Refactoring

3 years ago · 41b254dbda
3 changed files with 5 additions and 7 deletions
--- a/framework/src/Volo.Abp.AspNetCore.Mvc.UI.Bundling/Volo/Abp/AspNetCore/Mvc/UI/Bundling/TagHelpers/AbpTagHelperStyleService.cs
+++ b/framework/src/Volo.Abp.AspNetCore.Mvc.UI.Bundling/Volo/Abp/AspNetCore/Mvc/UI/Bundling/TagHelpers/AbpTagHelperStyleService.cs
@ -14,7 +14,7 @@ namespace Volo.Abp.AspNetCore.Mvc.UI.Bundling.TagHelpers;

 public class AbpTagHelperStyleService : AbpTagHelperResourceService
 {
-    private readonly IOptions<AbpSecurityHeadersOptions> _securityHeadersOptions;
+    protected AbpSecurityHeadersOptions SecurityHeadersOptions;
    public AbpTagHelperStyleService(
        IBundleManager bundleManager,
        IOptions<AbpBundlingOptions> options,
@ -24,7 +24,7 @@ public class AbpTagHelperStyleService : AbpTagHelperResourceService
            options,
            hostingEnvironment)
    {
-        _securityHeadersOptions = securityHeadersOptions;
+        SecurityHeadersOptions = securityHeadersOptions.Value;
    }

    protected override void CreateBundle(string bundleName, List<BundleTagHelperItem> bundleItems)
@ -52,7 +52,7 @@ public class AbpTagHelperStyleService : AbpTagHelperResourceService

        if (preload || Options.PreloadStylesByDefault || Options.PreloadStyles.Any(x => file.StartsWith(x, StringComparison.OrdinalIgnoreCase)))
        {
-            output.Content.AppendHtml(_securityHeadersOptions.Value.UseContentSecurityPolicyNonce
+            output.Content.AppendHtml(SecurityHeadersOptions.UseContentSecurityPolicyNonce
                ? $"<link rel=\"preload\" href=\"{viewContext.GetUrlHelper().Content(file.EnsureStartsWith('~'))}\" as=\"style\" abp-csp-style />{Environment.NewLine}"
                : $"<link rel=\"preload\" href=\"{viewContext.GetUrlHelper().Content(file.EnsureStartsWith('~'))}\" as=\"style\" onload=\"this.rel='stylesheet'\" />{Environment.NewLine}");
        }
--- a/framework/src/Volo.Abp.AspNetCore/Volo/Abp/AspNetCore/Security/AbpSecurityHeadersMiddleware.cs
+++ b/framework/src/Volo.Abp.AspNetCore/Volo/Abp/AspNetCore/Security/AbpSecurityHeadersMiddleware.cs
@ -54,7 +54,6 @@ public class AbpSecurityHeadersMiddleware : IMiddleware, ITransientDependency

        context.Response.OnStarting(() =>
        {
-            // is response already have CSP header?
            if (context.Response.Headers.ContainsKey("Content-Security-Policy"))
            {
                return Task.CompletedTask;
@ -64,8 +63,7 @@ public class AbpSecurityHeadersMiddleware : IMiddleware, ITransientDependency
            {
                return Task.CompletedTask;
            }
-
-            // is response successfully?
+            
            if (context.Response.StatusCode is < 200 or > 299)
            {
                return Task.CompletedTask;
--- a/framework/src/Volo.Abp.AspNetCore/Volo/Abp/AspNetCore/Security/AbpSecurityHeadersOptions.cs
+++ b/framework/src/Volo.Abp.AspNetCore/Volo/Abp/AspNetCore/Security/AbpSecurityHeadersOptions.cs
@ -11,7 +11,7 @@ public class AbpSecurityHeadersOptions
    
    public bool UseContentSecurityPolicyNonce { get; set; }

-    public Dictionary<string,IEnumerable<string>> ContentSecurityPolicyValues { get; }
+    public Dictionary<string, IEnumerable<string>> ContentSecurityPolicyValues { get; }

    public Dictionary<string, string> Headers { get; }