// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env, DevSlopContext devSlopContext)
{
// generate ui for identity
app.UseStaticFiles();
app.UseAuthentication();
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
app.UseDatabaseErrorPage();
}
else
{
app.UseExceptionHandler("/Home/Error");
app.UseHsts(hsts => hsts.MaxAge(365).IncludeSubdomains());
}
//Security headers make me happy
app.UseXContentTypeOptions();
app.UseReferrerPolicy(opts => opts.NoReferrer());
app.UseXXssProtection(options => options.EnabledWithBlockMode());
app.UseXfo(options => options.Deny());
/*app.UseCsp(opts => opts
* .BlockAllMixedContent()
* .StyleSources(s => s.Self())
* .StyleSources(s => s.UnsafeInline())
* .FontSources(s => s.Self())
* .FormActions(s => s.Self())
* .FrameAncestors(s => s.Self())
* .ImageSources(s => s.Self())
* .ScriptSources(s => s.Self())
* );*/
//End Security Headers
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseCookiePolicy();
app.UseAuthentication();
app.UseMvc(routes =>
{
routes.MapRoute(
name: "default",
template: "{controller=Home}/{action=Index}/{id?}");
});
//devSlopContext.Database.Migrate();
}
public ScheduleRepository(DevSlopContext context)
{
_context = context;
}
