/// <summary> /// Adds the Frame-Options and X-Frame-Options headers to responses with content type text/html. /// </summary> /// <param name="app"></param> /// <param name="policy"></param> public static void UseFrameOptions(this IApplicationBuilder app, FrameOptionsPolicy policy = FrameOptionsPolicy.Deny) { if (policy == FrameOptionsPolicy.AllowFrom) { throw new ArgumentException("This overload can't be used to configure ALLOW-FROM policy.", nameof(policy)); } app.UseFrameOptions(new FrameOptionsOptions(policy)); }
public FrameOptionsDirective(FrameOptionsPolicy policy = FrameOptionsPolicy.Deny) { this.Policy = policy; }
public static IServiceCollection AddFrameOptions(this IServiceCollection services, FrameOptionsPolicy policy = FrameOptionsPolicy.Deny) { if (policy == FrameOptionsPolicy.AllowFrom) { throw new ArgumentException("This overload can't be used to configure ALLOW-FROM policy.", nameof(policy)); } return(services.AddFrameOptions(new FrameOptionsDirective(policy))); }
public FrameOptionsAttribute(FrameOptionsPolicy policy) { Policy = policy; }
public FrameOptionsOptions(FrameOptionsPolicy policy = FrameOptionsPolicy.Deny) { this.Policy = policy; }
public static void SetFrameOptions(this HttpContext context, FrameOptionsPolicy policy) { context.Items[nameof(FrameOptionsPolicy)] = policy; }