public void AddContentSecurityPolicy(IContentSecurityPolicy policy) { if (_contentSecurityEnforcers == null) { _contentSecurityEnforcers = new List <IContentSecurityPolicy>(); } _contentSecurityEnforcers.Add(policy); }
private void CreateReportCSP(IContentSecurityPolicy policy, HttpRequestArgs args) { if (policy != null) { var policyValue = policy.ToString(); BuildCSP(policyValue, ContentSecurityPolicyHeaderReportOnly, args); BuildCSP(policyValue, XContentSecurityPolicyHeaderReportOnly, args); } }
private IContentSecurityPolicy CreatePolicy(Item currentItem, string fieldId) { IContentSecurityPolicy policy = null; var cspField = (LookupField)currentItem.Fields[fieldId]; if (cspField != null) { var cspItem = cspField.TargetItem; policy = Map(cspItem); } return(policy); }
private void CreateXFrameOptions(IContentSecurityPolicy policy, HttpRequestArgs args) { if (policy != null) { if (policy.FrameAncestors != null) { CreateXFrameOptionsHeaderBasedOnPolicySource(policy.FrameAncestors, args); } // fall back to Default policy else if (policy.Default != null) { CreateXFrameOptionsHeaderBasedOnPolicySource(policy.Default, args); } // if nothing is set, default back to default setting: Sameorigin else { args.Context.Response.Headers.Add(XFrameOptionsHeader, "SAMEORIGIN"); } } }
public ContentSecurityPolicyCreater(IContentSecurityPolicy policy) { this._policy = policy; }