Merge pull request #18116 from abpframework/OrdinalIgnoreCase

Use `OrdinalIgnoreCase` to compare the urls.
2 years ago · 63660cbee0
4 changed files with 16 additions and 15 deletions
--- a/framework/src/Volo.Abp.AspNetCore.SignalR/Volo/Abp/AspNetCore/SignalR/AbpAspNetCoreSignalRModule.cs
+++ b/framework/src/Volo.Abp.AspNetCore.SignalR/Volo/Abp/AspNetCore/SignalR/AbpAspNetCoreSignalRModule.cs
@ -78,7 +78,7 @@ public class AbpAspNetCoreSignalRModule : AbpModule
        {
            foreach (var routePattern in routePatterns)
            {
-                options.IgnoredUrls.AddIfNotContains(x => routePattern.StartsWith(x), () => routePattern);
+                options.IgnoredUrls.AddIfNotContains(x => routePattern.StartsWith(x, StringComparison.OrdinalIgnoreCase), () => routePattern);
            }
        });

--- a/framework/src/Volo.Abp.AspNetCore/Volo/Abp/AspNetCore/Auditing/AbpAuditingMiddleware.cs
+++ b/framework/src/Volo.Abp.AspNetCore/Volo/Abp/AspNetCore/Auditing/AbpAuditingMiddleware.cs
@ -100,12 +100,12 @@ public class AbpAuditingMiddleware : IMiddleware, ITransientDependency
        }

        if (!AuditingOptions.IsEnabledForIntegrationServices &&
-            context.Request.Path.Value.StartsWith($"/{AbpAspNetCoreConsts.DefaultIntegrationServiceApiPrefix}/"))
+            context.Request.Path.Value.StartsWith($"/{AbpAspNetCoreConsts.DefaultIntegrationServiceApiPrefix}/", StringComparison.OrdinalIgnoreCase))
        {
            return true;
        }

-        if (AspNetCoreAuditingOptions.IgnoredUrls.Any(x => context.Request.Path.Value.StartsWith(x)))
+        if (AspNetCoreAuditingOptions.IgnoredUrls.Any(x => context.Request.Path.Value.StartsWith(x, StringComparison.OrdinalIgnoreCase)))
        {
            return true;
        }
--- a/framework/src/Volo.Abp.AspNetCore/Volo/Abp/AspNetCore/Security/AbpSecurityHeadersMiddleware.cs
+++ b/framework/src/Volo.Abp.AspNetCore/Volo/Abp/AspNetCore/Security/AbpSecurityHeadersMiddleware.cs
@ -33,7 +33,7 @@ public class AbpSecurityHeadersMiddleware : IMiddleware, ITransientDependency

        var requestAcceptTypeHtml = context.Request.Headers["Accept"].Any(x =>
            x!.Contains("text/html") || x.Contains("*/*") || x.Contains("application/xhtml+xml"));
-            
+
        var endpoint = context.GetEndpoint();

        if (endpoint?.Metadata.GetMetadata<IgnoreAbpSecurityHeaderAttribute>() != null)
@ -42,11 +42,11 @@ public class AbpSecurityHeadersMiddleware : IMiddleware, ITransientDependency
            return;
        }

-        if (!requestAcceptTypeHtml 
-            || !Options.Value.UseContentSecurityPolicyHeader 
-            || await AlwaysIgnoreContentTypes(context) 
+        if (!requestAcceptTypeHtml
+            || !Options.Value.UseContentSecurityPolicyHeader
+            || await AlwaysIgnoreContentTypes(context)
            || endpoint == null
-            || Options.Value.IgnoredScriptNoncePaths.Any(x => context.Request.Path.StartsWithSegments(x.EnsureStartsWith('/'))))
+            || Options.Value.IgnoredScriptNoncePaths.Any(x => context.Request.Path.StartsWithSegments(x.EnsureStartsWith('/'), StringComparison.OrdinalIgnoreCase)))
        {
            AddOtherHeaders(context);
            await next.Invoke(context);
@ -71,7 +71,7 @@ public class AbpSecurityHeadersMiddleware : IMiddleware, ITransientDependency
            {
                return Task.CompletedTask;
            }
-            
+
            if (context.Response.StatusCode is < 200 or > 299)
            {
                return Task.CompletedTask;
@ -85,7 +85,7 @@ public class AbpSecurityHeadersMiddleware : IMiddleware, ITransientDependency
        AddOtherHeaders(context);
        await next.Invoke(context);
    }
-    
+
    private async Task<bool> AlwaysIgnoreContentTypes(HttpContext context)
    {
        foreach (var selector in Options.Value.IgnoredScriptNonceSelectors)
@ -95,7 +95,7 @@ public class AbpSecurityHeadersMiddleware : IMiddleware, ITransientDependency
                return true;
            }
        }
-        
+
        return false;
    }

@ -130,7 +130,7 @@ public class AbpSecurityHeadersMiddleware : IMiddleware, ITransientDependency
        var newScriptSrcValue = scriptSrcValue + nonceStr;
        return Options.Value.ContentSecurityPolicyValue!.Replace(scriptSrcValue!, newScriptSrcValue);
    }
-    
+

    protected virtual void AddHeader(HttpContext context, string key, string value, bool overrideIfExists = false)
    {
@ -142,4 +142,4 @@ public class AbpSecurityHeadersMiddleware : IMiddleware, ITransientDependency

        context.Response.Headers.AddIfNotContains(new KeyValuePair<string, StringValues>(key, value));
    }
-}
+}
--- a/framework/src/Volo.Abp.AspNetCore/Volo/Abp/AspNetCore/Uow/AbpUnitOfWorkMiddleware.cs
+++ b/framework/src/Volo.Abp.AspNetCore/Volo/Abp/AspNetCore/Uow/AbpUnitOfWorkMiddleware.cs
@ -1,4 +1,5 @@
-using System.Linq;
+using System;
+using System.Linq;
 using System.Threading.Tasks;
 using Microsoft.AspNetCore.Http;
 using Microsoft.Extensions.Options;
@ -38,6 +39,6 @@ public class AbpUnitOfWorkMiddleware : IMiddleware, ITransientDependency
    private bool IsIgnoredUrl(HttpContext context)
    {
        return context.Request.Path.Value != null &&
-               _options.IgnoredUrls.Any(x => context.Request.Path.Value.StartsWith(x));
+               _options.IgnoredUrls.Any(x => context.Request.Path.Value.StartsWith(x, StringComparison.OrdinalIgnoreCase));
    }
 }