public XXssMiddleware(AppFunc next, XXssProtectionOptions options) : base(next) { _config = options; var headerGenerator = new HeaderGenerator(); _headerResult = headerGenerator.CreateXXssProtectionResult(_config); }
public void EnabledAndBlockedByDefault_ResultIsCorrect() { var options = new XXssProtectionOptions(); Assert.True(options.EnableProtection); Assert.True(options.EnableAttackBlock); }
public void EnabledAndBlockedAreOffWhenSet_ResultIsCorrect() { var options = new XXssProtectionOptions(false, false); Assert.False(options.EnableProtection); Assert.False(options.EnableAttackBlock); }
public XXssMiddleware(RequestDelegate next, XXssProtectionOptions options) : base(next) { _config = options; var headerGenerator = new HeaderGenerator(); _headerResult = headerGenerator.CreateXXssProtectionResult(_config); }
/// <summary> /// Adds a middleware to the ASP.NET Core pipeline that sets the X-Xss-Protection header. /// </summary> /// <param name="app">The <see cref="IApplicationBuilder" /> to which the middleware is added.</param> /// <param name="configurer">An <see cref="Action" /> that configures the options for the middleware.</param> /// <returns>The <see cref="IApplicationBuilder" /> supplied in the app parameter.</returns> public static IApplicationBuilder UseXXssProtection(this IApplicationBuilder app, Action <IFluentXXssProtectionOptions> configurer) { if (app == null) { throw new ArgumentNullException(nameof(app)); } if (configurer == null) { throw new ArgumentNullException(nameof(configurer)); } var options = new XXssProtectionOptions(); configurer(options); return(app.UseMiddleware <XXssMiddleware>(options)); }
public XXSSProtectionMiddleware(XXssProtectionOptions options) { Options = options ?? throw new ArgumentNullException(nameof(options)); _headerValue = Options.ToString(); }
public static IServiceCollection AddXXSSProtection(this IServiceCollection services, XXssProtectionOptions options) { services.AddSingleton <XXSSProtectionMiddleware>(); services.AddSingleton(options); return(services); }
public XXssProtectionOptionsTests() { _options = new XXssProtectionOptions(); }
public XXSSProtectionMiddleware(RequestDelegate next, XXssProtectionOptions options) { _next = next; Options = options ?? throw new ArgumentNullException(nameof(options)); _headerValue = Options.ToString(); }
/// <summary> /// Adds the X-XSS-Protection header to each response with text/html media type. /// </summary> /// <param name="app"></param> /// <param name="options"></param> public static void UseXXSSProtection(this IApplicationBuilder app, XXssProtectionOptions options) { app.UseMiddleware <XXSSProtectionMiddleware>(options); }
public void Setup() { _options = new XXssProtectionOptions(); }