilter_MissingCorsPolicy(PolicyName));
+                }
+
                 var result = _corsService.EvaluatePolicy(context.HttpContext, policy);
                 _corsService.ApplyResult(result, context.HttpContext.Response);
 
diff --git a/src/Microsoft.AspNetCore.Mvc.Cors/Properties/Resources.Designer.cs b/src/Microsoft.AspNetCore.Mvc.Cors/Properties/Resources.Designer.cs
new file mode 100644
index 0000000000..b36a27e978
--- /dev/null
+++ b/src/Microsoft.AspNetCore.Mvc.Cors/Properties/Resources.Designer.cs
@@ -0,0 +1,46 @@
+// <auto-generated />
+namespace Microsoft.AspNetCore.Mvc.Cors
+{
+    using System.Globalization;
+    using System.Reflection;
+    using System.Resources;
+
+    internal static class Resources
+    {
+        private static readonly ResourceManager _resourceManager
+            = new ResourceManager("Microsoft.AspNetCore.Mvc.Cors.Resources", typeof(Resources).GetTypeInfo().Assembly);
+
+        /// <summary>
+        /// A CORS policy named '{0}' could not be found.
+        /// </summary>
+        internal static string CorsAuthorizationFilter_MissingCorsPolicy
+        {
+            get { return GetString("CorsAuthorizationFilter_MissingCorsPolicy"); }
+        }
+
+        /// <summary>
+        /// A CORS policy named '{0}' could not be found.
+        /// </summary>
+        internal static string FormatCorsAuthorizationFilter_MissingCorsPolicy(object p0)
+        {
+            return string.Format(CultureInfo.CurrentCulture, GetString("CorsAuthorizationFilter_MissingCorsPolicy"), p0);
+        }
+
+        private static string GetString(string name, params string[] formatterNames)
+        {
+            var value = _resourceManager.GetString(name);
+
+            System.Diagnostics.Debug.Assert(value != null);
+
+            if (formatterNames != null)
+            {
+                for (var i = 0; i < formatterNames.Length; i++)
+                {
+                    value = value.Replace("{" + formatterNames[i] + "}", "{" + i + "}");
+                }
+            }
+
+            return value;
+        }
+    }
+}
diff --git a/src/Microsoft.AspNetCore.Mvc.Cors/Resources.resx b/src/Microsoft.AspNetCore.Mvc.Cors/Resources.resx
new file mode 100644
index 0000000000..6c4897ab7f
--- /dev/null
+++ b/src/Microsoft.AspNetCore.Mvc.Cors/Resources.resx
@@ -0,0 +1,123 @@
+<?xml version="1.0" encoding="utf-8"?>
+<root>
+  <!--
+    Microsoft ResX Schema
+
+    Version 2.0
+
+    The primary goals of this format is to allow a simple XML format
+    that is mostly human readable. The generation and parsing of the
+    various data types are done through the TypeConverter classes
+    associated with the data types.
+
+    Example:
+
+    ... ado.net/XML headers & schema ...
+    <resheader name="resmimetype">text/microsoft-resx</resheader>
+    <resheader name="version">2.0</resheader>
+    <resheader name="reader">System.Resources.ResXResourceReader, System.Windows.Forms, ...</resheader>
+    <resheader name="writer">System.Resources.ResXResourceWriter, System.Windows.Forms, ...</resheader>
+    <data name="Name1"><value>this is my long string</value><comment>this is a comment</comment></data>
+    <data name="Color1" type="System.Drawing.Color, System.Drawing">Blue</data>
+    <data name="Bitmap1" mimetype="application/x-microsoft.net.object.binary.base64">
+        <value>[base64 mime encoded serialized .NET Framework object]</value>
+    </data>
+    <data name="Icon1" type="System.Drawing.Icon, System.Drawing" mimetype="application/x-microsoft.net.object.bytearray.base64">
+        <value>[base64 mime encoded string representing a byte array form of the .NET Framework object]</value>
+        <comment>This is a comment</comment>
+    </data>
+
+    There are any number of "resheader" rows that contain simple
+    name/value pairs.
