public HeaderResult CreateXXssProtectionResult(IXXssProtectionConfiguration xXssProtectionConfig, IXXssProtectionConfiguration oldXXssProtectionConfig = null) { if (oldXXssProtectionConfig != null && oldXXssProtectionConfig.Policy != XXssPolicy.Disabled && xXssProtectionConfig.Policy == XXssPolicy.Disabled) { return(new HeaderResult(HeaderResult.ResponseAction.Remove, HeaderConstants.XXssProtectionHeader)); } string value; switch (xXssProtectionConfig.Policy) { case XXssPolicy.Disabled: return(null); case XXssPolicy.FilterDisabled: value = "0"; break; case XXssPolicy.FilterEnabled: value = (xXssProtectionConfig.BlockMode ? "1; mode=block" : "1"); break; default: throw new NotImplementedException("Somebody apparently forgot to implement support for: " + xXssProtectionConfig.Policy); } return(new HeaderResult(HeaderResult.ResponseAction.Set, HeaderConstants.XXssProtectionHeader, value)); }
public XXssMiddleware(AppFunc next, XXssProtectionOptions options) : base(next) { _config = options; var headerGenerator = new HeaderGenerator(); _headerResult = headerGenerator.CreateXXssProtectionResult(_config); }
public XXssMiddleware(RequestDelegate next, XXssProtectionOptions options) : base(next) { _config = options; var headerGenerator = new HeaderGenerator(); _headerResult = headerGenerator.CreateXXssProtectionResult(_config); }
internal void SetXXssProtectionOverride(HttpContext context, IXXssProtectionConfiguration xXssProtectionConfig) { var headerList = GetHeaderListFromContext(context); var headerKey = HeaderConstants.XXssProtectionHeader; if (headerList.ContainsKey(headerKey)) { headerList.Remove(headerKey); } headerList.Add(headerKey, xXssProtectionConfig); }
public HeaderResult CreateXXssProtectionResult(IXXssProtectionConfiguration xXssProtectionConfig, IXXssProtectionConfiguration oldXXssProtectionConfig = null) { if (oldXXssProtectionConfig != null && oldXXssProtectionConfig.Policy != XXssPolicy.Disabled && xXssProtectionConfig.Policy == XXssPolicy.Disabled) { return new HeaderResult(HeaderResult.ResponseAction.Remove, HeaderConstants.XXssProtectionHeader); } string value; switch (xXssProtectionConfig.Policy) { case XXssPolicy.Disabled: return null; case XXssPolicy.FilterDisabled: value = "0"; break; case XXssPolicy.FilterEnabled: value = (xXssProtectionConfig.BlockMode ? "1; mode=block" : "1"); break; default: throw new NotImplementedException("Somebody apparently forgot to implement support for: " + xXssProtectionConfig.Policy); } return new HeaderResult(HeaderResult.ResponseAction.Set, HeaderConstants.XXssProtectionHeader, value); }
internal void SetXXssProtectionOverride(HttpContextBase context, IXXssProtectionConfiguration xXssProtectionConfig) { var headerList = GetHeaderListFromContext(context); var headerKey = HeaderConstants.XXssProtectionHeader; if (headerList.ContainsKey(headerKey)) headerList.Remove(headerKey); headerList.Add(headerKey, xXssProtectionConfig); }
internal void SetXXssProtectionOverride(IHttpContextWrapper context, IXXssProtectionConfiguration xXssProtectionConfig) { context.GetNWebsecOverrideContext().XXssProtection = xXssProtectionConfig; }