huahaofeng
/
aspnetcore
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge branch 'release/3.0-preview3'

This commit is contained in:
Nate McMaster 2019-02-21 10:30:11 -08:00 committed by GitHub
parent e5f4400257 7a87e8c6a7
commit 4451a80447
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
22 changed files with 241 additions and 228 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.azure/pipelines/ci.yml
View File

@ -79,10 +79,6 @@ jobs:
displayName: Run sign check
condition: eq(variables['_SignType'], 'real')
# Detect OSS Components in use in the product. Only needs to run on one OS in the matrix.
- task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0
displayName: Detect components
condition: and(succeeded(), eq(variables['system.pullrequest.isfork'], false))
artifacts:
- name: Windows_Packages
path: artifacts/packages/

17
.azure/pipelines/jobs/default-build.yml
View File

@ -140,21 +140,26 @@ jobs:
- ${{ if eq(parameters.agentOs, 'Windows') }}:
- script: .\$(BuildDirectory)\build.cmd -ci /p:SignType=$(_SignType) /p:Configuration=$(BuildConfiguration) $(BuildScriptArgs)
displayName: Run build.cmd
- powershell: eng\scripts\KillProcesses.ps1
displayName: Kill processes
condition: always()
- ${{ if ne(parameters.agentOs, 'Windows') }}:
- script: ./$(BuildDirectory)/build.sh -ci -p:Configuration=$(BuildConfiguration) $(BuildScriptArgs)
displayName: Run build.sh
- script: eng/scripts/KillProcesses.sh
displayName: Kill processes
condition: always()
- ${{ if ne(parameters.buildScript, '') }}:
- script: $(BuildScript) /p:Configuration=$(BuildConfiguration) $(BuildScriptArgs)
displayName: run $(BuildScript)
- ${{ parameters.afterBuild }}
- ${{ if eq(parameters.agentOs, 'Windows') }}:
- powershell: eng\scripts\KillProcesses.ps1
displayName: Kill processes
continueOnError: true
condition: always()
- ${{ if ne(parameters.agentOs, 'Windows') }}:
- script: eng/scripts/KillProcesses.sh
displayName: Kill processes
continueOnError: true
condition: always()
- task: PublishTestResults@2
displayName: Publish test results
condition: always()

32
eng/scripts/KillProcesses.ps1
View File

@ -1,16 +1,26 @@
$ErrorActionPreference = 'Continue'
taskkill /T /F /IM dotnet.exe
taskkill /T /F /IM testhost.exe
taskkill /T /F /IM iisexpress.exe
taskkill /T /F /IM iisexpresstray.exe
taskkill /T /F /IM w3wp.exe
taskkill /T /F /IM msbuild.exe
taskkill /T /F /IM vbcscompiler.exe
taskkill /T /F /IM git.exe
taskkill /T /F /IM vctip.exe
taskkill /T /F /IM chrome.exe
taskkill /T /F /IM h2spec.exe
function _kill($processName) {
try {
# Redirect stderr to stdout to avoid big red blocks of output in Azure Pipeline logging
# when there are no instances of the process
& cmd /c "taskkill /T /F /IM ${processName} 2>&1"
} catch {
Write-Host "Failed to kill ${processName}: $_"
}
}
_kill dotnet.exe
_kill testhost.exe
_kill iisexpress.exe
_kill iisexpresstray.exe
_kill w3wp.exe
_kill msbuild.exe
_kill vbcscompiler.exe
_kill git.exe
_kill vctip.exe
_kill chrome.exe
_kill h2spec.exe
iisreset /restart
exit 0

