private bool AnyValues()
 {
     return(BaseUri.Any() || DefaultSrc.Any() || ScriptSrc.Any() || ObjectSrc.Any() ||
            StyleSrc.Any() || ImgSrc.Any() || MediaSrc.Any() || FrameSrc.Any() ||
            ChildSrc.Any() || FrameAncestors.Any() || FontSrc.Any() || ConnectSrc.Any() ||
            ManifestSrc.Any() || FormAction.Any());
 }
        public Tuple <string, string> ToString(ICspNonceService nonceService)
        {
            string headerName;

            if (ReportOnly)
            {
                headerName = "Content-Security-Policy-Report-Only";
            }
            else
            {
                headerName = "Content-Security-Policy";
            }
            ICollection <string> values = new List <string>
            {
                DefaultSrc.ToString(nonceService),
                ScriptSrc.ToString(nonceService),
                StyleSrc.ToString(nonceService),
                ChildSrc.ToString(nonceService),
                ConnectSrc.ToString(nonceService),
                FontSrc.ToString(nonceService),
                FormAction.ToString(nonceService),
                ImgSrc.ToString(nonceService),
                MediaSrc.ToString(nonceService),
                ObjectSrc.ToString(nonceService),
                FrameAncestors.ToString(),
                PluginTypes.ToString()
            };

            if (EnableSandbox)
            {
                values.Add(Sandbox.ToString());
            }
            if (ReportUri != null)
            {
                values.Add("report-uri " + ReportUri);
            }

            string headerValue = string.Join(";", values.Where(s => s.Length > 0));

            return(new Tuple <string, string>(headerName, headerValue));
        }
Пример #3
0
        List <LogAssociation> FindScriptSourceAssociations(Session MainLog, List <Session> SessionList, RefererAssociationType RefAssoType)
        {
            List <LogAssociation> Associations = new List <LogAssociation>();

            if (MainLog.Response == null)
            {
                return(Associations);
            }

            //Match script urls with absolute match and response content type match
            foreach (string ScriptSrc in MainLog.Response.Html.GetDecodedValues("script", "src"))
            {
                try
                {
                    Request ScriptReq = new Request(ScriptSrc.Trim());
                    foreach (Session Sess in SessionList)
                    {
                        if (!Sess.Request.Method.Equals("GET", StringComparison.OrdinalIgnoreCase))
                        {
                            continue;
                        }
                        if (Sess.Request.FullUrl.Equals(ScriptReq.FullUrl) && Sess.Response != null)// && Sess.Response.Code == 304 || Sess.Response.IsJavaScript)
                        {
                            if (Sess.Response.Code == 304 || Sess.Response.IsJavaScript)
                            {
                                LogAssociation LogAsso = new LogAssociation(LogAssociationType.ExternalScript, RefAssoType, IronHtml.UrlInHtmlMatch.FullAbsolute, LogAssociationMatchLevel.UrlMatchAndResponseType, MainLog, Sess);
                                Associations.Add(LogAsso);
                            }
                            else
                            {
                                LogAssociation LogAsso = new LogAssociation(LogAssociationType.ExternalScript, RefAssoType, IronHtml.UrlInHtmlMatch.FullAbsolute, LogAssociationMatchLevel.UrlMatchOnly, MainLog, Sess);
                                Associations.Add(LogAsso);
                            }
                        }
                    }
                }
                catch
                {
                    Request ScriptReq = new Request(MainLog.Request.RelativeUrlToAbsoluteUrl(ScriptSrc.Trim()));
                    foreach (Session Sess in SessionList)
                    {
                        if (!Sess.Request.Method.Equals("GET", StringComparison.OrdinalIgnoreCase))
                        {
                            continue;
                        }
                        if (Sess.Request.FullUrl.Equals(ScriptReq.FullUrl) && Sess.Response != null)// && Sess.Response.Code == 304 || Sess.Response.IsJavaScript)
                        {
                            if (Sess.Response.Code == 304 || Sess.Response.IsJavaScript)
                            {
                                LogAssociation LogAsso = new LogAssociation(LogAssociationType.ExternalScript, RefAssoType, IronHtml.UrlInHtmlMatch.FullRelative, LogAssociationMatchLevel.UrlMatchAndResponseType, MainLog, Sess);
                                Associations.Add(LogAsso);
                            }
                            else
                            {
                                LogAssociation LogAsso = new LogAssociation(LogAssociationType.ExternalScript, RefAssoType, IronHtml.UrlInHtmlMatch.FullRelative, LogAssociationMatchLevel.UrlMatchOnly, MainLog, Sess);
                                Associations.Add(LogAsso);
                            }
                        }
                    }
                }
            }
            return(Associations);
        }