public void SetCspHeaders(IHttpContextWrapper context, bool reportOnly)
{
var cspConfig = _cspConfigurationOverrideHelper.GetCspConfigWithOverrides(context, reportOnly);
if (cspConfig == null)
{
return;
}
var oldConfig = _contextConfigurationHelper.GetCspConfiguration(context, reportOnly);
var header = _headerGenerator.CreateCspResult(cspConfig, reportOnly, _reportHelper.GetBuiltInCspReportHandlerRelativeUri(), oldConfig);
_headerResultHandler.HandleHeaderResult(context, header);
}
internal void SetCspHeaders(HttpContext context, bool reportOnly)
{
var cspConfig = _cspConfigurationOverrideHelper.GetCspConfigWithOverrides(context, reportOnly);
if (cspConfig == null)
{
return;
}
var oldConfig = _contextConfigurationHelper.GetCspConfiguration(context, reportOnly);
var header = _headerGenerator.CreateCspResult(cspConfig, reportOnly, null, oldConfig);
//TODO CSP reporting fun
//var header = _headerGenerator.CreateCspResult(cspConfig, reportOnly, _reportHelper.GetBuiltInCspReportHandlerRelativeUri(), oldConfig);
_headerResultHandler.HandleHeaderResult(context.Response, header);
}
internal void SetCspHeaders(HttpContextBase context, bool reportOnly)
{
var cspConfig = _cspConfigurationOverrideHelper.GetCspConfigWithOverrides(context, reportOnly);
if (cspConfig == null)
{
return;
}
var userAgent = context.Request.UserAgent;
if (!String.IsNullOrEmpty(userAgent) && userAgent.Contains(" Version/5") && userAgent.Contains(" Safari/"))
{
return;
}
var oldConfig = _contextConfigurationHelper.GetCspConfiguration(context, reportOnly);
var header = _headerGenerator.CreateCspResult(cspConfig, reportOnly, _reportHelper.GetBuiltInCspReportHandlerRelativeUri(), oldConfig);
_headerResultHandler.HandleHeaderResult(context.Response, header);
}
internal void SetCspHeaders(IHttpContextWrapper context, NWebsecContext nwebsecContext, bool reportOnly)
{
if (_handlerHelper.IsStaticContentHandler(context) ||
_handlerHelper.IsUnmanagedHandler(context))
{
return;
}
ICspConfiguration cspConfig;
if (reportOnly)
{
cspConfig = nwebsecContext.CspReportOnly = WebConfig.SecurityHttpHeaders.CspReportOnly;
}
else
{
cspConfig = nwebsecContext.Csp = WebConfig.SecurityHttpHeaders.Csp;
}
var result = _headerGenerator.CreateCspResult(cspConfig, reportOnly, _reportHelper.GetBuiltInCspReportHandlerRelativeUri());
_headerResultHandler.HandleHeaderResult(context, result);
}
