Moved HeaderOverrideHelper to Common

NWebsec · Mar 4, 2018 · b3c9f97 · b3c9f97
1 parent 9c856e0
commit b3c9f97
Show file tree

Hide file tree

Showing 36 changed files with 101 additions and 502 deletions.
diff --git a/src/NWebsec.AspNet.Mvc/Helpers/HeaderOverrideHelper.cs b/src/NWebsec.AspNet.Mvc/Helpers/HeaderOverrideHelper.cs
diff --git a/src/NWebsec.AspNet.Mvc/HttpHeaders/Csp/CspHtmlHelpers.cs b/src/NWebsec.AspNet.Mvc/HttpHeaders/Csp/CspHtmlHelpers.cs
@@ -6,7 +6,6 @@
 using NWebsec.Csp;
 using NWebsec.Mvc.Common.Csp;
 using NWebsec.Mvc.Common.Helpers;
-using NWebsec.Mvc.Helpers;
 using HttpContextWrapper = NWebsec.Core.Web.HttpContextWrapper;
 
 namespace NWebsec.Mvc.HttpHeaders.Csp

diff --git a/src/NWebsec.AspNet.Mvc/HttpHeaders/Csp/Internals/CspAttributeBase.cs b/src/NWebsec.AspNet.Mvc/HttpHeaders/Csp/Internals/CspAttributeBase.cs
@@ -6,7 +6,6 @@
 using NWebsec.Core.Web;
 using NWebsec.Csp;
 using NWebsec.Mvc.Common.Helpers;
-using NWebsec.Mvc.Helpers;
 using NWebsec.Mvc.HttpHeaders.Internals;
 
 namespace NWebsec.Mvc.HttpHeaders.Csp.Internals

diff --git a/src/NWebsec.AspNet.Mvc/HttpHeaders/Csp/Internals/CspBlockAllMixedContentAttributeBase.cs b/src/NWebsec.AspNet.Mvc/HttpHeaders/Csp/Internals/CspBlockAllMixedContentAttributeBase.cs
@@ -6,7 +6,6 @@
 using NWebsec.Csp;
 using NWebsec.Mvc.Common.Csp;
 using NWebsec.Mvc.Common.Helpers;
-using NWebsec.Mvc.Helpers;
 using NWebsec.Mvc.HttpHeaders.Internals;
 
 namespace NWebsec.Mvc.HttpHeaders.Csp.Internals

diff --git a/src/NWebsec.AspNet.Mvc/HttpHeaders/Csp/Internals/CspDirectiveAttributeBase.cs b/src/NWebsec.AspNet.Mvc/HttpHeaders/Csp/Internals/CspDirectiveAttributeBase.cs
@@ -8,7 +8,6 @@
 using NWebsec.Csp;
 using NWebsec.Mvc.Common.Csp;
 using NWebsec.Mvc.Common.Helpers;
-using NWebsec.Mvc.Helpers;
 using NWebsec.Mvc.HttpHeaders.Internals;
 
 namespace NWebsec.Mvc.HttpHeaders.Csp.Internals

diff --git a/src/NWebsec.AspNet.Mvc/HttpHeaders/Csp/Internals/CspPluginTypesAttributeBase.cs b/src/NWebsec.AspNet.Mvc/HttpHeaders/Csp/Internals/CspPluginTypesAttributeBase.cs
@@ -7,7 +7,6 @@
 using NWebsec.Csp;
 using NWebsec.Mvc.Common.Csp;
 using NWebsec.Mvc.Common.Helpers;
-using NWebsec.Mvc.Helpers;
 using NWebsec.Mvc.HttpHeaders.Internals;
 
 namespace NWebsec.Mvc.HttpHeaders.Csp.Internals

diff --git a/src/NWebsec.AspNet.Mvc/HttpHeaders/Csp/Internals/CspReportUriAttributeBase.cs b/src/NWebsec.AspNet.Mvc/HttpHeaders/Csp/Internals/CspReportUriAttributeBase.cs
@@ -8,7 +8,6 @@
 using NWebsec.Core.Web;
 using NWebsec.Csp;
 using NWebsec.Mvc.Common.Helpers;
-using NWebsec.Mvc.Helpers;
 using NWebsec.Mvc.HttpHeaders.Internals;
 
