public void SetItem_SetsItem()
{
_contextWrapper.SetItem("someItem", "MyValue");
Assert.Equal("MyValue", _httpContext.Items["someItem"]);
_contextWrapper.SetItem <string>("someItem", null);
Assert.Null(_httpContext.Items["someItem"]);
}
public override void Process(TagHelperContext context, TagHelperOutput output)
{
if (!UseCspNonce)
{
return;
}
var httpContext = new HttpContextWrapper(ViewContext.HttpContext);
string nonce;
string contextMarkerKey;
var tag = output.TagName;
if (tag == ScriptTag)
{
nonce = _cspConfigOverride.GetCspScriptNonce(httpContext);
contextMarkerKey = "NWebsecScriptNonceSet";
}
else if (tag == StyleTag)
{
nonce = _cspConfigOverride.GetCspStyleNonce(httpContext);
contextMarkerKey = "NWebsecStyleNonceSet";
}
else
{
throw new Exception($"Something went horribly wrong. You shouldn't be here for the tag {tag}.");
}
// First reference to a nonce, set header and mark that header has been set. We only need to set it once.
if (httpContext.GetItem <string>(contextMarkerKey) == null)
{
httpContext.SetItem(contextMarkerKey, "set");
_headerOverride.SetCspHeaders(httpContext, false);
_headerOverride.SetCspHeaders(httpContext, true);
}
output.Attributes.Add(new TagHelperAttribute("nonce", nonce));
}