33
src/Framework/ref/Microsoft.AspNetCore.App.Ref.csproj
View File

@ -18,11 +18,10 @@ This package is an internal implementation of the .NET Core SDK and is not meant
<PackageTags>aspnetcore;targeting-pack</PackageTags>
<SuppressDependenciesWhenPacking>true</SuppressDependenciesWhenPacking>
<!-- Subject to change: see https://github.com/dotnet/designs/pull/50 -->
<PackageType>TargetingPack</PackageType>
<PackageType>DotnetPlatform</PackageType>
<RefAssemblyPackagePath>ref/$(TargetFramework)/</RefAssemblyPackagePath>
<LayoutTargetDir>$(TargetingPackLayoutRoot)packs/Microsoft.AspNetCore.App.Ref/$(PackageVersion)/$(RefAssemblyPackagePath)</LayoutTargetDir>
<LayoutTargetDir>$(TargetingPackLayoutRoot)packs/Microsoft.AspNetCore.App.Ref/$(PackageVersion)/</LayoutTargetDir>
<ArchiveOutputFileName>aspnetcore-targeting-pack-$(PackageVersion).zip</ArchiveOutputFileName>
<ArchiveOutputPath>$(InstallersOutputPath)$(ArchiveOutputFileName)</ArchiveOutputPath>
@ -56,7 +55,6 @@ This package is an internal implementation of the .NET Core SDK and is not meant
$(BuildDependsOn);
GeneratePackageConflictManifest;
_ResolveTargetingPackContent;
_BatchCopyToOutputDirectory;
_BatchCopyToLayoutTargetDir;
_CreateTargetingPackArchive;
</BuildDependsOn>
@ -87,15 +85,11 @@ This package is an internal implementation of the .NET Core SDK and is not meant
<AspNetCoreReferenceDocXml Include="@(AspNetCoreReferenceAssemblyPath->'%(RootDir)%(Directory)%(FileName).xml')" />
<!-- Exclude known missing XML docs files. Time-boxing this workaround because we want XML docs for everything. This can be removed when we get a new build with https://github.com/dotnet/core-setup/pull/5109. -->
<AspNetCoreReferenceDocXml Remove="@(AspNetCoreReferenceDocXml)"
Condition="'$(MicrosoftNETCoreAppPackageVersion)' == '3.0.0-preview-27405-2' AND ('%(FileName)' == 'Microsoft.Extensions.DependencyModel' OR '%(FileName)' == 'Microsoft.DotNet.PlatformAbstractions' )" />
<RefPackContent Include="@(AspNetCoreReferenceAssemblyPath)" PackagePath="$(RefAssemblyPackagePath)" />
<RefPackContent Include="@(AspNetCoreReferenceDocXml)" PackagePath="$(RefAssemblyPackagePath)" />
<RefPackContent Include="$(TargetDir)$(PackageConflictManifestFileName)" PackagePath="$(PackageConflictManifestPackagePath)" />
<RefPackContent Include="@(AspNetCoreReferenceAssemblyPath)" />
<RefPackContent Include="@(AspNetCoreReferenceDocXml)" />
<_PackageFiles Include="@(RefPackContent)" PackagePath="$(RefAssemblyPackagePath)" />
<_PackageFiles Include="$(TargetDir)$(PackageConflictManifestFileName)" PackagePath="$(PackageConflictManifestPackagePath)" />
<_PackageFiles Include="@(RefPackContent)" />
</ItemGroup>
</Target>
@ -114,25 +108,14 @@ This package is an internal implementation of the .NET Core SDK and is not meant
Overwrite="true" />
</Target>
<!-- Written to take advantage of target batching in MSBuild. -->
<Target Name="_BatchCopyToOutputDirectory"
DependsOnTargets="_ResolveTargetingPackContent"
Inputs="@(RefPackContent)"
Outputs="@(RefPackContent->'$(TargetDir)%(FileName)%(Extension)')">
<Copy SourceFiles="@(RefPackContent)"
DestinationFiles="@(RefPackContent->'$(TargetDir)%(FileName)%(Extension)')"
UseHardlinksIfPossible="true" />
</Target>
<!-- Written to take advantage of target batching in MSBuild. -->
<Target Name="_BatchCopyToLayoutTargetDir"
DependsOnTargets="_ResolveTargetingPackContent"
Inputs="@(RefPackContent)"
Outputs="@(RefPackContent->'$(LayoutTargetDir)%(FileName)%(Extension)')">
Outputs="@(RefPackContent->'$(LayoutTargetDir)%(PackagePath)%(FileName)%(Extension)')">
<Copy SourceFiles="@(RefPackContent)"
DestinationFiles="@(RefPackContent->'$(LayoutTargetDir)%(FileName)%(Extension)')"
DestinationFiles="@(RefPackContent->'$(LayoutTargetDir)%(PackagePath)%(FileName)%(Extension)')"
UseHardlinksIfPossible="true" />
</Target>

