private SecurityHeadersPolicyBuilder WithCsp(bool reportOnly, ContentSecurityPolicyHeaderValue csp) { _policy.Csp = csp; _policy.IsCspReportOnly = reportOnly; return(this); }
public ContentSecurityPolicyInlineExecutionFeature(ContentSecurityPolicyHeaderValue csp, ConcurrentDictionary <string, string> hashesCache) { if (csp == null) { throw new ArgumentNullException(nameof(csp)); } _hashesCache = hashesCache ?? throw new ArgumentNullException(nameof(hashesCache)); ScriptInlineExecution = csp.ScriptInlineExecution; StyleInlineExecution = csp.StyleInlineExecution; if ((ScriptInlineExecution == ContentSecurityPolicyInlineExecution.Nonce) || (StyleInlineExecution == ContentSecurityPolicyInlineExecution.Nonce)) { Nonce = GenerateNonce(); } if (ScriptInlineExecution.IsHashBased()) { ScriptsHashes = new List <string>(); } if (StyleInlineExecution.IsHashBased()) { StylesHashes = new List <string>(); } }
/// <summary> /// Adds the Content Security Policy to the policy. /// </summary> /// <param name="csp">The Content Security Policy.</param> /// <returns>The current policy builder.</returns> public SecurityHeadersPolicyBuilder WithCsp(ContentSecurityPolicyHeaderValue csp) { return(WithCsp(false, csp)); }
/// <summary> /// Adds the report only Content Security Policy to the policy. /// </summary> /// <param name="csp">The Content Security Policy.</param> /// <returns>The current policy builder.</returns> public SecurityHeadersPolicyBuilder WithReportOnlyCsp(ContentSecurityPolicyHeaderValue csp) { return(WithCsp(true, csp)); }