stop

2018-11-15 12:46:21 -05:00
parent 83949b45d1
commit 9c4db3c5cb
5 changed files with 17 additions and 1 deletions
--- a/appveyor.yml
+++ b/appveyor.yml
@@ -14,7 +14,7 @@ build_script:
          dotnet pack src\HardHat\HardHat.csproj --configuration Release --output ..\..\output /p:Version=0.0.1-build-$env:APPVEYOR_BUILD_NUMBER
        }
 test_script:
- ps: dotnet test src\HardHat.UnitTests\HardHat.UnitTests.csproj
+- ps: dotnet test src\HardHat.UnitTests\HardHat.UnitTests.csproj /p:CollectCoverage=true /p:CoverletOutputFormat=opencover
 artifacts:
 - path: output\**.nupkg
 deploy:
--- a/src/HardHat/Builders/ContentSecurityHeaderBuilder.cs
+++ b/src/HardHat/Builders/ContentSecurityHeaderBuilder.cs
@@ -13,6 +13,10 @@ namespace HardHat.Builders
            {
                throw new ArgumentNullException(nameof(policy));
            }
+            if(policy.DefaultSrc.Count > 0 && policy.DefaultSrc.Contains(CSPConstants.None))
+            {
+                //todo throw exception in this case
+            }
            if (policy.DefaultSrc != null && policy.DefaultSrc.Count > 0)
            {
                stringBuilder.Append(Constants.CSPDirectives.DefaultSrc);
@@ -91,6 +95,10 @@ namespace HardHat.Builders
                stringBuilder.Append(Constants.CSPDirectives.PluginTypes);
                stringBuilder.Append($" {string.Join(" ", policy.PluginTypes)}; ");
            }
+            if(policy.UpgradeInsecureResponse) 
+            {
+                stringBuilder.Append($"{Constants.CSPDirectives.UpgradeInsecureRequests}; ");
+            }
            return stringBuilder.ToString().TrimEnd();
        }
    }
--- a/src/HardHat/Constants.cs
+++ b/src/HardHat/Constants.cs
@@ -52,6 +52,7 @@
            internal const string FormAction = "form-action";
            internal const string FrameAncestors = "frame-ancestors";
            internal const string PluginTypes = "plugin-types";
+            internal const string UpgradeInsecureRequests = "upgrade-insecure-requests";
        }
    }
 }
--- a/src/HardHat/ContentSecurityPolicy.cs
+++ b/src/HardHat/ContentSecurityPolicy.cs
@@ -68,5 +68,7 @@ namespace HardHat
        /// </summary>
        public bool OnlySendReport { get; set;  } = false;

+        public bool UpgradeInsecureResponse { get; set; } = false;
+
    }
 }
--- a/src/HardHat/ContentSecurityPolicyBuilder.cs
+++ b/src/HardHat/ContentSecurityPolicyBuilder.cs
@@ -204,6 +204,11 @@ namespace HardHat
            Policy.Sandbox = sandboxOption ?? throw new ArgumentNullException(nameof(sandboxOption));
            return this;
        }
+        public ContentSecurityPolicyBuilder WithUpgradeInsecureResponse(bool enable = true) 
+        {
+            Policy.UpgradeInsecureResponse = enable;
+            return this;
+        }
        public ContentSecurityPolicy BuildPolicy() => Policy;

    }