3
src/Framework/src/Microsoft.AspNetCore.App.Runtime.csproj
View File

@ -23,8 +23,7 @@ This package is an internal implementation of the .NET Core SDK and is not meant
<PackageTags>aspnetcore;shared-framework</PackageTags>
<SuppressDependenciesWhenPacking>true</SuppressDependenciesWhenPacking>
<!-- Subject to change: see https://github.com/dotnet/designs/pull/50 -->
<PackageType>RuntimePack</PackageType>
<PackageType>DotnetPlatform</PackageType>
<!-- NuGet appends target framework to this value. Example: runtimes/win-x64/lib/netcoreapp3.0/ -->
<BuildOutputTargetFolder>runtimes/$(RuntimeIdentifier)/lib/</BuildOutputTargetFolder>
<!-- Target framework is not append to this because native assets to not have a target framework. -->

4
src/Framework/src/SharedFx.targets
View File

@ -15,10 +15,10 @@ This targets file should only be imported by .shfxproj files.
GenerateSharedFxVersionsFile;
GenerateBuildDependencyFile;
PrepareForPublish;
GeneratePublishDependencyFile;
GenerateSharedFxMetadataFiles;
GenerateBuildRuntimeConfigurationFiles;
ComputeAndCopyFilesToPublishDirectory;
GeneratePublishDependencyFile;
GenerateSharedFxMetadataFiles;
CopySharedFxToOutput;
CollectSharedFxOutput;
PostBuildEvent;

4
src/Framework/test/Microsoft.AspNetCore.App.UnitTests.csproj
View File

@ -49,6 +49,10 @@
<_Parameter1>ManifestOutputDir</_Parameter1>
<_Parameter2>%(_ResolvedFrameworkReference.ManifestOutputDir)</_Parameter2>
</AssemblyAttribute>
<AssemblyAttribute Include="Microsoft.AspNetCore.TestData">
<_Parameter1>RuntimeAssetsOutputPath</_Parameter1>
<_Parameter2>%(_ResolvedFrameworkReference.RuntimeAssetsOutputPath)</_Parameter2>
</AssemblyAttribute>
</ItemGroup>
</Target>

29
src/Framework/test/SharedFxTests.cs
View File

@ -24,6 +24,33 @@ namespace Microsoft.AspNetCore
_expectedRid = TestData.GetSharedFxRuntimeIdentifier();
}
[Fact]
public void SharedFrameworkContainsExpectedFiles()
{
var actualAssemblies = Directory.GetFiles(TestData.GetTestDataValue("RuntimeAssetsOutputPath"), "*.dll")
.Select(Path.GetFileNameWithoutExtension)
.ToHashSet();
var expectedAssemblies = TestData.GetSharedFxDependencies()
.Split(';', StringSplitOptions.RemoveEmptyEntries)
.ToHashSet();
_output.WriteLine("==== actual assemblies ====");
_output.WriteLine(string.Join('\n', actualAssemblies.OrderBy(i => i)));
_output.WriteLine("==== expected assemblies ====");
_output.WriteLine(string.Join('\n', expectedAssemblies.OrderBy(i => i)));
var missing = expectedAssemblies.Except(actualAssemblies);
var unexpected = actualAssemblies.Except(expectedAssemblies);
_output.WriteLine("==== missing assemblies from the framework ====");
_output.WriteLine(string.Join('\n', missing));
_output.WriteLine("==== unexpected assemblies in the framework ====");
_output.WriteLine(string.Join('\n', unexpected));
Assert.Empty(missing);
Assert.Empty(unexpected);
}
[Fact]
public void PlatformManifestListsAllFiles()
{
@ -35,7 +62,7 @@ namespace Microsoft.AspNetCore
_output.WriteLine("==== file contents ====");
_output.WriteLine(File.ReadAllText(platformManifestPath));
_output.WriteLine("==== expected assemblies ====");
_output.WriteLine(string.Join('\n', expectedAssemblies));
_output.WriteLine(string.Join('\n', expectedAssemblies.OrderBy(i => i)));
AssertEx.FileExists(platformManifestPath);

