diff --git a/framework/src/Volo.Abp.AspNetCore.SignalR/Volo/Abp/AspNetCore/SignalR/AbpAspNetCoreSignalRModule.cs b/framework/src/Volo.Abp.AspNetCore.SignalR/Volo/Abp/AspNetCore/SignalR/AbpAspNetCoreSignalRModule.cs index 90795891f9..541b36aa14 100644 --- a/framework/src/Volo.Abp.AspNetCore.SignalR/Volo/Abp/AspNetCore/SignalR/AbpAspNetCoreSignalRModule.cs +++ b/framework/src/Volo.Abp.AspNetCore.SignalR/Volo/Abp/AspNetCore/SignalR/AbpAspNetCoreSignalRModule.cs @@ -78,7 +78,7 @@ public class AbpAspNetCoreSignalRModule : AbpModule { foreach (var routePattern in routePatterns) { - options.IgnoredUrls.AddIfNotContains(x => routePattern.StartsWith(x), () => routePattern); + options.IgnoredUrls.AddIfNotContains(x => routePattern.StartsWith(x, StringComparison.OrdinalIgnoreCase), () => routePattern); } }); diff --git a/framework/src/Volo.Abp.AspNetCore/Volo/Abp/AspNetCore/Auditing/AbpAuditingMiddleware.cs b/framework/src/Volo.Abp.AspNetCore/Volo/Abp/AspNetCore/Auditing/AbpAuditingMiddleware.cs index 0c797a8dc2..0987a8fd8f 100644 --- a/framework/src/Volo.Abp.AspNetCore/Volo/Abp/AspNetCore/Auditing/AbpAuditingMiddleware.cs +++ b/framework/src/Volo.Abp.AspNetCore/Volo/Abp/AspNetCore/Auditing/AbpAuditingMiddleware.cs @@ -100,12 +100,12 @@ public class AbpAuditingMiddleware : IMiddleware, ITransientDependency } if (!AuditingOptions.IsEnabledForIntegrationServices && - context.Request.Path.Value.StartsWith($"/{AbpAspNetCoreConsts.DefaultIntegrationServiceApiPrefix}/")) + context.Request.Path.Value.StartsWith($"/{AbpAspNetCoreConsts.DefaultIntegrationServiceApiPrefix}/", StringComparison.OrdinalIgnoreCase)) { return true; } - if (AspNetCoreAuditingOptions.IgnoredUrls.Any(x => context.Request.Path.Value.StartsWith(x))) + if (AspNetCoreAuditingOptions.IgnoredUrls.Any(x => context.Request.Path.Value.StartsWith(x, StringComparison.OrdinalIgnoreCase))) { return true; } diff --git a/framework/src/Volo.Abp.AspNetCore/Volo/Abp/AspNetCore/Security/AbpSecurityHeadersMiddleware.cs b/framework/src/Volo.Abp.AspNetCore/Volo/Abp/AspNetCore/Security/AbpSecurityHeadersMiddleware.cs index aea345159a..ae2e3b173b 100644 --- a/framework/src/Volo.Abp.AspNetCore/Volo/Abp/AspNetCore/Security/AbpSecurityHeadersMiddleware.cs +++ b/framework/src/Volo.Abp.AspNetCore/Volo/Abp/AspNetCore/Security/AbpSecurityHeadersMiddleware.cs @@ -33,7 +33,7 @@ public class AbpSecurityHeadersMiddleware : IMiddleware, ITransientDependency var requestAcceptTypeHtml = context.Request.Headers["Accept"].Any(x => x!.Contains("text/html") || x.Contains("*/*") || x.Contains("application/xhtml+xml")); - + var endpoint = context.GetEndpoint(); if (endpoint?.Metadata.GetMetadata() != null) @@ -42,11 +42,11 @@ public class AbpSecurityHeadersMiddleware : IMiddleware, ITransientDependency return; } - if (!requestAcceptTypeHtml - || !Options.Value.UseContentSecurityPolicyHeader - || await AlwaysIgnoreContentTypes(context) + if (!requestAcceptTypeHtml + || !Options.Value.UseContentSecurityPolicyHeader + || await AlwaysIgnoreContentTypes(context) || endpoint == null - || Options.Value.IgnoredScriptNoncePaths.Any(x => context.Request.Path.StartsWithSegments(x.EnsureStartsWith('/')))) + || Options.Value.IgnoredScriptNoncePaths.Any(x => context.Request.Path.StartsWithSegments(x.EnsureStartsWith('/'), StringComparison.OrdinalIgnoreCase))) { AddOtherHeaders(context); await next.Invoke(context); @@ -71,7 +71,7 @@ public class AbpSecurityHeadersMiddleware : IMiddleware, ITransientDependency { return Task.CompletedTask; } - + if (context.Response.StatusCode is < 200 or > 299) { return Task.CompletedTask; @@ -85,7 +85,7 @@ public class AbpSecurityHeadersMiddleware : IMiddleware, ITransientDependency AddOtherHeaders(context); await next.Invoke(context); } - + private async Task AlwaysIgnoreContentTypes(HttpContext context) { foreach (var selector in Options.Value.IgnoredScriptNonceSelectors) @@ -95,7 +95,7 @@ public class AbpSecurityHeadersMiddleware : IMiddleware, ITransientDependency return true; } } - + return false; } @@ -130,7 +130,7 @@ public class AbpSecurityHeadersMiddleware : IMiddleware, ITransientDependency var newScriptSrcValue = scriptSrcValue + nonceStr; return Options.Value.ContentSecurityPolicyValue!.Replace(scriptSrcValue!, newScriptSrcValue); } - + protected virtual void AddHeader(HttpContext context, string key, string value, bool overrideIfExists = false) { @@ -142,4 +142,4 @@ public class AbpSecurityHeadersMiddleware : IMiddleware, ITransientDependency context.Response.Headers.AddIfNotContains(new KeyValuePair(key, value)); } -} \ No newline at end of file +} diff --git a/framework/src/Volo.Abp.AspNetCore/Volo/Abp/AspNetCore/Uow/AbpUnitOfWorkMiddleware.cs b/framework/src/Volo.Abp.AspNetCore/Volo/Abp/AspNetCore/Uow/AbpUnitOfWorkMiddleware.cs index 894595e2b7..186501b4ac 100644 --- a/framework/src/Volo.Abp.AspNetCore/Volo/Abp/AspNetCore/Uow/AbpUnitOfWorkMiddleware.cs +++ b/framework/src/Volo.Abp.AspNetCore/Volo/Abp/AspNetCore/Uow/AbpUnitOfWorkMiddleware.cs @@ -1,4 +1,5 @@ -using System.Linq; +using System; +using System.Linq; using System.Threading.Tasks; using Microsoft.AspNetCore.Http; using Microsoft.Extensions.Options; @@ -38,6 +39,6 @@ public class AbpUnitOfWorkMiddleware : IMiddleware, ITransientDependency private bool IsIgnoredUrl(HttpContext context) { return context.Request.Path.Value != null && - _options.IgnoredUrls.Any(x => context.Request.Path.Value.StartsWith(x)); + _options.IgnoredUrls.Any(x => context.Request.Path.Value.StartsWith(x, StringComparison.OrdinalIgnoreCase)); } }