Skip to content

Commit 1814b1c

Browse files
authored
fix(http-to-string): remove ToString() overrides (#98)
- Removed ToString() overrides from HttpContext, HttpRequest, and HttpResponse to prevent exposure of sensitive information. - Bump package System.Net.Http.Json in test project due to reported vulnerability Closes #97
1 parent 6b0257e commit 1814b1c

5 files changed

Lines changed: 41 additions & 56 deletions

File tree

APIMatic.Core.Test/APIMatic.Core.Test.csproj

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,7 @@
1919
<PackageReference Include="NUnit" Version="3.13.3" />
2020
<PackageReference Include="NUnit3TestAdapter" Version="4.3.1" />
2121
<PackageReference Include="RichardSzalay.MockHttp" Version="6.0.0" />
22-
<PackageReference Include="System.Net.Http.Json" Version="7.0.1" />
22+
<PackageReference Include="System.Net.Http.Json" Version="8.0.1" />
2323
</ItemGroup>
2424

2525
<ItemGroup>

APIMatic.Core.Test/TypesTest.cs

Lines changed: 40 additions & 28 deletions
Original file line numberDiff line numberDiff line change
@@ -62,34 +62,6 @@ public void ApiException_CheckResponseCode_WithResponseOfEmptyStream()
6262
Assert.AreEqual(200, exception.ResponseCode);
6363
}
6464

65-
[Test]
66-
public void HttpContext_String_Representation()
67-
{
68-
var response = new HttpResponse(200, new Dictionary<string, string>(), new MemoryStream(Encoding.UTF8.GetBytes("")), "Test body");
69-
var request = new HttpRequest(HttpMethod.Get, "https://myurl.com");
70-
71-
request.AddHeaders(new Dictionary<string, string>
72-
{
73-
{ "keyA1", "value A1"}
74-
});
75-
request.AddHeaders(new Dictionary<string, string>
76-
{
77-
{ "keyA2", "value A2"}
78-
});
79-
request.AddQueryParameters(new Dictionary<string, object>
80-
{
81-
{ "queryA1", "value A1"},
82-
});
83-
request.AddQueryParameters(new Dictionary<string, object>
84-
{
85-
{ "queryA2", "value A2"}
86-
});
87-
var context = new HttpContext(request, response);
88-
89-
var expected = " Request = HttpMethod = GET, QueryUrl = https://myurl.com, QueryParameters = {\"queryA1\":\"value A1\",\"queryA2\":\"value A2\"}, Headers = {\"keyA1\":\"value A1\",\"keyA2\":\"value A2\"}, FormParameters = , Body = , Username = , Password = , Response = StatusCode = 200, Headers = {} RawBody = System.IO.MemoryStream";
90-
Assert.AreEqual(expected, context.ToString());
91-
}
92-
9365
[Test]
9466
public void JsonObject_String_Representation()
9567
{
@@ -124,5 +96,45 @@ public void JsonValue_String_Representation()
12496
var actualDeserialized = CoreHelper.JsonDeserialize<JsonValue>(expectedString);
12597
Assert.AreEqual(jsonValue.ToString(), actualDeserialized.ToString());
12698
}
99+
100+
[Test]
101+
public void AddHeaders_ShouldAddHeaders_WhenHeadersNotNull()
102+
{
103+
// Arrange
104+
var coreRequest = new HttpRequest(HttpMethod.Get, "https://myurl.com");
105+
var headersToAdd = new Dictionary<string, string>
106+
{
107+
{ "Content-Type", "application/json" },
108+
{ "Authorization", "Bearer token" }
109+
};
110+
111+
// Act
112+
var result = coreRequest.AddHeaders(headersToAdd);
113+
114+
// Assert
115+
Assert.AreEqual(2, result.Count);
116+
Assert.AreEqual("application/json", result["Content-Type"]);
117+
Assert.AreEqual("Bearer token", result["Authorization"]);
118+
}
119+
120+
[Test]
121+
public void AddQueryParameters_ShouldAddQueryParameters_WhenQueryParametersAreNotNull()
122+
{
123+
// Arrange
124+
var coreRequest = new HttpRequest(HttpMethod.Get, "https://myurl.com");
125+
var queryParametersToAdd = new Dictionary<string, object>
126+
{
127+
{ "search", "test" },
128+
{ "limit", 10 }
129+
};
130+
131+
// Act
132+
coreRequest.AddQueryParameters(queryParametersToAdd);
133+
134+
// Assert
135+
Assert.AreEqual(2, coreRequest.QueryParameters.Count);
136+
Assert.AreEqual("test", coreRequest.QueryParameters["search"]);
137+
Assert.AreEqual(10, coreRequest.QueryParameters["limit"]);
138+
}
127139
}
128140
}

APIMatic.Core/Types/Sdk/CoreContext.cs

Lines changed: 0 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -31,11 +31,5 @@ public class CoreContext<Req, Res>
3131
public Res Response { get; }
3232

3333
internal bool IsFailure() => (Response.StatusCode < 200) || (Response.StatusCode > 208);
34-
35-
/// <inheritdoc/>
36-
public override string ToString()
37-
{
38-
return $" Request = {Request}, Response = {Response}";
39-
}
4034
}
4135
}

APIMatic.Core/Types/Sdk/CoreRequest.cs

Lines changed: 0 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -128,18 +128,5 @@ internal string GetContentType() => Headers?.Where(p => p.Key.EqualsIgnoreCase("
128128
/// otherwise, returns an empty string.
129129
/// </returns>
130130
internal string GetBodyAsString() => Body == null ? string.Empty : Body.ToString();
131-
132-
/// <inheritdoc/>
133-
public override string ToString()
134-
{
135-
return $" HttpMethod = {HttpMethod}, " +
136-
$" QueryUrl = {QueryUrl}, " +
137-
$" QueryParameters = {CoreHelper.JsonSerialize(QueryParameters)}, " +
138-
$" Headers = {CoreHelper.JsonSerialize(Headers)}, " +
139-
$" FormParameters = {CoreHelper.JsonSerialize(FormParameters)}, " +
140-
$" Body = {Body}, " +
141-
$" Username = {Username}, " +
142-
$" Password = {Password}";
143-
}
144131
}
145132
}

APIMatic.Core/Types/Sdk/CoreResponse.cs

Lines changed: 0 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -41,13 +41,5 @@ public CoreResponse(int statusCode, Dictionary<string, string> headers, Stream r
4141
/// Gets the raw string body of the http response.
4242
/// </summary>
4343
public string Body { get; }
44-
45-
/// <inheritdoc/>
46-
public override string ToString()
47-
{
48-
return $" StatusCode = {StatusCode}, " +
49-
$" Headers = {CoreHelper.JsonSerialize(Headers)}" +
50-
$" RawBody = {RawBody}";
51-
}
5244
}
5345
}

0 commit comments

Comments
 (0)