From 8370288f2eb08e02739e89ca51ff51aac86734b2 Mon Sep 17 00:00:00 2001 From: Glenn Clarke Date: Mon, 24 Jun 2024 11:57:51 +0100 Subject: [PATCH] PC-1122: Updated header dictionary adding to new method (headers.append) --- SeaPublicWebsite/Middleware/BasicAuthMiddleware.cs | 2 +- SeaPublicWebsite/Middleware/SecurityHeadersMiddleware.cs | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/SeaPublicWebsite/Middleware/BasicAuthMiddleware.cs b/SeaPublicWebsite/Middleware/BasicAuthMiddleware.cs index ec65ba53..fc6975f2 100644 --- a/SeaPublicWebsite/Middleware/BasicAuthMiddleware.cs +++ b/SeaPublicWebsite/Middleware/BasicAuthMiddleware.cs @@ -93,7 +93,7 @@ private static void AddOrUpdateHeader(HttpContext httpContext, string headerName } else { - httpContext.Response.Headers.Add(headerName, headerValue); + httpContext.Response.Headers.Append(headerName, headerValue); } } } diff --git a/SeaPublicWebsite/Middleware/SecurityHeadersMiddleware.cs b/SeaPublicWebsite/Middleware/SecurityHeadersMiddleware.cs index 83df4129..dce68140 100644 --- a/SeaPublicWebsite/Middleware/SecurityHeadersMiddleware.cs +++ b/SeaPublicWebsite/Middleware/SecurityHeadersMiddleware.cs @@ -16,19 +16,19 @@ public Task Invoke(HttpContext context) { if (!context.Response.Headers.ContainsKey("X-Content-Type-Options")) { - context.Response.Headers.Add("X-Content-Type-Options", "nosniff"); + context.Response.Headers.Append("X-Content-Type-Options", "nosniff"); } if (!context.Response.Headers.ContainsKey("Content-Security-Policy")) { - context.Response.Headers.Add("Content-Security-Policy", + context.Response.Headers.Append("Content-Security-Policy", "default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'"); } if (!context.Response.Headers.ContainsKey("Referrer-Policy")) { - context.Response.Headers.Add("Referrer-Policy", "no-referrer"); + context.Response.Headers.Append("Referrer-Policy", "no-referrer"); }