private bool AnyValues()
{
return(BaseUri.Any() || DefaultSrc.Any() || ScriptSrc.Any() || ObjectSrc.Any() ||
StyleSrc.Any() || ImgSrc.Any() || MediaSrc.Any() || FrameSrc.Any() ||
ChildSrc.Any() || FrameAncestors.Any() || FontSrc.Any() || ConnectSrc.Any() ||
ManifestSrc.Any() || FormAction.Any());
}
public Tuple <string, string> ToString(ICspNonceService nonceService)
{
string headerName;
if (ReportOnly)
{
headerName = "Content-Security-Policy-Report-Only";
}
else
{
headerName = "Content-Security-Policy";
}
ICollection <string> values = new List <string>
{
DefaultSrc.ToString(nonceService),
ScriptSrc.ToString(nonceService),
StyleSrc.ToString(nonceService),
ChildSrc.ToString(nonceService),
ConnectSrc.ToString(nonceService),
FontSrc.ToString(nonceService),
FormAction.ToString(nonceService),
ImgSrc.ToString(nonceService),
MediaSrc.ToString(nonceService),
ObjectSrc.ToString(nonceService),
FrameAncestors.ToString(),
PluginTypes.ToString()
};
if (EnableSandbox)
{
values.Add(Sandbox.ToString());
}
if (ReportUri != null)
{
values.Add("report-uri " + ReportUri);
}
string headerValue = string.Join(";", values.Where(s => s.Length > 0));
return(new Tuple <string, string>(headerName, headerValue));
}
List <LogAssociation> FindScriptSourceAssociations(Session MainLog, List <Session> SessionList, RefererAssociationType RefAssoType)
{
List <LogAssociation> Associations = new List <LogAssociation>();
if (MainLog.Response == null)
{
return(Associations);
}
//Match script urls with absolute match and response content type match
foreach (string ScriptSrc in MainLog.Response.Html.GetDecodedValues("script", "src"))
{
try
{
Request ScriptReq = new Request(ScriptSrc.Trim());
foreach (Session Sess in SessionList)
{
if (!Sess.Request.Method.Equals("GET", StringComparison.OrdinalIgnoreCase))
{
continue;
}
if (Sess.Request.FullUrl.Equals(ScriptReq.FullUrl) && Sess.Response != null)// && Sess.Response.Code == 304 || Sess.Response.IsJavaScript)
{
if (Sess.Response.Code == 304 || Sess.Response.IsJavaScript)
{
LogAssociation LogAsso = new LogAssociation(LogAssociationType.ExternalScript, RefAssoType, IronHtml.UrlInHtmlMatch.FullAbsolute, LogAssociationMatchLevel.UrlMatchAndResponseType, MainLog, Sess);
Associations.Add(LogAsso);
}
else
{
LogAssociation LogAsso = new LogAssociation(LogAssociationType.ExternalScript, RefAssoType, IronHtml.UrlInHtmlMatch.FullAbsolute, LogAssociationMatchLevel.UrlMatchOnly, MainLog, Sess);
Associations.Add(LogAsso);
}
}
}
}
catch
{
Request ScriptReq = new Request(MainLog.Request.RelativeUrlToAbsoluteUrl(ScriptSrc.Trim()));
foreach (Session Sess in SessionList)
{
if (!Sess.Request.Method.Equals("GET", StringComparison.OrdinalIgnoreCase))
{
continue;
}
if (Sess.Request.FullUrl.Equals(ScriptReq.FullUrl) && Sess.Response != null)// && Sess.Response.Code == 304 || Sess.Response.IsJavaScript)
{
if (Sess.Response.Code == 304 || Sess.Response.IsJavaScript)
{
LogAssociation LogAsso = new LogAssociation(LogAssociationType.ExternalScript, RefAssoType, IronHtml.UrlInHtmlMatch.FullRelative, LogAssociationMatchLevel.UrlMatchAndResponseType, MainLog, Sess);
Associations.Add(LogAsso);
}
else
{
LogAssociation LogAsso = new LogAssociation(LogAssociationType.ExternalScript, RefAssoType, IronHtml.UrlInHtmlMatch.FullRelative, LogAssociationMatchLevel.UrlMatchOnly, MainLog, Sess);
Associations.Add(LogAsso);
}
}
}
}
}
return(Associations);
}