test(content-negotiation): clients should not send media type parameters

jaredcnance · jaredcnance · commit 2dcceaf0f90a · 2017-02-18T16:32:29.000-06:00
diff --git a/src/JsonApiDotNetCore/Extensions/IApplicationBuilderExtensions.cs b/src/JsonApiDotNetCore/Extensions/IApplicationBuilderExtensions.cs
@@ -6,8 +6,25 @@ public static class IApplicationBuilderExtensions
     {
         public static IApplicationBuilder UseJsonApi(this IApplicationBuilder app)
         {
+            app.Use(async (context, next) =>
+            {
+                var contentType = context.Request.ContentType;
+                if (contentType != null)
+                {
+                    var contentTypeArr = contentType.Split(';');
+                    if (contentTypeArr[0] == "application/vnd.api+json" && contentTypeArr.Length == 2)
+                    {
+                        context.Response.StatusCode = 415;
+                        context.Response.Body.Flush();
+                        return;
+                    }
+                }
+
+                await next.Invoke();
+            });
+
             app.UseMvc();
-            
+
             return app;
         }
     }
diff --git a/test/JsonApiDotNetCoreExampleTests/IntegrationTests/Spec/ContentNegotiation.cs b/test/JsonApiDotNetCoreExampleTests/IntegrationTests/Spec/ContentNegotiation.cs
@@ -1,11 +1,17 @@
+using System;
+using System.Diagnostics.Contracts;
+using System.Globalization;
 using System.Net;
 using System.Net.Http;
+using System.Net.Http.Headers;
+using System.Text;
 using System.Threading.Tasks;
 using DotNetCoreDocs;
 using DotNetCoreDocs.Models;
 using DotNetCoreDocs.Writers;
 using JsonApiDotNetCoreExample;
 using Microsoft.AspNetCore.Hosting;
+using Microsoft.AspNetCore.Mvc.Formatters.Internal;
 using Microsoft.AspNetCore.TestHost;
 using Xunit;
 
@@ -32,13 +38,36 @@ public async Task Server_Sends_Correct_ContentType_Header()
             var server = new TestServer(builder);
             var client = server.CreateClient();
             var request = new HttpRequestMessage(httpMethod, route);
-            
+
             // act
             var response = await client.SendAsync(request);
 
             // assert
             Assert.Equal(HttpStatusCode.OK, response.StatusCode);
             Assert.Equal("application/vnd.api+json", response.Content.Headers.ContentType.ToString());
         }
+
+        [Fact]
+        public async Task Server_Responds_415_With_MediaType_Parameters()
+        {
+            // arrange
+            var builder = new WebHostBuilder()
+                .UseStartup<Startup>();
+            var httpMethod = new HttpMethod("GET");
+            var route = "/api/v1/todo-items";
+            var description = new RequestProperties("Server responds with 415 if request contains media type parameters");
+            var server = new TestServer(builder);
+            var client = server.CreateClient();
+            var request = new HttpRequestMessage(httpMethod, route);
+            request.Content = new StringContent(string.Empty);
+            request.Content.Headers.ContentType = new MediaTypeHeaderValue("application/vnd.api+json");
+            request.Content.Headers.ContentType.CharSet="ISO-8859-4";
+
+            // act
+            var response = await client.SendAsync(request);
+
+            // assert
+            Assert.Equal(HttpStatusCode.UnsupportedMediaType, response.StatusCode);
+        }
     }
 }
