Added Permanent property to configure RequireHttpsAttribute

Fixes #4561
2016-05-17 01:18:53 +02:00 · 2016-05-17 01:18:53 +02:00 · 230776f4b0
parent 61a176e478
commit 230776f4b0
2 changed files with 28 additions and 1 deletions
--- a/src/Microsoft.AspNetCore.Mvc.Core/RequireHttpsAttribute.cs
+++ b/src/Microsoft.AspNetCore.Mvc.Core/RequireHttpsAttribute.cs
@ -15,6 +15,12 @@ namespace Microsoft.AspNetCore.Mvc
    [AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, Inherited = true, AllowMultiple = false)]
    public class RequireHttpsAttribute : Attribute, IAuthorizationFilter, IOrderedFilter
    {
+        /// <summary>
+        /// Specifies whether a permanent redirect, <c>301 Moved Permanently</c>,
+        /// should be used instead of a temporary redirect, <c>302 Found</c>.
+        /// </summary>
+        public bool Permanent { get; set; }
+
        /// <inheritdoc />
        public int Order { get; set; }

@ -84,7 +90,7 @@ namespace Microsoft.AspNetCore.Mvc
                    request.QueryString.ToUriComponent());

                // redirect to HTTPS version of page
-                filterContext.Result = new RedirectResult(newUrl, permanent: false);
+                filterContext.Result = new RedirectResult(newUrl, Permanent);
            }
        }
    }
--- a/test/Microsoft.AspNetCore.Mvc.Core.Test/RequireHttpsAttributeTests.cs
+++ b/test/Microsoft.AspNetCore.Mvc.Core.Test/RequireHttpsAttributeTests.cs
@ -191,6 +191,27 @@ namespace Microsoft.AspNetCore.Mvc
            Assert.Equal(expectedUrl, result.Url);
        }

+        [Theory]
+        [InlineData(true)]
+        [InlineData(false)]
+        public void OnAuthorization_RedirectsToHttpsEndpoint_WithSpecifiedStatusCode(bool permanent)
+        {
+            var requestContext = new DefaultHttpContext();
+            requestContext.RequestServices = CreateServices();
+            requestContext.Request.Scheme = "http";
+            requestContext.Request.Method = "GET";
+            
+            var authContext = CreateAuthorizationContext(requestContext);
+            var attr = new RequireHttpsAttribute { Permanent = permanent };
+
+            // Act
+            attr.OnAuthorization(authContext);
+
+            // Assert
+            var result = Assert.IsType<RedirectResult>(authContext.Result);
+            Assert.Equal(permanent, result.Permanent);
+        }
+
        private class CustomRequireHttpsAttribute : RequireHttpsAttribute
        {
            protected override void HandleNonHttpsRequest(AuthorizationFilterContext filterContext)