mirror of https://github.com/abpframework/abp.git
Salih
3 years ago
2 changed files with 27 additions and 6 deletions
@ -1,20 +1,18 @@ |
|||
using Microsoft.AspNetCore.Mvc.Rendering; |
|||
using Microsoft.AspNetCore.Mvc.ViewFeatures; |
|||
using Microsoft.AspNetCore.Razor.TagHelpers; |
|||
using Volo.Abp.AspNetCore.Mvc.UI.Bootstrap.TagHelpers; |
|||
|
|||
namespace Volo.Abp.AspNetCore.Mvc.UI.Bootstrap.TagHelpers.Script; |
|||
namespace Volo.Abp.AspNetCore.Mvc.UI.Bundling.TagHelpers; |
|||
|
|||
|
|||
[HtmlTargetElement("script", Attributes = "abp-nonce")] |
|||
public class AbpNonceTagHelper : AbpTagHelper |
|||
[HtmlTargetElement("script")] |
|||
public class AbpNonceScriptTagHelper : AbpTagHelper |
|||
{ |
|||
[HtmlAttributeNotBound] |
|||
[ViewContext] |
|||
public ViewContext ViewContext { get; set; } |
|||
|
|||
public override void Process(TagHelperContext context, TagHelperOutput output) |
|||
{ |
|||
output.Attributes.RemoveAll("abp-nonce"); |
|||
if (ViewContext.HttpContext.Items.TryGetValue(AbpAspNetCoreConsts.ScriptNonceKey, out var nonce) && nonce is string nonceString && !string.IsNullOrEmpty(nonceString)) |
|||
{ |
|||
output.Attributes.Add("nonce", nonceString); |
|||
@ -0,0 +1,23 @@ |
|||
using Microsoft.AspNetCore.Html; |
|||
using Microsoft.AspNetCore.Mvc.Rendering; |
|||
|
|||
namespace Volo.Abp.AspNetCore.Security; |
|||
|
|||
public static class AbpSecurityHeaderNonceHelper |
|||
{ |
|||
public static string GetScriptNonce(this IHtmlHelper htmlHelper) |
|||
{ |
|||
if (htmlHelper.ViewContext.HttpContext.Items.TryGetValue(AbpAspNetCoreConsts.ScriptNonceKey, out var nonce) && nonce is string nonceString && !string.IsNullOrEmpty(nonceString)) |
|||
{ |
|||
return nonceString; |
|||
} |
|||
|
|||
return string.Empty; |
|||
} |
|||
|
|||
public static string GetScriptNonceAttribute(this IHtmlHelper htmlHelper) |
|||
{ |
|||
var nonce = htmlHelper.GetScriptNonce(); |
|||
return string.IsNullOrEmpty(nonce) ? string.Empty : $"nonce=\"{nonce}\""; |
|||
} |
|||
} |
|||
Loading…
Reference in new issue