public void SetCspHeaders(IHttpContextWrapper context, bool reportOnly) { var cspConfig = _cspConfigurationOverrideHelper.GetCspConfigWithOverrides(context, reportOnly); if (cspConfig == null) { return; } var oldConfig = _contextConfigurationHelper.GetCspConfiguration(context, reportOnly); var header = _headerGenerator.CreateCspResult(cspConfig, reportOnly, _reportHelper.GetBuiltInCspReportHandlerRelativeUri(), oldConfig); _headerResultHandler.HandleHeaderResult(context, header); }
internal void SetCspHeaders(HttpContext context, bool reportOnly) { var cspConfig = _cspConfigurationOverrideHelper.GetCspConfigWithOverrides(context, reportOnly); if (cspConfig == null) { return; } var oldConfig = _contextConfigurationHelper.GetCspConfiguration(context, reportOnly); var header = _headerGenerator.CreateCspResult(cspConfig, reportOnly, null, oldConfig); //TODO CSP reporting fun //var header = _headerGenerator.CreateCspResult(cspConfig, reportOnly, _reportHelper.GetBuiltInCspReportHandlerRelativeUri(), oldConfig); _headerResultHandler.HandleHeaderResult(context.Response, header); }
internal void SetCspHeaders(HttpContextBase context, bool reportOnly) { var cspConfig = _cspConfigurationOverrideHelper.GetCspConfigWithOverrides(context, reportOnly); if (cspConfig == null) { return; } var userAgent = context.Request.UserAgent; if (!String.IsNullOrEmpty(userAgent) && userAgent.Contains(" Version/5") && userAgent.Contains(" Safari/")) { return; } var oldConfig = _contextConfigurationHelper.GetCspConfiguration(context, reportOnly); var header = _headerGenerator.CreateCspResult(cspConfig, reportOnly, _reportHelper.GetBuiltInCspReportHandlerRelativeUri(), oldConfig); _headerResultHandler.HandleHeaderResult(context.Response, header); }
internal void SetCspHeaders(IHttpContextWrapper context, NWebsecContext nwebsecContext, bool reportOnly) { if (_handlerHelper.IsStaticContentHandler(context) || _handlerHelper.IsUnmanagedHandler(context)) { return; } ICspConfiguration cspConfig; if (reportOnly) { cspConfig = nwebsecContext.CspReportOnly = WebConfig.SecurityHttpHeaders.CspReportOnly; } else { cspConfig = nwebsecContext.Csp = WebConfig.SecurityHttpHeaders.Csp; } var result = _headerGenerator.CreateCspResult(cspConfig, reportOnly, _reportHelper.GetBuiltInCspReportHandlerRelativeUri()); _headerResultHandler.HandleHeaderResult(context, result); }