Feature/add net 8 #94
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
… Response.Headers.Add
…moved a point in the Readme which is no longer true
…itten in the UK, where a year isn't required in the copyright statement in order to protect it)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Rationale For This PR
This library didn't explicitly support .NET 8 out of the box. .NET was released in November of 2023, so it was time to support it.
This PR adds support for .NET 8 to both OwaspHeaders.Core and the Tests library. It also contains a version bump to 8.1.0 - the rationale for the version bump as a minor version change is that this doesn't represent a major change in functionality (unless consumers are using .NET8, that is).
Warnings
The following warnings have been explicitly disabled in this PR:
ASP0019 is related to calling
Repsonse.Headers.Add(string, string)on the HttpContext object and states:This warning can be safely ignored because injecting a header with the same name in the three places where this warning occurs is very difficult to do. In fact, the two places where it happens in the OwaspHeaders.Test project would require code changes to make it happen, and if that happens then the tests will fail anyway.
It's not impossible for this to happen in the the actually library code (i.e. at
public static bool ResponseContainsHeader(this HttpContext httpContext, string header)in Extensions/HttpContextExtensions.cs), but making it happen would require some precise timing and thread unsafe code. It's possible, but would be hard to do.