From c87124e88eeff895f756abc04b0eb97ea166cbae Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A1ra=20El-Saig?= Date: Fri, 29 Dec 2023 00:54:38 +0100 Subject: [PATCH 1/3] Delete .github/actions/spelling/allow/security.txt --- .github/actions/spelling/allow/security.txt | 1 - 1 file changed, 1 deletion(-) delete mode 100644 .github/actions/spelling/allow/security.txt diff --git a/.github/actions/spelling/allow/security.txt b/.github/actions/spelling/allow/security.txt deleted file mode 100644 index a27c363c..00000000 --- a/.github/actions/spelling/allow/security.txt +++ /dev/null @@ -1 +0,0 @@ -clickjacking From d01ce294ddee5be1500dd12ddce632484187065c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A1ra=20El-Saig?= Date: Fri, 29 Dec 2023 00:55:02 +0100 Subject: [PATCH 2/3] Update Lombiq.HelpfulLibraries.AspNetCore/Security/ApplicationBuilderExtensions.cs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Zoltán Lehóczky --- .../Security/ApplicationBuilderExtensions.cs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Lombiq.HelpfulLibraries.AspNetCore/Security/ApplicationBuilderExtensions.cs b/Lombiq.HelpfulLibraries.AspNetCore/Security/ApplicationBuilderExtensions.cs index 0cacd9a3..67fd6be0 100644 --- a/Lombiq.HelpfulLibraries.AspNetCore/Security/ApplicationBuilderExtensions.cs +++ b/Lombiq.HelpfulLibraries.AspNetCore/Security/ApplicationBuilderExtensions.cs @@ -11,8 +11,8 @@ namespace Microsoft.AspNetCore.Builder; public static class ApplicationBuilderExtensions { /// - /// Adds a middleware that supplies Content-Security-Policy header. It may be further expanded by registering - /// services that implement . + /// Adds a middleware that supplies the Content-Security-Policy header. It may be further expanded by + /// registering services that implement . /// /// If then inline scripts and styles are permitted. public static IApplicationBuilder UseContentSecurityPolicyHeader(this IApplicationBuilder app, bool allowInline) => From 9633f9aac283b0bf7fb277e9d55fd976b0060c77 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A1ra=20El-Saig?= Date: Fri, 29 Dec 2023 00:56:01 +0100 Subject: [PATCH 3/3] Update Lombiq.HelpfulLibraries.AspNetCore/Security/ApplicationBuilderExtensions.cs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Zoltán Lehóczky --- .../Security/ApplicationBuilderExtensions.cs | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Lombiq.HelpfulLibraries.AspNetCore/Security/ApplicationBuilderExtensions.cs b/Lombiq.HelpfulLibraries.AspNetCore/Security/ApplicationBuilderExtensions.cs index 67fd6be0..68f4d909 100644 --- a/Lombiq.HelpfulLibraries.AspNetCore/Security/ApplicationBuilderExtensions.cs +++ b/Lombiq.HelpfulLibraries.AspNetCore/Security/ApplicationBuilderExtensions.cs @@ -58,9 +58,9 @@ public static IApplicationBuilder UseContentSecurityPolicyHeader(this IApplicati /// /// The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of /// Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response - /// body to be interpreted and displayed as a content type other than the declared content type. Current (early - /// 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing - /// MIME-sniffing. + /// body to be interpreted and displayed as a content type other than the declared content type. Current (younger + /// than early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than + /// performing MIME-sniffing. /// public static IApplicationBuilder UseContentTypeOptionsHeader(this IApplicationBuilder app) => app.Use(async (context, next) =>