3
src/Middleware/CORS/samples/SampleDestination/Startup.cs
View File

@ -50,8 +50,7 @@ namespace SampleDestination
options.AddPolicy("AllowAll", policy => policy
.AllowAnyOrigin()
.AllowAnyMethod()
.AllowAnyHeader()
.AllowCredentials());
.AllowAnyHeader());
});
services.AddRouting();
}

3
src/Middleware/CORS/samples/SampleDestination/StartupWithoutEndpointRouting.cs
View File

@ -73,8 +73,7 @@ namespace SampleDestination
innerBuilder.UseCors(policy => policy
.AllowAnyOrigin()
.AllowAnyMethod()
.AllowAnyHeader()
.AllowCredentials());
.AllowAnyHeader());
innerBuilder.UseMiddleware<SampleMiddleware>();
});

5
src/Middleware/CORS/src/Infrastructure/CorsPolicyBuilder.cs
View File

@ -224,6 +224,11 @@ namespace Microsoft.AspNetCore.Cors.Infrastructure
/// <returns>The constructed <see cref="CorsPolicy"/>.</returns>
public CorsPolicy Build()
{
if (_policy.AllowAnyOrigin && _policy.SupportsCredentials)
{
throw new InvalidOperationException(Resources.InsecureConfiguration);
}
return _policy;
}

3
src/Middleware/CORS/src/Infrastructure/CorsService.cs
View File

@ -8,7 +8,6 @@ using System.Linq;
using Microsoft.AspNetCore.Cors.Internal;
using Microsoft.AspNetCore.Http;
using Microsoft.Extensions.Logging;
using Microsoft.Extensions.Logging.Abstractions;
using Microsoft.Extensions.Options;
using Microsoft.Extensions.Primitives;
@ -77,7 +76,7 @@ namespace Microsoft.AspNetCore.Cors.Infrastructure
if (policy.AllowAnyOrigin && policy.SupportsCredentials)
{
_logger.InsecureConfiguration();
throw new ArgumentException(Resources.InsecureConfiguration, nameof(policy));
}
var origin = context.Request.Headers[CorsConstants.Origin];

11
src/Middleware/CORS/src/Internal/CORSLoggerExtensions.cs
View File

@ -18,7 +18,6 @@ namespace Microsoft.AspNetCore.Cors.Internal
private static readonly Action<ILogger, string, Exception> _requestHeaderNotAllowed;
private static readonly Action<ILogger, Exception> _failedToSetCorsHeaders;
private static readonly Action<ILogger, Exception> _noCorsPolicyFound;
private static readonly Action<ILogger, Exception> _insecureConfiguration;
private static readonly Action<ILogger, Exception> _isNotPreflightRequest;
static CORSLoggerExtensions()
@ -73,11 +72,6 @@ namespace Microsoft.AspNetCore.Cors.Internal
new EventId(10, "NoCorsPolicyFound"),
"No CORS policy found for the specified request.");
_insecureConfiguration = LoggerMessage.Define(
LogLevel.Warning,
new EventId(11, "InsecureConfiguration"),
"The CORS protocol does not allow specifying a wildcard (any) origin and credentials at the same time. Configure the policy by listing individual origins if credentials needs to be supported.");
_isNotPreflightRequest = LoggerMessage.Define(
LogLevel.Debug,
new EventId(12, "IsNotPreflightRequest"),
@ -134,11 +128,6 @@ namespace Microsoft.AspNetCore.Cors.Internal
_noCorsPolicyFound(logger, null);
}
public static void InsecureConfiguration(this ILogger logger)
{
_insecureConfiguration(logger, null);
}
public static void IsNotPreflightRequest(this ILogger logger)
{
_isNotPreflightRequest(logger, null);

58
src/Middleware/CORS/src/Properties/Resources.Designer.cs generated Normal file
View File

