public static Response UpdateHeader(Response response, ResponseFrameOptionsType type, string domain = "") { switch (type) { case ResponseFrameOptionsType.DENY: { return(response.WithHeader(FrameOptionsConstants.XFrameOptions, FrameOptionsConstants.DenyFrames)); } case ResponseFrameOptionsType.SAMEORIGIN: { return(response.WithHeader(FrameOptionsConstants.XFrameOptions, FrameOptionsConstants.SameOriginFrames)); } case ResponseFrameOptionsType.ALLOWFROM when !string.IsNullOrWhiteSpace(domain): { return(response.WithHeader(FrameOptionsConstants.XFrameOptions, $"{FrameOptionsConstants.AllowFrom} {domain}")); } default: { return(response.WithHeader(FrameOptionsConstants.XFrameOptions, FrameOptionsConstants.DenyFrames)); } } }
public static void UpdateHeader(HttpResponse response, ResponseFrameOptionsType type, string domain) { switch (type) { case ResponseFrameOptionsType.DENY: { response.AppendHeader(FrameOptionsConstants.XFrameOptions, FrameOptionsConstants.DenyFrames); break; } case ResponseFrameOptionsType.SAMEORIGIN: { response.AppendHeader(FrameOptionsConstants.XFrameOptions, FrameOptionsConstants.SameOriginFrames); break; } case ResponseFrameOptionsType.ALLOWFROM when !string.IsNullOrWhiteSpace(domain): { response.AppendHeader(FrameOptionsConstants.XFrameOptions, $"{FrameOptionsConstants.AllowFrom} {domain}"); break; } default: { response.AppendHeader(FrameOptionsConstants.XFrameOptions, FrameOptionsConstants.DenyFrames); break; } } }
/// <summary> /// Add a head to the response /// </summary> /// <param name="response"></param> /// <param name="type"></param> /// <param name="domain"></param> /// <returns></returns> public static Response WithResponseFrameOptions(this Response response, ResponseFrameOptionsType type, string domain) { if (response == null) { throw new ArgumentNullException(nameof(response)); } return(Internal.ResponseHelper.UpdateHeader(response, type, domain)); }
/// <summary> /// Use Response XFrame-Options Pipelines /// </summary> /// <param name="pipelines"></param> /// <param name="type"></param> /// <param name="domain"></param> public static IPipelines UseResponseFrameOptions(this IPipelines pipelines, ResponseFrameOptionsType type, string domain) { if (pipelines == null) { throw new ArgumentNullException(nameof(pipelines)); } pipelines.AfterRequest.AddItemToEndOfPipeline(ctx => Internal.ResponseHelper.UpdateHeader(ctx, type, domain)); return(pipelines); }
/// <summary> /// Response XFrame-Options Middleware /// </summary> /// <param name="next"></param> /// <param name="type"></param> /// <param name="domain"></param> public ResponseFrameOptionsMiddleware(RequestDelegate next, ResponseFrameOptionsType type, string domain) { _next = next ?? throw new ArgumentNullException(nameof(next)); _type = type; _domain = domain; }
/// <summary> /// 全局使用 XFrame-Options /// </summary> /// <param name="filters"></param> /// <param name="type"></param> /// <param name="domain"></param> /// <returns></returns> public static GlobalFilterCollection AddResponseFrameOptionsFilter(this GlobalFilterCollection filters, ResponseFrameOptionsType type, string domain) { if (filters == null) { throw new ArgumentNullException(nameof(filters)); } filters.Add(new FrameOptionsAttribute { Domain = domain, FrameOptions = type }); return(filters); }
/// <summary> /// 全局使用 XFrame-Options /// </summary> /// <param name="filters"></param> /// <param name="type"></param> /// <returns></returns> public static GlobalFilterCollection AddResponseFrameOptionsFilter(this GlobalFilterCollection filters, ResponseFrameOptionsType type) { return(AddResponseFrameOptionsFilter(filters, type, string.Empty)); }
public static void UpdateHeader(NancyContext context, ResponseFrameOptionsType type, string domain = "") { UpdateHeader(context.Response, type, domain); }
/// <summary> /// Use Response XFrame-Options Middleware /// </summary> /// <param name="app"></param> /// <param name="type"></param> /// <param name="domain"></param> /// <returns></returns> public static IApplicationBuilder UseResponseFrameOptions(this IApplicationBuilder app, ResponseFrameOptionsType type, string domain) { if (app == null) { throw new ArgumentNullException(nameof(app)); } return(app.UseMiddleware <ResponseFrameOptionsMiddleware>(type, domain)); }
/// <summary> /// Use Response XFrame-Options Middleware /// </summary> /// <param name="app"></param> /// <param name="type"></param> /// <returns></returns> public static IApplicationBuilder UseResponseFrameOptions(this IApplicationBuilder app, ResponseFrameOptionsType type) { return(app.UseResponseFrameOptions(type, string.Empty)); }
/// <summary> /// Add a head to the response /// </summary> /// <param name="response"></param> /// <param name="type"></param> /// <returns></returns> public static Response WithResponseFrameOptions(this Response response, ResponseFrameOptionsType type) { return(WithResponseFrameOptions(response, type, string.Empty)); }
/// <summary> /// Use Response XFrame-Options Pipelines /// </summary> /// <param name="pipelines"></param> /// <param name="type"></param> /// <returns></returns> public static AfterPipeline UseResponseFrameOptions(this AfterPipeline pipelines, ResponseFrameOptionsType type) { return(UseResponseFrameOptions(pipelines, type, string.Empty)); }