From 2448148bacbb4d7687d765692eb4cdd7faff8e65 Mon Sep 17 00:00:00 2001 From: Ali Almaktoum Date: Fri, 6 Mar 2020 13:31:08 +1000 Subject: [PATCH] Add xFrameOptions configure option and deprecate xFrameOptionAllowFrom (#510) Added XFrameOptions --- ...PublicSurfaceAreaShouldNotRegress..NETCore.approved.txt | 2 ++ ...cSurfaceAreaShouldNotRegress..NETFramework.approved.txt | 2 ++ .../Octopus.Client/Model/WebPortalConfigurationResource.cs | 7 ++++++- 3 files changed, 10 insertions(+), 1 deletion(-) diff --git a/source/Octopus.Client.Tests/PublicSurfaceAreaFixture.ThePublicSurfaceAreaShouldNotRegress..NETCore.approved.txt b/source/Octopus.Client.Tests/PublicSurfaceAreaFixture.ThePublicSurfaceAreaShouldNotRegress..NETCore.approved.txt index 67d6997e4..8faada094 100644 --- a/source/Octopus.Client.Tests/PublicSurfaceAreaFixture.ThePublicSurfaceAreaShouldNotRegress..NETCore.approved.txt +++ b/source/Octopus.Client.Tests/PublicSurfaceAreaFixture.ThePublicSurfaceAreaShouldNotRegress..NETCore.approved.txt @@ -5234,8 +5234,10 @@ Octopus.Client.Model class XOptionsResource { static System.String XFrameAllowFromDescription + static System.String XFrameOptionsDescription .ctor() String XFrameOptionAllowFrom { get; set; } + String XFrameOptions { get; set; } } } Octopus.Client.Model.Accounts diff --git a/source/Octopus.Client.Tests/PublicSurfaceAreaFixture.ThePublicSurfaceAreaShouldNotRegress..NETFramework.approved.txt b/source/Octopus.Client.Tests/PublicSurfaceAreaFixture.ThePublicSurfaceAreaShouldNotRegress..NETFramework.approved.txt index 696f10699..367a5e172 100644 --- a/source/Octopus.Client.Tests/PublicSurfaceAreaFixture.ThePublicSurfaceAreaShouldNotRegress..NETFramework.approved.txt +++ b/source/Octopus.Client.Tests/PublicSurfaceAreaFixture.ThePublicSurfaceAreaShouldNotRegress..NETFramework.approved.txt @@ -5258,8 +5258,10 @@ Octopus.Client.Model class XOptionsResource { static System.String XFrameAllowFromDescription + static System.String XFrameOptionsDescription .ctor() String XFrameOptionAllowFrom { get; set; } + String XFrameOptions { get; set; } } } Octopus.Client.Model.Accounts diff --git a/source/Octopus.Client/Model/WebPortalConfigurationResource.cs b/source/Octopus.Client/Model/WebPortalConfigurationResource.cs index 1ee18e142..890e6fbc2 100644 --- a/source/Octopus.Client/Model/WebPortalConfigurationResource.cs +++ b/source/Octopus.Client/Model/WebPortalConfigurationResource.cs @@ -45,9 +45,14 @@ public class WebPortalSecurityResource public class XOptionsResource { - public const string XFrameAllowFromDescription = "A uri to provide in the X-Frame-Option http header in conjunction with the ALLOW-FROM value."; + public const string XFrameAllowFromDescription = "(Deprecated) A uri to provide in the X-Frame-Option http header in conjunction with the ALLOW-FROM value."; + public const string XFrameOptionsDescription = "Provide in the X-Frame-Option http header a directive such as sameorigin or deny."; + [Writeable] public string XFrameOptionAllowFrom { get; set; } + + [Writeable] + public string XFrameOptions { get; set; } } }