 namespace NWebsec.Mvc.HttpHeaders.Csp.Internals

diff --git a/src/NWebsec.AspNet.Mvc/HttpHeaders/Csp/Internals/CspSandboxAttributeBase.cs b/src/NWebsec.AspNet.Mvc/HttpHeaders/Csp/Internals/CspSandboxAttributeBase.cs
@@ -6,7 +6,6 @@
 using NWebsec.Csp;
 using NWebsec.Mvc.Common.Csp;
 using NWebsec.Mvc.Common.Helpers;
-using NWebsec.Mvc.Helpers;
 using NWebsec.Mvc.HttpHeaders.Internals;
 
 namespace NWebsec.Mvc.HttpHeaders.Csp.Internals

diff --git a/src/NWebsec.AspNet.Mvc/HttpHeaders/SetNoCacheHttpHeadersAttribute.cs b/src/NWebsec.AspNet.Mvc/HttpHeaders/SetNoCacheHttpHeadersAttribute.cs
@@ -6,7 +6,6 @@
 using NWebsec.Core.Web;
 using NWebsec.Csp;
 using NWebsec.Mvc.Common.Helpers;
-using NWebsec.Mvc.Helpers;
 using NWebsec.Mvc.HttpHeaders.Internals;
 
 namespace NWebsec.Mvc.HttpHeaders

diff --git a/src/NWebsec.AspNet.Mvc/HttpHeaders/XContentTypeOptionsAttribute.cs b/src/NWebsec.AspNet.Mvc/HttpHeaders/XContentTypeOptionsAttribute.cs
@@ -6,7 +6,6 @@
 using NWebsec.Core.Web;
 using NWebsec.Csp;
 using NWebsec.Mvc.Common.Helpers;
-using NWebsec.Mvc.Helpers;
 using NWebsec.Mvc.HttpHeaders.Internals;
 
 namespace NWebsec.Mvc.HttpHeaders

diff --git a/src/NWebsec.AspNet.Mvc/HttpHeaders/XDownloadOptionsAttribute.cs b/src/NWebsec.AspNet.Mvc/HttpHeaders/XDownloadOptionsAttribute.cs
@@ -6,7 +6,6 @@
 using NWebsec.Core.Web;
 using NWebsec.Csp;
 using NWebsec.Mvc.Common.Helpers;
-using NWebsec.Mvc.Helpers;
 using NWebsec.Mvc.HttpHeaders.Internals;
 
 namespace NWebsec.Mvc.HttpHeaders

diff --git a/src/NWebsec.AspNet.Mvc/HttpHeaders/XFrameOptionsAttribute.cs b/src/NWebsec.AspNet.Mvc/HttpHeaders/XFrameOptionsAttribute.cs
@@ -7,7 +7,6 @@
 using NWebsec.Core.Web;
 using NWebsec.Csp;
 using NWebsec.Mvc.Common.Helpers;
-using NWebsec.Mvc.Helpers;
 using NWebsec.Mvc.HttpHeaders.Internals;
 
 namespace NWebsec.Mvc.HttpHeaders

diff --git a/src/NWebsec.AspNet.Mvc/HttpHeaders/XRobotsTagAttribute.cs b/src/NWebsec.AspNet.Mvc/HttpHeaders/XRobotsTagAttribute.cs
@@ -6,7 +6,6 @@
 using NWebsec.Core.Web;
 using NWebsec.Csp;
 using NWebsec.Mvc.Common.Helpers;
-using NWebsec.Mvc.Helpers;
 using NWebsec.Mvc.HttpHeaders.Internals;
 
 namespace NWebsec.Mvc.HttpHeaders

diff --git a/src/NWebsec.AspNet.Mvc/HttpHeaders/XXssProtectionAttribute.cs b/src/NWebsec.AspNet.Mvc/HttpHeaders/XXssProtectionAttribute.cs
@@ -7,7 +7,6 @@
 using NWebsec.Core.Web;
 using NWebsec.Csp;
 using NWebsec.Mvc.Common.Helpers;
-using NWebsec.Mvc.Helpers;
 using NWebsec.Mvc.HttpHeaders.Internals;
 
