simplify tests

tomasz-tylenda-sonarsource · tomasz-tylenda-sonarsource · commit 73e3df953d9b · 2025-11-25T17:50:46.000+01:00
diff --git a/sonar-xml-plugin/src/main/java/org/sonar/plugins/xml/checks/security/web/MimeNosniffCheck.java b/sonar-xml-plugin/src/main/java/org/sonar/plugins/xml/checks/security/web/MimeNosniffCheck.java
@@ -20,9 +20,11 @@
 import org.sonarsource.analyzer.commons.xml.XPathBuilder;
 import org.sonarsource.analyzer.commons.xml.XmlFile;
 import org.w3c.dom.Document;
+import org.w3c.dom.Element;
 import org.w3c.dom.NodeList;
 
 import javax.xml.xpath.XPathExpression;
+import java.util.Collections;
 
 /**
  * Ensure that the X-Content-Type-Options header is set to "nosniff" to prevent MIME type sniffing.
@@ -55,7 +57,10 @@ protected void scanWebConfig(XmlFile file) {
         .stream()
         .findFirst()
         .ifPresent(target ->
-          reportIssue(target, "Global <httpCookies> tag is missing or its 'httpOnlyCookies' attribute is not set to true."));
+          reportIssue(
+            XmlFile.nameLocation((Element) target),
+            "Global <httpCookies> tag is missing or its 'httpOnlyCookies' attribute is not set to true.",
+            Collections.emptyList()));
     }
   }
 }
diff --git a/sonar-xml-plugin/src/test/resources/checks/MimeNosniffCheck/webconfig-missing-nosniff/web.config b/sonar-xml-plugin/src/test/resources/checks/MimeNosniffCheck/webconfig-missing-nosniff/web.config
@@ -2,24 +2,11 @@
 <configuration>
   <system.webServer>
     <httpProtocol>
-      <customHeaders> <!-- Noncompliant -->
+      <customHeaders> <!-- Noncompliant {{Global <httpCookies> tag is missing or its 'httpOnlyCookies' attribute is not set to true.}} -->
+<!--   ^^^^^^^^^^^^^ -->
         <remove name="X-Powered-By" />
         <add name="X-Frame-Options" value="SAMEORIGIN" />
       </customHeaders>
     </httpProtocol>
   </system.webServer>
-  <location path="." inheritInChildApplications="false">
-    <system.webServer>
-      <handlers>
-        <add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModuleV2"
-          resourceType="Unspecified" />
-      </handlers>
-      <aspNetCore processPath="bin\Debug\net8.0\WebApp.exe" arguments="" stdoutLogEnabled="false"
-        hostingModel="InProcess">
-        <environmentVariables>
-          <environmentVariable name="ASPNETCORE_HTTPS_PORT" value="443" />
-        </environmentVariables>
-      </aspNetCore>
-    </system.webServer>
-  </location>
 </configuration>
diff --git a/sonar-xml-plugin/src/test/resources/checks/MimeNosniffCheck/webconfig-no-custom-headers/web.config b/sonar-xml-plugin/src/test/resources/checks/MimeNosniffCheck/webconfig-no-custom-headers/web.config
@@ -1,17 +1,4 @@
 <?xml version="1.0" encoding="utf-8"?>
-<configuration> <!-- Noncompliant -->
-  <location path="." inheritInChildApplications="false">
-    <system.webServer>
-      <handlers>
-        <add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModuleV2"
-          resourceType="Unspecified" />
-      </handlers>
-      <aspNetCore processPath="bin\Debug\net8.0\WebApp.exe" arguments="" stdoutLogEnabled="false"
-        hostingModel="InProcess">
-        <environmentVariables>
-          <environmentVariable name="ASPNETCORE_HTTPS_PORT" value="443" />
-        </environmentVariables>
-      </aspNetCore>
-    </system.webServer>
-  </location>
+<configuration> <!-- Noncompliant {{Global <httpCookies> tag is missing or its 'httpOnlyCookies' attribute is not set to true.}} -->
+<!-- ^[sc=2;ec=14] -->
 </configuration>
diff --git a/sonar-xml-plugin/src/test/resources/checks/MimeNosniffCheck/webconfig-other-value/web.config b/sonar-xml-plugin/src/test/resources/checks/MimeNosniffCheck/webconfig-other-value/web.config
@@ -2,23 +2,10 @@
 <configuration>
   <system.webServer>
     <httpProtocol>
-      <customHeaders> <!-- Noncompliant -->
+      <customHeaders> <!-- Noncompliant {{Global <httpCookies> tag is missing or its 'httpOnlyCookies' attribute is not set to true.}} -->
+<!--   ^^^^^^^^^^^^^ -->
         <add name="X-Content-Type-Options" value="yes"/>
       </customHeaders>
     </httpProtocol>
   </system.webServer>
-  <location path="." inheritInChildApplications="false">
-    <system.webServer>
-      <handlers>
-        <add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModuleV2"
-          resourceType="Unspecified" />
-      </handlers>
-      <aspNetCore processPath="bin\Debug\net8.0\WebApp.exe" arguments="" stdoutLogEnabled="false"
-        hostingModel="InProcess">
-        <environmentVariables>
-          <environmentVariable name="ASPNETCORE_HTTPS_PORT" value="443" />
-        </environmentVariables>
-      </aspNetCore>
-    </system.webServer>
-  </location>
 </configuration>