@ -0,0 +1,58 @@
// <auto-generated />
namespace Microsoft.AspNetCore.Cors
{
using System.Globalization;
using System.Reflection;
using System.Resources;
internal static class Resources
{
private static readonly ResourceManager _resourceManager
= new ResourceManager("Microsoft.AspNetCore.Cors.Resources", typeof(Resources).GetTypeInfo().Assembly);
/// <summary>
/// The CORS protocol does not allow specifying a wildcard (any) origin and credentials at the same time. Configure the CORS policy by listing individual origins if credentials needs to be supported.
/// </summary>
internal static string InsecureConfiguration
{
get => GetString("InsecureConfiguration");
}
/// <summary>
/// The CORS protocol does not allow specifying a wildcard (any) origin and credentials at the same time. Configure the CORS policy by listing individual origins if credentials needs to be supported.
/// </summary>
internal static string FormatInsecureConfiguration()
=> GetString("InsecureConfiguration");
/// <summary>
/// PreflightMaxAge must be greater than or equal to 0.
/// </summary>
internal static string PreflightMaxAgeOutOfRange
{
get => GetString("PreflightMaxAgeOutOfRange");
}
/// <summary>
/// PreflightMaxAge must be greater than or equal to 0.
/// </summary>
internal static string FormatPreflightMaxAgeOutOfRange()
=> GetString("PreflightMaxAgeOutOfRange");
private static string GetString(string name, params string[] formatterNames)
{
var value = _resourceManager.GetString(name);
System.Diagnostics.Debug.Assert(value != null);
if (formatterNames != null)
{
for (var i = 0; i < formatterNames.Length; i++)
{
value = value.Replace("{" + formatterNames[i] + "}", "{" + i + "}");
}
}
return value;
}
}
}

71
src/Middleware/CORS/src/Resources.Designer.cs generated
View File

@ -1,71 +0,0 @@
//------------------------------------------------------------------------------
// <auto-generated>
// This code was generated by a tool.
// Runtime Version:4.0.30319.42000
//
// Changes to this file may cause incorrect behavior and will be lost if
// the code is regenerated.
// </auto-generated>
//------------------------------------------------------------------------------
namespace Microsoft.AspNetCore.Cors {
using System;
using System.Reflection;
/// <summary>
/// A strongly-typed resource class, for looking up localized strings, etc.
/// </summary>
// This class was auto-generated by the StronglyTypedResourceBuilder
// class via a tool like ResGen or Visual Studio.
// To add or remove a member, edit your .ResX file then rerun ResGen
// with the /str option, or rebuild your VS project.
[global::System.Diagnostics.DebuggerNonUserCodeAttribute()]
[global::System.Runtime.CompilerServices.CompilerGeneratedAttribute()]
internal class Resources {
private static global::System.Resources.ResourceManager resourceMan;
private static global::System.Globalization.CultureInfo resourceCulture;
internal Resources() {
}
/// <summary>
/// Returns the cached ResourceManager instance used by this class.
/// </summary>
[global::System.ComponentModel.EditorBrowsableAttribute(global::System.ComponentModel.EditorBrowsableState.Advanced)]
internal static global::System.Resources.ResourceManager ResourceManager {
get {
if (object.ReferenceEquals(resourceMan, null)) {
global::System.Resources.ResourceManager temp = new global::System.Resources.ResourceManager("Microsoft.AspNetCore.Cors.Resources", typeof(Resources).GetTypeInfo().Assembly);
resourceMan = temp;
}
return resourceMan;
}
}
/// <summary>
/// Overrides the current thread's CurrentUICulture property for all
/// resource lookups using this strongly typed resource class.
/// </summary>
[global::System.ComponentModel.EditorBrowsableAttribute(global::System.ComponentModel.EditorBrowsableState.Advanced)]
internal static global::System.Globalization.CultureInfo Culture {
get {
return resourceCulture;
}
set {
resourceCulture = value;
}
}
/// <summary>
/// Looks up a localized string similar to PreflightMaxAge must be greater than or equal to 0..
/// </summary>
internal static string PreflightMaxAgeOutOfRange {
get {
return ResourceManager.GetString("PreflightMaxAgeOutOfRange", resourceCulture);
}
}
}
}

