diff options
author | Ed Tanous <ed.tanous@intel.com> | 2018-05-23 01:27:24 +0300 |
---|---|---|
committer | Ed Tanous <ed.tanous@intel.com> | 2018-07-27 01:54:37 +0300 |
commit | 55c7b7a2e58779580f33046d2dd8649243776700 (patch) | |
tree | eed2d032dff3e18c4a8d4778e8f52ae5864620ee /include/security_headers_middleware.hpp | |
parent | 1752c9657b56a6e1950d8725f44f4298c9872c63 (diff) | |
download | bmcweb-55c7b7a2e58779580f33046d2dd8649243776700.tar.xz |
Move over to upstream c++ style
This patchset moves bmcweb over to the upstream style naming
conventions for variables, classes, and functions, as well as imposes
the latest clang-format file.
This changeset was mostly built automatically by the included
.clang-tidy file, which has the ability to autoformat and auto rename
variables. At some point in the future I would like to see this in
greater use, but for now, we will impose it on bmcweb, and see how it
goes.
Tested: Code still compiles, and appears to run, although other issues
are possible and likely.
Change-Id: If422a2e36df924e897736b3feffa89f411d9dac1
Signed-off-by: Ed Tanous <ed.tanous@intel.com>
Diffstat (limited to 'include/security_headers_middleware.hpp')
-rw-r--r-- | include/security_headers_middleware.hpp | 49 |
1 files changed, 24 insertions, 25 deletions
diff --git a/include/security_headers_middleware.hpp b/include/security_headers_middleware.hpp index 19369f9711..f7bc478d97 100644 --- a/include/security_headers_middleware.hpp +++ b/include/security_headers_middleware.hpp @@ -4,47 +4,46 @@ #include <crow/http_response.h> namespace crow { -static const char* strict_transport_security_key = "Strict-Transport-Security"; -static const char* strict_transport_security_value = +static const char* strictTransportSecurityKey = "Strict-Transport-Security"; +static const char* strictTransportSecurityValue = "max-age=31536000; includeSubdomains; preload"; -static const char* ua_compatability_key = "X-UA-Compatible"; -static const char* ua_compatability_value = "IE=11"; +static const char* uaCompatabilityKey = "X-UA-Compatible"; +static const char* uaCompatabilityValue = "IE=11"; -static const char* xframe_key = "X-Frame-Options"; -static const char* xframe_value = "DENY"; +static const char* xframeKey = "X-Frame-Options"; +static const char* xframeValue = "DENY"; -static const char* xss_key = "X-XSS-Protection"; -static const char* xss_value = "1; mode=block"; +static const char* xssKey = "X-XSS-Protection"; +static const char* xssValue = "1; mode=block"; -static const char* content_security_key = "X-Content-Security-Policy"; -static const char* content_security_value = "default-src 'self'"; +static const char* contentSecurityKey = "X-Content-Security-Policy"; +static const char* contentSecurityValue = "default-src 'self'"; -static const char* pragma_key = "Pragma"; -static const char* pragma_value = "no-cache"; +static const char* pragmaKey = "Pragma"; +static const char* pragmaValue = "no-cache"; -static const char* cache_control_key = "Cache-Control"; -static const char* cache_control_value = "no-Store,no-Cache"; +static const char* cacheControlKey = "Cache-Control"; +static const char* cacheControlValue = "no-Store,no-Cache"; struct SecurityHeadersMiddleware { - struct context {}; + struct Context {}; - void before_handle(crow::request& req, response& res, context& ctx) {} + void beforeHandle(crow::Request& req, Response& res, Context& ctx) {} - void after_handle(request& req, response& res, context& ctx) { + void afterHandle(Request& req, Response& res, Context& ctx) { /* TODO(ed) these should really check content types. for example, X-UA-Compatible header doesn't make sense when retrieving a JSON or javascript file. It doesn't hurt anything, it's just ugly. */ - res.add_header(strict_transport_security_key, - strict_transport_security_value); - res.add_header(ua_compatability_key, ua_compatability_value); - res.add_header(xframe_key, xframe_value); - res.add_header(xss_key, xss_value); - res.add_header(content_security_key, content_security_value); - res.add_header(pragma_key, pragma_value); - res.add_header(cache_control_key, cache_control_value); + res.addHeader(strictTransportSecurityKey, strictTransportSecurityValue); + res.addHeader(uaCompatabilityKey, uaCompatabilityValue); + res.addHeader(xframeKey, xframeValue); + res.addHeader(xssKey, xssValue); + res.addHeader(contentSecurityKey, contentSecurityValue); + res.addHeader(pragmaKey, pragmaValue); + res.addHeader(cacheControlKey, cacheControlValue); } }; } // namespace crow |