 namespace NWebsec.Mvc.HttpHeaders

diff --git a/src/NWebsec.AspNetCore.Core/Helpers/CspReportHelper.cs b/src/NWebsec.AspNetCore.Core/Helpers/CspReportHelper.cs
@@ -0,0 +1,11 @@
+// Copyright (c) André N. Klingsheim. See License.txt in the project root for license information.
+
+using NWebsec.Core.Common.Csp;
+
+namespace NWebsec.AspNetCore.Core.Helpers
+{
+    public class CspReportHelper : ICspReportHelper
+    {
+        public string GetBuiltInCspReportHandlerRelativeUri() => "/cspreport";
+    }
+}
diff --git a/src/NWebsec.AspNetCore.Mvc.TagHelpers/CspMediaTypeTagHelper.cs b/src/NWebsec.AspNetCore.Mvc.TagHelpers/CspMediaTypeTagHelper.cs
@@ -4,8 +4,8 @@
 using Microsoft.AspNetCore.Mvc.Rendering;
 using Microsoft.AspNetCore.Mvc.ViewFeatures;
 using Microsoft.AspNetCore.Razor.TagHelpers;
+using NWebsec.AspNetCore.Core.Helpers;
 using NWebsec.AspNetCore.Core.Web;
-using NWebsec.AspNetCore.Mvc.Helpers;
 using NWebsec.Core.Common.HttpHeaders.Configuration.Validation;
 using NWebsec.Mvc.Common.Csp;
 using NWebsec.Mvc.Common.Helpers;
@@ -25,7 +25,7 @@ public class CspMediaTypeTagHelper : TagHelper
         public CspMediaTypeTagHelper()
         {
             _cspConfigOverride = new CspConfigurationOverrideHelper();
-            _headerOverride = new HeaderOverrideHelper();
+            _headerOverride = new HeaderOverrideHelper(new CspReportHelper());
         }
 
         internal CspMediaTypeTagHelper(ICspConfigurationOverrideHelper overrideHelper,

diff --git a/src/NWebsec.AspNetCore.Mvc.TagHelpers/CspNonceTagHelper.cs b/src/NWebsec.AspNetCore.Mvc.TagHelpers/CspNonceTagHelper.cs
@@ -4,8 +4,8 @@
 using Microsoft.AspNetCore.Mvc.Rendering;
 using Microsoft.AspNetCore.Mvc.ViewFeatures;
 using Microsoft.AspNetCore.Razor.TagHelpers;
+using NWebsec.AspNetCore.Core.Helpers;
 using NWebsec.AspNetCore.Core.Web;
-using NWebsec.AspNetCore.Mvc.Helpers;
 using NWebsec.Mvc.Common.Helpers;
 
 namespace NWebsec.AspNetCore.Mvc.TagHelpers
@@ -23,7 +23,7 @@ public class CspNonceTagHelper : TagHelper
         public CspNonceTagHelper()
         {
             _cspConfigOverride = new CspConfigurationOverrideHelper();
-            _headerOverride = new HeaderOverrideHelper();
+            _headerOverride = new HeaderOverrideHelper(new CspReportHelper());
         }
 
         internal CspNonceTagHelper(ICspConfigurationOverrideHelper overrideHelper,

diff --git a/src/NWebsec.AspNetCore.Mvc/Csp/Internals/CspAttributeBase.cs b/src/NWebsec.AspNetCore.Mvc/Csp/Internals/CspAttributeBase.cs
@@ -2,8 +2,8 @@
 
 using System;
 using Microsoft.AspNetCore.Mvc.Filters;
+using NWebsec.AspNetCore.Core.Helpers;
 using NWebsec.AspNetCore.Core.Web;
-using NWebsec.AspNetCore.Mvc.Helpers;
 using NWebsec.AspNetCore.Mvc.Internals;
 using NWebsec.Core.Common.HttpHeaders.Configuration;
 using NWebsec.Mvc.Common.Helpers;
@@ -24,7 +24,7 @@ protected CspAttributeBase()
         {
             _config = new CspHeaderConfiguration { Enabled = true };
             _headerConfigurationOverrideHelper = new CspConfigurationOverrideHelper();
-            _headerOverrideHelper = new HeaderOverrideHelper();
+            _headerOverrideHelper = new HeaderOverrideHelper(new CspReportHelper());
         }
 
         internal sealed override string ContextKeyIdentifier => ReportOnly ? "CspReportOnly" : "Csp";

diff --git a/src/NWebsec.AspNetCore.Mvc/Csp/Internals/CspBlockAllMixedContentAttributeBase.cs b/src/NWebsec.AspNetCore.Mvc/Csp/Internals/CspBlockAllMixedContentAttributeBase.cs
@@ -2,8 +2,8 @@
 