101
src/Middleware/CORS/src/Resources.resx
View File

@ -1,6 +1,6 @@
<?xml version="1.0" encoding="utf-8"?>
<root>
<!--
<!--
Microsoft ResX Schema
Version 2.0
@ -60,63 +60,66 @@
: and then encoded with base64 encoding.
-->
<xsd:schema id="root" xmlns="" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:msdata="urn:schemas-microsoft-com:xml-msdata">
<xsd:import namespace="http://www.w3.org/XML/1998/namespace" />
<xsd:element name="root" msdata:IsDataSet="true">
<xsd:complexType>
<xsd:choice maxOccurs="unbounded">
<xsd:element name="metadata">
<xsd:complexType>
<xsd:sequence>
<xsd:element name="value" type="xsd:string" minOccurs="0" />
</xsd:sequence>
<xsd:attribute name="name" use="required" type="xsd:string" />
<xsd:attribute name="type" type="xsd:string" />
<xsd:attribute name="mimetype" type="xsd:string" />
<xsd:attribute ref="xml:space" />
</xsd:complexType>
</xsd:element>
<xsd:element name="assembly">
<xsd:complexType>
<xsd:attribute name="alias" type="xsd:string" />
<xsd:attribute name="name" type="xsd:string" />
</xsd:complexType>
</xsd:element>
<xsd:element name="data">
<xsd:complexType>
<xsd:sequence>
<xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" />
<xsd:element name="comment" type="xsd:string" minOccurs="0" msdata:Ordinal="2" />
</xsd:sequence>
<xsd:attribute name="name" type="xsd:string" use="required" msdata:Ordinal="1" />
<xsd:attribute name="type" type="xsd:string" msdata:Ordinal="3" />
<xsd:attribute name="mimetype" type="xsd:string" msdata:Ordinal="4" />
<xsd:attribute ref="xml:space" />
</xsd:complexType>
</xsd:element>
<xsd:element name="resheader">
<xsd:complexType>
<xsd:sequence>
<xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" />
</xsd:sequence>
<xsd:attribute name="name" type="xsd:string" use="required" />
</xsd:complexType>
</xsd:element>
</xsd:choice>
</xsd:complexType>
</xsd:element>
<xsd:import namespace="http://www.w3.org/XML/1998/namespace" />
<xsd:element name="root" msdata:IsDataSet="true">
<xsd:complexType>
<xsd:choice maxOccurs="unbounded">
<xsd:element name="metadata">
<xsd:complexType>
<xsd:sequence>
<xsd:element name="value" type="xsd:string" minOccurs="0" />
</xsd:sequence>
<xsd:attribute name="name" use="required" type="xsd:string" />
<xsd:attribute name="type" type="xsd:string" />
<xsd:attribute name="mimetype" type="xsd:string" />
<xsd:attribute ref="xml:space" />
</xsd:complexType>
</xsd:element>
<xsd:element name="assembly">
<xsd:complexType>
<xsd:attribute name="alias" type="xsd:string" />
<xsd:attribute name="name" type="xsd:string" />
</xsd:complexType>
</xsd:element>
<xsd:element name="data">
<xsd:complexType>
<xsd:sequence>
<xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" />
<xsd:element name="comment" type="xsd:string" minOccurs="0" msdata:Ordinal="2" />
</xsd:sequence>
<xsd:attribute name="name" type="xsd:string" use="required" msdata:Ordinal="1" />
<xsd:attribute name="type" type="xsd:string" msdata:Ordinal="3" />
<xsd:attribute name="mimetype" type="xsd:string" msdata:Ordinal="4" />
<xsd:attribute ref="xml:space" />
</xsd:complexType>
</xsd:element>
<xsd:element name="resheader">
<xsd:complexType>
<xsd:sequence>
<xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" />
</xsd:sequence>
<xsd:attribute name="name" type="xsd:string" use="required" />
</xsd:complexType>
</xsd:element>
</xsd:choice>
</xsd:complexType>
</xsd:element>
</xsd:schema>
<resheader name="resmimetype">
<value>text/microsoft-resx</value>
<value>text/microsoft-resx</value>
</resheader>
<resheader name="version">
<value>2.0</value>
<value>2.0</value>
</resheader>
<resheader name="reader">
<value>System.Resources.ResXResourceReader, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
<value>System.Resources.ResXResourceReader, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
</resheader>
<resheader name="writer">
<value>System.Resources.ResXResourceWriter, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
<value>System.Resources.ResXResourceWriter, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
</resheader>
<data name="InsecureConfiguration" xml:space="preserve">
<value>The CORS protocol does not allow specifying a wildcard (any) origin and credentials at the same time. Configure the CORS policy by listing individual origins if credentials needs to be supported.</value>
</data>
<data name="PreflightMaxAgeOutOfRange" xml:space="preserve">
<value>PreflightMaxAge must be greater than or equal to 0.</value>
</data>