+
+    Each data row contains a name, and value. The row also contains a
+    type or mimetype. Type corresponds to a .NET class that support
+    text/value conversion through the TypeConverter architecture.
+    Classes that don't support this are serialized and stored with the
+    mimetype set.
+
+    The mimetype is used for serialized objects, and tells the
+    ResXResourceReader how to depersist the object. This is currently not
+    extensible. For a given mimetype the value must be set accordingly:
+
+    Note - application/x-microsoft.net.object.binary.base64 is the format
+    that the ResXResourceWriter will generate, however the reader can
+    read any of the formats listed below.
+
+    mimetype: application/x-microsoft.net.object.binary.base64
+    value   : The object must be serialized with
+            : System.Runtime.Serialization.Formatters.Binary.BinaryFormatter
+            : and then encoded with base64 encoding.
+
+    mimetype: application/x-microsoft.net.object.soap.base64
+    value   : The object must be serialized with
+            : System.Runtime.Serialization.Formatters.Soap.SoapFormatter
+            : and then encoded with base64 encoding.
+
+    mimetype: application/x-microsoft.net.object.bytearray.base64
+    value   : The object must be serialized into a byte array
+            : using a System.ComponentModel.TypeConverter
+            : and then encoded with base64 encoding.
+    -->
+  <xsd:schema id="root" xmlns="" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:msdata="urn:schemas-microsoft-com:xml-msdata">
+    <xsd:import namespace="http://www.w3.org/XML/1998/namespace" />
+    <xsd:element name="root" msdata:IsDataSet="true">
+      <xsd:complexType>
+        <xsd:choice maxOccurs="unbounded">
+          <xsd:element name="metadata">
+            <xsd:complexType>
+              <xsd:sequence>
+                <xsd:element name="value" type="xsd:string" minOccurs="0" />
+              </xsd:sequence>
+              <xsd:attribute name="name" use="required" type="xsd:string" />
+              <xsd:attribute name="type" type="xsd:string" />
+              <xsd:attribute name="mimetype" type="xsd:string" />
+              <xsd:attribute ref="xml:space" />
+            </xsd:complexType>
+          </xsd:element>
+          <xsd:element name="assembly">
+            <xsd:complexType>
+              <xsd:attribute name="alias" type="xsd:string" />
+              <xsd:attribute name="name" type="xsd:string" />
+            </xsd:complexType>
+          </xsd:element>
+          <xsd:element name="data">
+            <xsd:complexType>
+              <xsd:sequence>
+                <xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" />
+                <xsd:element name="comment" type="xsd:string" minOccurs="0" msdata:Ordinal="2" />
+              </xsd:sequence>
+              <xsd:attribute name="name" type="xsd:string" use="required" msdata:Ordinal="1" />
+              <xsd:attribute name="type" type="xsd:string" msdata:Ordinal="3" />
+              <xsd:attribute name="mimetype" type="xsd:string" msdata:Ordinal="4" />
+              <xsd:attribute ref="xml:space" />
+            </xsd:complexType>
+          </xsd:element>
+          <xsd:element name="resheader">
+            <xsd:complexType>
+              <xsd:sequence>
+                <xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" />
+              </xsd:sequence>
+              <xsd:attribute name="name" type="xsd:string" use="required" />
+            </xsd:complexType>
+          </xsd:element>
+        </xsd:choice>
+      </xsd:complexType>
+    </xsd:element>
+  </xsd:schema>
+  <resheader name="resmimetype">
+    <value>text/microsoft-resx</value>
+  </resheader>
+  <resheader name="version">
+    <value>2.0</value>
+  </resheader>
+  <resheader name="reader">
+    <value>System.Resources.ResXResourceReader, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
+  </resheader>
+  <resheader name="writer">
+    <value>System.Resources.ResXResourceWriter, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
+  </resheader>
+  <data name="CorsAuthorizationFilter_MissingCorsPolicy" xml:space="preserve">
+    <value>A CORS policy named '{0}' could not be found.</value>
+  </data>
+</root>