Exemple #1
0
        protected virtual string GenerateHeaders()
        {
            const string preloadKeyword           = "preload";
            const string includeSubDomainsKeyWord = "includeSubDomains";

            var settings = _securityHeadersSiteContext.GetSettingItem(Templates.HttpStrictTransportPolicy.Id);

            if (settings == null)
            {
                return(string.Empty);
            }

            var           maxAge            = settings[Templates.HttpStrictTransportPolicy.Fields.MaxAge];
            CheckboxField includeSubDomains = settings.Fields[Templates.HttpStrictTransportPolicy.Fields.IncludeSubDomains];
            CheckboxField preload           = settings.Fields[Templates.HttpStrictTransportPolicy.Fields.IncludeSubDomains];

            var header = new StringBuilder();

            if (!string.IsNullOrWhiteSpace(maxAge))
            {
                header.Append($"max-age={maxAge}; ");
            }
            if (includeSubDomains.Checked)
            {
                header.Append($"{includeSubDomainsKeyWord}; ");
            }
            if (preload.Checked)
            {
                header.Append(preloadKeyword);
            }

            return(header.ToString().Trim());
        }
Exemple #2
0
        private string GenerateHeaders()
        {
            var settings = _securityHeadersSiteContext.GetSettingItem(Templates.XFrameOptions.Id);

            return(settings == null ?
                   string.Empty :
                   RenderEnumSetting(settings, Templates.XFrameOptions.Fields.Options));
        }
Exemple #3
0
        private string GenerateXssHeaders()
        {
            var xssSettings = _securityHeadersSiteContext.GetSettingItem(Templates.XssProtection.Id);

            if (xssSettings == null)
            {
                return(string.Empty);
            }

            CheckboxField enabled = xssSettings.Fields[Templates.XssProtection.Fields.Enabled];

            return(enabled.Checked ? "1; mode=block" : string.Empty);
        }
Exemple #4
0
        private string GenerateHeaders()
        {
            var settings = _securityHeadersSiteContext.GetSettingItem(Templates.XContentTypeOptions.Id);

            if (settings == null)
            {
                return(string.Empty);
            }

            CheckboxField enabled = settings.Fields[Templates.XContentTypeOptions.Fields.Enabled];

            return(enabled.Checked ? "nosniff" : string.Empty);
        }
Exemple #5
0
        private string GenerateHeaders()
        {
            var cspSettings = _securityHeadersSiteContext.GetSettingItem(Templates.ContentSecurityPolicy.Id);

            if (cspSettings == null)
            {
                return(string.Empty);
            }

            var header = new StringBuilder();

            var policies = cspSettings.Children.Where(child => child.TemplateID == Templates.Policy.Id);

            foreach (var policy in policies)
            {
                var source = RenderSetting(policy);
                if (!string.IsNullOrWhiteSpace(source))
                {
                    header.Append(source);
                }
            }

            return(header.ToString());
        }
Exemple #6
0
        private string GenerateHeaders()
        {
            var settings = _securityHeadersSiteContext.GetSettingItem(Templates.ReferrerPolicy.Id);

            return(settings == null ? string.Empty : RenderSetting(settings, Templates.ReferrerPolicy.Fields.Policy));
        }