Class ContentSecurityPolicyConfiguration

Inheritance
System.Object
ContentSecurityPolicyConfiguration
Implements
Inherited Members
System.Object.Equals(System.Object)
System.Object.Equals(System.Object, System.Object)
System.Object.GetHashCode()
System.Object.GetType()
System.Object.MemberwiseClone()
System.Object.ReferenceEquals(System.Object, System.Object)
System.Object.ToString()
Namespace: WaCore.Web.Middleware.SecureHeaders.Models
Assembly: WaCore.Web.dll
Syntax
public class ContentSecurityPolicyConfiguration : IConfigurationBase

Properties

| Improve this Doc View Source

BaseUri

The base-uri values to use (which can be used in a document's base element)

Declaration
public List<string> BaseUri { get; set; }
Property Value
Type Description
System.Collections.Generic.List<System.String>
| Improve this Doc View Source

BlockAllMixedContent

Whether to include the block-all-mixed-content directive (prevents loading any assets using HTTP when the page is loaded using HTTPS)

Declaration
public bool BlockAllMixedContent { get; set; }
Property Value
Type Description
System.Boolean
| Improve this Doc View Source

ConnectSrc

The connect-src values to use (restricts the URLs which can be loaded using script interfaces)

Declaration
public List<string> ConnectSrc { get; set; }
Property Value
Type Description
System.Collections.Generic.List<System.String>
| Improve this Doc View Source

DefaultSrc

The default-src values to use (as a fallback for the other CSP rules)

Declaration
public List<string> DefaultSrc { get; set; }
Property Value
Type Description
System.Collections.Generic.List<System.String>
| Improve this Doc View Source

FontSrc

The font-src values to use (valid sources for fonts loaded using @font-face)

Declaration
public List<string> FontSrc { get; set; }
Property Value
Type Description
System.Collections.Generic.List<System.String>
| Improve this Doc View Source

FormAction

The form-action values to use (restricts the URLs which can be used as the target of a form submissions from a given context)

Declaration
public List<string> FormAction { get; set; }
Property Value
Type Description
System.Collections.Generic.List<System.String>
| Improve this Doc View Source

FrameAncestors

The frame-ancestors values to use (valid parents that may embed a page using frame, iframe, object, embed, or applet)

Declaration
public List<string> FrameAncestors { get; set; }
Property Value
Type Description
System.Collections.Generic.List<System.String>
| Improve this Doc View Source

FrameSrc

The frame-src values to use (valid sources for nested browsing contexts loading using elements such as frame and iframe)

Declaration
public List<string> FrameSrc { get; set; }
Property Value
Type Description
System.Collections.Generic.List<System.String>
| Improve this Doc View Source

ImgSrc

The img-src values to use (valid sources for images and favicons)

Declaration
public List<string> ImgSrc { get; set; }
Property Value
Type Description
System.Collections.Generic.List<System.String>
| Improve this Doc View Source

ManifestSrc

The manifest-src values to use (which manifest can be applied to the resource)

Declaration
public List<string> ManifestSrc { get; set; }
Property Value
Type Description
System.Collections.Generic.List<System.String>
| Improve this Doc View Source

MediaSrc

The media-src values to use (valid sources for loading media using the audio and video elements)

Declaration
public List<string> MediaSrc { get; set; }
Property Value
Type Description
System.Collections.Generic.List<System.String>
| Improve this Doc View Source

ObjectSrc

The object-src values to use (valid sources for the object, embed, and applet elements)

Declaration
public List<string> ObjectSrc { get; set; }
Property Value
Type Description
System.Collections.Generic.List<System.String>
| Improve this Doc View Source

PluginTypes

The directive restricts the set of plugins that can be embedded into a document by limiting the types of resources which can be loaded

Declaration
public List<string> PluginTypes { get; set; }
Property Value
Type Description
System.Collections.Generic.List<System.String>
| Improve this Doc View Source

RequireSriFor

The directive instructs the client to require the use of Subresource Integrity for scripts or styles on the page

Declaration
public List<string> RequireSriFor { get; set; }
Property Value
Type Description
System.Collections.Generic.List<System.String>
| Improve this Doc View Source

Sandbox

Enables a sandbox for the requested resource similar to the iframe sandbox attribute

Declaration
public string Sandbox { get; set; }
Property Value
Type Description
System.String
| Improve this Doc View Source

ScriptSrc

The script-src values to use (valid sources for sources for JavaScript)

Declaration
public List<string> ScriptSrc { get; set; }
Property Value
Type Description
System.Collections.Generic.List<System.String>
| Improve this Doc View Source

StyleSrc

The style-src values to use (valid sources for style sheets)

Declaration
public List<string> StyleSrc { get; set; }
Property Value
Type Description
System.Collections.Generic.List<System.String>
| Improve this Doc View Source

UpgradeInsecureRequests

Whether to include the upgrade-insecure-requests directive (instructs user agents to treat all of a site's insecure URLs as though they have been replaced with secure URLs)

Declaration
public bool UpgradeInsecureRequests { get; set; }
Property Value
Type Description
System.Boolean
| Improve this Doc View Source

WorkerSrc

The directive specifies valid sources for Worker, SharedWorker, or ServiceWorker scripts

Declaration
public List<string> WorkerSrc { get; set; }
Property Value
Type Description
System.Collections.Generic.List<System.String>

Methods

| Improve this Doc View Source

BuildHeaderValue()

Declaration
public string BuildHeaderValue()
Returns
Type Description
System.String

Implements