示例#1
0
        public override void Process(TagHelperContext context, TagHelperOutput output)
        {
            if (!UseCspNonce)
            {
                return;
            }

            var    httpContext = new HttpContextWrapper(ViewContext.HttpContext);
            string nonce;
            string contextMarkerKey;
            var    tag = output.TagName;

            if (tag == ScriptTag)
            {
                nonce            = _cspConfigOverride.GetCspScriptNonce(httpContext);
                contextMarkerKey = "NWebsecScriptNonceSet";
            }
            else if (tag == StyleTag)
            {
                nonce            = _cspConfigOverride.GetCspStyleNonce(httpContext);
                contextMarkerKey = "NWebsecStyleNonceSet";
            }
            else
            {
                throw new Exception($"Something went horribly wrong. You shouldn't be here for the tag {tag}.");
            }

            // First reference to a nonce, set header and mark that header has been set. We only need to set it once.
            if (httpContext.GetItem <string>(contextMarkerKey) == null)
            {
                httpContext.SetItem(contextMarkerKey, "set");
                _headerOverride.SetCspHeaders(httpContext, false);
                _headerOverride.SetCspHeaders(httpContext, true);
            }

            output.Attributes.Add(new TagHelperAttribute("nonce", nonce));
        }
示例#2
0
 public void GetItem_NoItem_ReturnsNull()
 {
     Assert.Null(_contextWrapper.GetItem <string>("unexistingitem"));
 }