protected virtual void Dispose(bool disposing) { if (!disposing) { return; } if (_context == null) { return; } _context.Dispose(); _context = null; }
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline. public void Configure(IApplicationBuilder app, IHostingEnvironment env, PABUserContext pabUserContext) { var https = Convert.ToBoolean(_configuration["Https:RequireHttpsMetadata"]); if (env.IsDevelopment()) { app.UseDeveloperExceptionPage(); } else { app.UseWebApiExceptionHandler(); } app.UseForwardedHeaders(new ForwardedHeadersOptions { ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto }); //browser will force user to https even if user removes the (s). //HTTP Strict Transport Security (HSTS) //if (https) //{ // app.UseHsts(options => options.MaxAge(365).IncludeSubdomains()); //} //X-Content-Type-Options app.UseXContentTypeOptions(); app.UseReferrerPolicy(opts => opts.NoReferrer()); /* Uncomment later */ //redirects to https or secure port //var options = new RewriteOptions() // .AddRedirectToHttps(StatusCodes.Status301MovedPermanently, 63423); //app.UseRewriter(options); MigrateInMemoryDataToSqlServer(app); // for Content-Security-Policy //app.UseCsp(opts => opts // .BlockAllMixedContent() // .StyleSources(s => s.Self()) // .StyleSources(s => s.UnsafeInline()) // .FontSources(s => s.Self()) // .FormActions(s => s.Self()) // .FrameAncestors(s => s.Self()) // .ImageSources(s => s.Self()) // .ScriptSources(s => s.Self()) //); app.Use(async(context, next) => { context.Response.Headers.Add("X-Frame-Options", "SAMEORIGIN"); await next(); }); app.UseStatusCodePages(); pabUserContext.Database.Migrate(); app.UseIdentityServer(); app.UseStaticFiles(); //X-XSS-Protection app.UseXXssProtection(options => options.EnabledWithBlockMode()); app.UseXfo(xfo => xfo.Deny()); app.UseMvcWithDefaultRoute(); }
public PABUserRepository(PABUserContext context) { _context = context; }