Skip to content

Commit

Permalink
Merge pull request #337 from DFE-Digital/ithc-fixes
Browse files Browse the repository at this point in the history 
Ithc fixes
  • Loading branch information
@paullocknimble
paullocknimble authored Mar 16, 2023
2 parents 1bfb434 + a100864 commit a582164
Showing 1 changed file with 14 additions and 0 deletions.
14 changes: 14 additions & 0 deletions Dfe.Academies.External.Web/Program.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -202,6 +202,20 @@ static IAsyncPolicy<HttpResponseMessage> GetRetryPolicy()
builder.Services.AddQuartzHostedService(opt => { opt.WaitForJobsToComplete = true; });
var app = builder.Build();

// added content security policy, manual for now but should probably look at this package in the future NWebsec.AspNetCore.Middleware
app.Use(async (context, next) =>
{
if (!context.Response.Headers.ContainsKey("Content-Security-Policy"))
{
context.Response.Headers.Add("Content-Security-Policy", "default-src 'self' wss://localhost:44352/Dfe.Academies.External.Web/; script-src 'self' 'sha256-qL+CKdDo+s+wbAVlMRNaKTthlML5CHI7jaNN8xIHquM=' 'sha256-oJB7VN5D3FsVWp4IBkMG5wPNDs4/Yf73/2mCN7Va9ao=' 'sha256-mmu7ufJkx6yK/dAWH2qN/k0kRhIj7O1GP53WoweDgVw=' 'sha256-YXeAP6J7c5mHporqs1+yXBn3qwau95EZrnniBY+4bpQ=' 'sha256-l1eTVSK8DTnK8+yloud7wZUqFrI0atVo6VlC6PJvYaQ=' https://www.googletagmanager.com/gtm.js; style-src 'self'; font-src 'self'; img-src 'self'; frame-src 'self'");
}
if (!context.Response.Headers.ContainsKey("Feature-Policy"))
{
context.Response.Headers.Add("Feature-Policy", "accelerometer 'none'; camera 'none'; microphone 'none';");
}
await next();
});

var schedulerFactory = app.Services.GetRequiredService<ISchedulerFactory>();
var scheduler = await schedulerFactory.GetScheduler();

Expand Down

0 comments on commit a582164

Please sign in to comment.