2
src/Middleware/CORS/test/FunctionalTests/CorsMiddlewareFunctionalTest.cs
View File

@ -14,6 +14,8 @@ using Microsoft.Extensions.Logging.Testing;
using Xunit;
using Xunit.Abstractions;
[assembly: CollectionBehavior(CollectionBehavior.CollectionPerAssembly)]
namespace FunctionalTests
{
public class CorsMiddlewareFunctionalTests : LoggedTest

18
src/Middleware/CORS/test/UnitTests/CorsPolicyBuilderTests.cs
View File

@ -1,4 +1,4 @@
// Copyright (c) .NET Foundation. All rights reserved.
// Copyright (c) .NET Foundation. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
using System;
@ -285,7 +285,6 @@ namespace Microsoft.AspNetCore.Cors.Infrastructure
Assert.True(corsPolicy.SupportsCredentials);
}
[Fact]
public void DisallowCredential_SetsSupportsCredentials_ToFalse()
{
@ -300,6 +299,21 @@ namespace Microsoft.AspNetCore.Cors.Infrastructure
Assert.False(corsPolicy.SupportsCredentials);
}
[Fact]
public void Build_ThrowsIfConfiguredToAllowAnyOriginWithCredentials()
{
// Arrange
var builder = new CorsPolicyBuilder()
.AllowAnyOrigin()
.AllowCredentials();
// Act
var ex = Assert.Throws<InvalidOperationException>(() => builder.Build());
// Assert
Assert.Equal(Resources.InsecureConfiguration, ex.Message);
}
[Theory]
[InlineData("Some-String", "some-string")]
[InlineData("x:\\Test", "x:\\test")]

52
src/Middleware/CORS/test/UnitTests/CorsServiceTests.cs
View File

@ -3,6 +3,7 @@
using System;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Testing;
using Microsoft.Extensions.Logging.Abstractions;
using Microsoft.Extensions.Options;
using Xunit;
@ -11,6 +12,25 @@ namespace Microsoft.AspNetCore.Cors.Infrastructure
{
public class CorsServiceTests
{
[Fact]
public void EvaluatePolicy_Throws_IfPolicyIsIncorrectlyConfigured()
{
// Arrange
var corsService = GetCorsService();
var requestContext = GetHttpContext("POST", origin: null);
var policy = new CorsPolicy
{
Origins = { "*" },
SupportsCredentials = true,
};
// Act & Assert
ExceptionAssert.ThrowsArgument(
() => corsService.EvaluatePolicy(requestContext, policy),
"policy",
Resources.InsecureConfiguration);
}
[Fact]
public void EvaluatePolicy_NoOrigin_ReturnsInvalidResult()
{
@ -103,10 +123,7 @@ namespace Microsoft.AspNetCore.Cors.Infrastructure
// Arrange
var corsService = GetCorsService();
var requestContext = GetHttpContext(origin: "http://example.com");
var policy = new CorsPolicy
{
SupportsCredentials = true
};
var policy = new CorsPolicy();
policy.Origins.Add(CorsConstants.AnyOrigin);
// Act
@ -145,7 +162,7 @@ namespace Microsoft.AspNetCore.Cors.Infrastructure
{
SupportsCredentials = true
};
policy.Origins.Add(CorsConstants.AnyOrigin);
policy.Origins.Add("http://example.com");
// Act
var result = corsService.EvaluatePolicy(requestContext, policy);
@ -171,27 +188,6 @@ namespace Microsoft.AspNetCore.Cors.Infrastructure
Assert.False(result.VaryByOrigin);
}
[Fact]
public void EvaluatePolicy_AllowAnyOrigin_SupportsCredentials_DoesNotVaryByOrigin()
{
// Arrange
var corsService = GetCorsService();
var requestContext = GetHttpContext(origin: "http://example.com");
var policy = new CorsPolicy
{
SupportsCredentials = true
};
policy.Origins.Add(CorsConstants.AnyOrigin);
// Act
var result = corsService.EvaluatePolicy(requestContext, policy);
// Assert
Assert.Equal("*", result.AllowedOrigin);
Assert.True(result.SupportsCredentials);
Assert.True(result.VaryByOrigin);
}
[Fact]
public void EvaluatePolicy_AllowOneOrigin_DoesNotVaryByOrigin()
{
@ -369,7 +365,7 @@ namespace Microsoft.AspNetCore.Cors.Infrastructure
{
SupportsCredentials = true
};
policy.Origins.Add(CorsConstants.AnyOrigin);
policy.Origins.Add("http://example.com");
policy.Methods.Add("*");
// Act
@ -532,7 +528,7 @@ namespace Microsoft.AspNetCore.Cors.Infrastructure
var corsService = GetCorsService();
var httpContext = GetHttpContext(method: "OPTIONS", origin: "http://example.com", accessControlRequestMethod: "PUT");
var policy = new CorsPolicy();
policy.Origins.Add(CorsConstants.AnyOrigin);
policy.Origins.Add("http://example.com");
policy.Methods.Add("*");
policy.Headers.Add("*");
policy.SupportsCredentials = true;