 using System;
 using Microsoft.AspNetCore.Mvc.Filters;
+using NWebsec.AspNetCore.Core.Helpers;
 using NWebsec.AspNetCore.Core.Web;
-using NWebsec.AspNetCore.Mvc.Helpers;
 using NWebsec.AspNetCore.Mvc.Internals;
 using NWebsec.Mvc.Common.Csp;
 using NWebsec.Mvc.Common.Helpers;
@@ -24,7 +24,7 @@ protected CspBlockAllMixedContentAttributeBase()
         {
             _directive = new CspMixedContentOverride { Enabled = true };
             _configurationOverrideHelper = new CspConfigurationOverrideHelper();
-            _headerOverrideHelper = new HeaderOverrideHelper();
+            _headerOverrideHelper = new HeaderOverrideHelper(new CspReportHelper());
         }
 
         internal sealed override string ContextKeyIdentifier => ReportOnly ? "CspReportOnly" : "Csp";

diff --git a/src/NWebsec.AspNetCore.Mvc/Csp/Internals/CspDirectiveAttributeBase.cs b/src/NWebsec.AspNetCore.Mvc/Csp/Internals/CspDirectiveAttributeBase.cs
@@ -3,9 +3,9 @@
 using System;
 using System.Linq;
 using Microsoft.AspNetCore.Mvc.Filters;
+using NWebsec.AspNetCore.Core.Helpers;
 using NWebsec.AspNetCore.Core.Web;
 using NWebsec.Core.Common.HttpHeaders.Csp;
-using NWebsec.AspNetCore.Mvc.Helpers;
 using NWebsec.AspNetCore.Mvc.Internals;
 using NWebsec.Mvc.Common.Csp;
 using NWebsec.Mvc.Common.Helpers;
@@ -31,7 +31,7 @@ protected CspDirectiveAttributeBase()
                 InheritOtherSources = true
             };
             _headerConfigurationOverrideHelper = new CspConfigurationOverrideHelper();
-            _headerOverrideHelper = new HeaderOverrideHelper();
+            _headerOverrideHelper = new HeaderOverrideHelper(new CspReportHelper());
         }
 
         internal sealed override string ContextKeyIdentifier => ReportOnly ? "CspReportOnly" : "Csp";

diff --git a/src/NWebsec.AspNetCore.Mvc/Csp/Internals/CspPluginTypesAttributeBase.cs b/src/NWebsec.AspNetCore.Mvc/Csp/Internals/CspPluginTypesAttributeBase.cs
@@ -2,9 +2,9 @@
 
 using System;
 using Microsoft.AspNetCore.Mvc.Filters;
+using NWebsec.AspNetCore.Core.Helpers;
 using NWebsec.AspNetCore.Core.Web;
 using NWebsec.Core.Common.HttpHeaders.Configuration.Validation;
-using NWebsec.AspNetCore.Mvc.Helpers;
 using NWebsec.AspNetCore.Mvc.Internals;
 using NWebsec.Mvc.Common.Csp;
 using NWebsec.Mvc.Common.Helpers;
@@ -26,7 +26,7 @@ protected CspPluginTypesAttributeBase(params string[] mediaTypes)
         {
             _directive = new CspPluginTypesOverride { Enabled = true, InheritMediaTypes = true };
             _configurationOverrideHelper = new CspConfigurationOverrideHelper();
-            _headerOverrideHelper = new HeaderOverrideHelper();
+            _headerOverrideHelper = new HeaderOverrideHelper(new CspReportHelper());
 
             if (mediaTypes.Length > 0)
             {

diff --git a/src/NWebsec.AspNetCore.Mvc/Csp/Internals/CspReportUriAttributeBase.cs b/src/NWebsec.AspNetCore.Mvc/Csp/Internals/CspReportUriAttributeBase.cs
@@ -3,10 +3,10 @@
 using System;
 using System.Collections.Generic;
 using Microsoft.AspNetCore.Mvc.Filters;
+using NWebsec.AspNetCore.Core.Helpers;
 using NWebsec.AspNetCore.Core.Web;
 using NWebsec.Core.Common.HttpHeaders.Configuration;
 using NWebsec.Core.Common.HttpHeaders.Csp;
-using NWebsec.AspNetCore.Mvc.Helpers;
 using NWebsec.AspNetCore.Mvc.Internals;
 using NWebsec.Mvc.Common.Helpers;
 
@@ -25,7 +25,7 @@ protected CspReportUriAttributeBase()
         {
             _directive = new CspReportUriDirectiveConfiguration { Enabled = true };
             _configurationOverrideHelper = new CspConfigurationOverrideHelper();
-            _headerOverrideHelper = new HeaderOverrideHelper();
+            _headerOverrideHelper = new HeaderOverrideHelper(new CspReportHelper());
         }
 
         internal sealed override string ContextKeyIdentifier => ReportOnly ? "CspReportOnly" : "Csp";