From 10e0ebe6512b55955025e7e5b232e5223d4be73e Mon Sep 17 00:00:00 2001 From: Phil Pursglove Date: Tue, 20 Nov 2018 16:09:40 +0000 Subject: [PATCH 1/2] Fix broken constructor --- DDDEastAnglia.Tests/Controllers/HomeControllerTests.cs | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/DDDEastAnglia.Tests/Controllers/HomeControllerTests.cs b/DDDEastAnglia.Tests/Controllers/HomeControllerTests.cs index 6ba3526e..561b4e5e 100644 --- a/DDDEastAnglia.Tests/Controllers/HomeControllerTests.cs +++ b/DDDEastAnglia.Tests/Controllers/HomeControllerTests.cs @@ -1,6 +1,9 @@ using DDDEastAnglia.Controllers; using DDDEastAnglia.DataAccess; +using DDDEastAnglia.Helpers.Agenda; +using DDDEastAnglia.Helpers.Sessions; using DDDEastAnglia.Models; +using NSubstitute; using NUnit.Framework; namespace DDDEastAnglia.Tests.Controllers @@ -102,7 +105,7 @@ public void Closed_ShouldRedirectToTheHomePage_WhenTheConferenceIsNotClosed() private HomeController CreateHomeController(IConferenceLoader conferenceLoader) { var sponsorModelQuery = new AllPublicSponsors(new InMemorySponsorRepository(), new DefaultSponsorSorter()); - return new HomeController(conferenceLoader, sponsorModelQuery); + return new HomeController(conferenceLoader, sponsorModelQuery, new AgendaSessionsLoader(Substitute.For(), Substitute.For())); } } } From f48489b38b6b310d8457f9ed5be836ee7a7a2546 Mon Sep 17 00:00:00 2001 From: Phil Pursglove Date: Tue, 20 Nov 2018 16:10:06 +0000 Subject: [PATCH 2/2] Correct name of X-Frame-Options header --- DDDEastAnglia.Tests/Filters/SecurityHeadersFilterTests.cs | 4 ++-- DDDEastAnglia/App_Start/Filters/SecurityHeadersFilter.cs | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/DDDEastAnglia.Tests/Filters/SecurityHeadersFilterTests.cs b/DDDEastAnglia.Tests/Filters/SecurityHeadersFilterTests.cs index b9321e5e..b07ce4f2 100644 --- a/DDDEastAnglia.Tests/Filters/SecurityHeadersFilterTests.cs +++ b/DDDEastAnglia.Tests/Filters/SecurityHeadersFilterTests.cs @@ -30,7 +30,7 @@ public void Setup() }; } - [TestCase("X-Frame-Origins")] + [TestCase("X-Frame-Options")] [TestCase("X-XSS-Protection")] [TestCase("X-Content-Type-Options")] [TestCase("Strict-Transport-Security")] @@ -45,7 +45,7 @@ public void Security_Header_Is_Added(string headerName) Assert.That(filteredHeaders[headerName], Is.Not.Null); } - [TestCase("X-Frame-Origins", "SAMEORIGIN")] + [TestCase("X-Frame-Options", "SAMEORIGIN")] [TestCase("X-XSS-Protection", "1; mode=block")] [TestCase("X-Content-Type-Options", "nosniff")] [TestCase("Strict-Transport-Security", "max-age=31536000; includeSubDomains")] diff --git a/DDDEastAnglia/App_Start/Filters/SecurityHeadersFilter.cs b/DDDEastAnglia/App_Start/Filters/SecurityHeadersFilter.cs index 6f2e2992..70c643a0 100644 --- a/DDDEastAnglia/App_Start/Filters/SecurityHeadersFilter.cs +++ b/DDDEastAnglia/App_Start/Filters/SecurityHeadersFilter.cs @@ -18,7 +18,7 @@ public void OnResultExecuted(ResultExecutedContext filterContext) private void AddSecurityHeaders(NameValueCollection headers) { - AddHeader(headers, "X-Frame-Origins", "SAMEORIGIN"); + AddHeader(headers, "X-Frame-Options", "SAMEORIGIN"); AddHeader(headers, "X-XSS-Protection", "1; mode=block"); AddHeader(headers, "X-Content-Type-Options", "nosniff"); AddHeader(headers, "Strict-Transport-Security", "max-age=31536000; includeSubDomains");