public static HttpClient CreateClient(XssProtectionOption option)
 {
     return(TestServer.Create(app => {
         app.UseOwin().XssProtectionHeader(option);
         app.Run(async context => await context.Response.WriteAsync("All fine"));
     }).HttpClient);
 }
 private static string GetHeaderValue(XssProtectionOption option)
 {
     switch (option) {
         case XssProtectionOption.EnabledWithModeBlock:
             return "1; mode=block";
         case XssProtectionOption.Enabled:
             return "1";
         case XssProtectionOption.Disabled:
             return "0";
         default:
             throw new ArgumentOutOfRangeException(nameof(option));
     }
 }
        public static Func<Func<IDictionary<string, object>, Task>, Func<IDictionary<string, object>, Task>> XssProtectionHeader(XssProtectionOption option)
        {
            return
                next =>
                    env => {
                        var response = env.AsContext().Response;
                        response
                            .OnSendingHeaders(resp => {

                                ((IOwinResponse)resp).Headers[HeaderConstants.XssProtection] = GetHeaderValue(option);
                            }, response);
                        return next(env);
                    };
        }
        private static string GetHeaderValue(XssProtectionOption option)
        {
            switch (option)
            {
            case XssProtectionOption.EnabledWithModeBlock:
                return("1; mode=block");

            case XssProtectionOption.Enabled:
                return("1");

            case XssProtectionOption.Disabled:
                return("0");

            default:
                throw new ArgumentOutOfRangeException(nameof(option));
            }
        }
 /// <summary>
 /// Adds the "X-Xss-Protection" header to the response.
 /// </summary>
 /// <param name="builder">The OWIN builder instance.</param>
 /// <param name="option">The Xss-Protection options.</param>
 /// <returns>The OWIN builder instance.</returns>
 public static BuildFunc XssProtectionHeader(this BuildFunc builder, XssProtectionOption option)
 {
     builder(_ => XssProtectionHeaderMiddleware.XssProtectionHeader(option));
     return(builder);
 }
 /// <summary>
 /// Adds the "X-Xss-Protection" header to the response.
 /// </summary>
 /// <param name="builder">The OWIN builder instance.</param>
 /// <param name="option">The Xss-Protection options.</param>
 /// <returns>The OWIN builder instance.</returns>
 public static BuildFunc XssProtectionHeader(this BuildFunc builder, XssProtectionOption option)
 {
     builder(_ => XssProtectionHeaderMiddleware.XssProtectionHeader(option));
     return builder;
 }
 public static Func <Func <IDictionary <string, object>, Task>, Func <IDictionary <string, object>, Task> > XssProtectionHeader(XssProtectionOption option)
 {
     return
         (next =>
          env => {
         var response = env.AsContext().Response;
         response
         .OnSendingHeaders(resp => {
             ((IOwinResponse)resp).Headers[HeaderConstants.XssProtection] = GetHeaderValue(option);
         }, response);
         return next(env);
     });
 }
 public static HttpClient CreateClient(XssProtectionOption option) {
     return TestServer.Create(app => {
         app.UseOwin().XssProtectionHeader(option);
         app.Run(async context => await context.Response.WriteAsync("All fine"));
     }).HttpClient;
 }