From 25031489c12ff92ce94387cc81f4bf3adb9adf91 Mon Sep 17 00:00:00 2001 From: costellobot <102549341+costellobot@users.noreply.github.com> Date: Tue, 21 May 2024 19:30:56 +0100 Subject: [PATCH] Update .NET SDK to 9.0.100-preview.4.24267.66 (#456) * Update .NET SDK Update .NET SDK to version 9.0.100-preview.4.24267.66. --- updated-dependencies: - dependency-name: Microsoft.NET.Sdk dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: costellobot <102549341+costellobot@users.noreply.github.com> * Bump Microsoft.AspNetCore.AzureAppServices.HostingStartup from 9.0.0-preview.3.24172.13 to 9.0.0-preview.4.24267.6 Bumps Microsoft.AspNetCore.AzureAppServices.HostingStartup from 9.0.0-preview.3.24172.13 to 9.0.0-preview.4.24267.6. --- updated-dependencies: - dependency-name: Microsoft.AspNetCore.AzureAppServices.HostingStartup dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: costellobot <102549341+costellobot@users.noreply.github.com> * Fix build - Bump Apple OAuth provider for preview 4. - Fix ambiguous method. --------- Signed-off-by: costellobot <102549341+costellobot@users.noreply.github.com> Co-authored-by: Martin Costello --- global.json | 2 +- .../SecurityHeadersMiddleware.cs | 36 +++++++++---------- src/SignInWithApple/SignInWithApple.csproj | 4 +-- 3 files changed, 20 insertions(+), 22 deletions(-) diff --git a/global.json b/global.json index 18401871..da80cf3f 100644 --- a/global.json +++ b/global.json @@ -1,6 +1,6 @@ { "sdk": { - "version": "9.0.100-preview.3.24204.13", + "version": "9.0.100-preview.4.24267.66", "allowPrerelease": false } } diff --git a/src/SignInWithApple/SecurityHeadersMiddleware.cs b/src/SignInWithApple/SecurityHeadersMiddleware.cs index 0260daf8..d474e387 100644 --- a/src/SignInWithApple/SecurityHeadersMiddleware.cs +++ b/src/SignInWithApple/SecurityHeadersMiddleware.cs @@ -9,25 +9,23 @@ internal sealed class SecurityHeadersMiddleware(RequestDelegate next) { private static readonly string ContentSecurityPolicy = string.Join( ';', - [ - "default-src 'self'", - "script-src 'self' cdnjs.cloudflare.com", - "script-src-elem 'self' cdnjs.cloudflare.com", - "style-src 'self' cdnjs.cloudflare.com use.fontawesome.com", - "style-src-elem 'self' cdnjs.cloudflare.com", - "img-src 'self' data:", - "font-src 'self' cdnjs.cloudflare.com", - "connect-src 'self'", - "media-src 'none'", - "object-src 'none'", - "child-src 'none'", - "frame-ancestors 'none'", - "form-action 'self' appleid.apple.com", - "block-all-mixed-content", - "base-uri 'self'", - "manifest-src 'self'", - "upgrade-insecure-requests", - ]); + "default-src 'self'", + "script-src 'self' cdnjs.cloudflare.com", + "script-src-elem 'self' cdnjs.cloudflare.com", + "style-src 'self' cdnjs.cloudflare.com use.fontawesome.com", + "style-src-elem 'self' cdnjs.cloudflare.com", + "img-src 'self' data:", + "font-src 'self' cdnjs.cloudflare.com", + "connect-src 'self'", + "media-src 'none'", + "object-src 'none'", + "child-src 'none'", + "frame-ancestors 'none'", + "form-action 'self' appleid.apple.com", + "block-all-mixed-content", + "base-uri 'self'", + "manifest-src 'self'", + "upgrade-insecure-requests"); public Task Invoke(HttpContext context) { diff --git a/src/SignInWithApple/SignInWithApple.csproj b/src/SignInWithApple/SignInWithApple.csproj index 747721ff..d98b82ef 100644 --- a/src/SignInWithApple/SignInWithApple.csproj +++ b/src/SignInWithApple/SignInWithApple.csproj @@ -16,10 +16,10 @@ 4.0.0 - + - +