7
src/Mvc/test/Mvc.FunctionalTests/CorsTestsBase.cs
View File

@ -157,7 +157,7 @@ namespace Microsoft.AspNetCore.Mvc.FunctionalTests
Assert.Equal(HttpStatusCode.OK, response.StatusCode);
var responseHeaders = response.Headers;
Assert.Equal(
new[] { "*" },
new[] { "http://example.com" },
responseHeaders.GetValues(CorsConstants.AccessControlAllowOrigin).ToArray());
Assert.Equal(
new[] { "true" },
@ -190,7 +190,7 @@ namespace Microsoft.AspNetCore.Mvc.FunctionalTests
Assert.Equal(HttpStatusCode.OK, response.StatusCode);
var responseHeaders = response.Headers;
Assert.Equal(
new[] { "*" },
new[] { "http://example.com" },
responseHeaders.GetValues(CorsConstants.AccessControlAllowOrigin).ToArray());
Assert.Equal(
new[] { "true" },
@ -302,9 +302,6 @@ namespace Microsoft.AspNetCore.Mvc.FunctionalTests
Assert.Equal(
new[] { "*" },
responseHeaders.GetValues(CorsConstants.AccessControlAllowOrigin).ToArray());
Assert.Equal(
new[] { "true" },
responseHeaders.GetValues(CorsConstants.AccessControlAllowCredentials).ToArray());
Assert.Equal(
new[] { "Custom" },
responseHeaders.GetValues(CorsConstants.AccessControlAllowHeaders).ToArray());

2
src/Mvc/test/WebSites/CorsWebSite/Controllers/BlogController.cs
View File

@ -29,7 +29,7 @@ namespace CorsWebSite
return "exclusive";
}
[EnableCors("WithCredentialsAnyOrigin")]
[EnableCors("WithCredentialsAndOtherSettings")]
public string EditUserComment(int id, string userComment)
{
return userComment;

7
src/Mvc/test/WebSites/CorsWebSite/Startup.cs
View File

@ -41,11 +41,11 @@ namespace CorsWebSite
});
options.AddPolicy(
"WithCredentialsAnyOrigin",
"WithCredentialsAndOtherSettings",
builder =>
{
builder.AllowCredentials()
.AllowAnyOrigin()
.WithOrigins("http://example.com")
.AllowAnyHeader()
.WithMethods("PUT", "POST")
.WithExposedHeaders("exposed1", "exposed2");
@ -55,8 +55,7 @@ namespace CorsWebSite
"AllowAll",
builder =>
{
builder.AllowCredentials()
.AllowAnyMethod()
builder.AllowAnyMethod()
.AllowAnyHeader()
.AllowAnyOrigin();
});