a235591521
* Add CSP Header Check * Update src/Umbraco.Core/EmbeddedResources/Lang/en.xml Co-authored-by: Laura Neto <12862535+lauraneto@users.noreply.github.com> * Update src/Umbraco.Core/EmbeddedResources/Lang/en_us.xml Co-authored-by: Laura Neto <12862535+lauraneto@users.noreply.github.com> --------- Co-authored-by: Laura Neto <12862535+lauraneto@users.noreply.github.com>
32 lines
1.1 KiB
C#
32 lines
1.1 KiB
C#
// Copyright (c) Umbraco.
|
|
// See LICENSE for more details.
|
|
|
|
using Umbraco.Cms.Core.Hosting;
|
|
using Umbraco.Cms.Core.Services;
|
|
|
|
namespace Umbraco.Cms.Core.HealthChecks.Checks.Security;
|
|
|
|
/// <summary>
|
|
/// Health check for the recommended production setup regarding the content-security-policy header.
|
|
/// </summary>
|
|
[HealthCheck(
|
|
"10BEBF47-C128-4C5E-9680-5059BEAFBBDF",
|
|
"Content Security Policy (CSP)",
|
|
Description = "Checks whether the site contains a Content-Security-Policy (CSP) header.",
|
|
Group = "Security")]
|
|
public class CspCheck : BaseHttpHeaderCheck
|
|
{
|
|
private const string LocalizationPrefix = "contentSecurityPolicy";
|
|
|
|
/// <summary>
|
|
/// Initializes a new instance of the <see cref="CspCheck" /> class.
|
|
/// </summary>
|
|
public CspCheck(IHostingEnvironment hostingEnvironment, ILocalizedTextService textService)
|
|
: base(hostingEnvironment, textService, "Content-Security-Policy", LocalizationPrefix, false, false)
|
|
{
|
|
}
|
|
|
|
/// <inheritdoc />
|
|
protected override string ReadMoreLink => Constants.HealthChecks.DocumentationLinks.Security.CspHeaderCheck;
|
|
}
|