Daifuku

What Daifuku can do?

Configure the HTTP request pipeline

public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
  // set Server
  app.UseServerHeader();

  // set Powered by
  app.UsePoweredBy();

  // set No Mime Sniff
  app.UseNoMimeSniff();

  // set Referrer policy
  app.UseReferrerPolicy(ReferrerPolicy.NoReferrer);

  // set Frame guard
  app.UseFrameGuard(new FrameGuardOptions(FrameGuard.SameOrigin));

  // set XSS protection
  app.UseXssProtection(XssProtection.EnabledWithBlock);

  // or just forget all settings and use default pipeline :)
  app.UseDaifuku();

  // pipeline stuff below is not set in UseDaifuku
  // ---------------------------------------------

  // do we use HTTPS?
  //var options = new RewriteOptions().AddRedirectToHttpsPermanent();
  //app.UseRewriter(options);
  app.UseHsts();

  // configure domain redirects
  app.RedirectDomains(new Dictionary<string, string>
  {
      { "daifu.ku", "www.daifu.ku" },
      { "test.azurewebsites.net", "www.daifu.ku" },
  });

  // set custom header
  app.UseCustomHeader("X-Overlord", "Daifuku");

  // set Content Security Policy
  app.UseContentSecurityPolicy(
    new ContentSecurityPolicyBuilder()
    .WithDefaultSource(CspConstants.Self)
    .WithImageSource("http://blobs.daifu.ku")
    .WithFontSource(CspConstants.Self)
    .WithFrameAncestors(CspConstants.None)
    .WithMediaSource(CspConstants.Schemes.MediaStream)
    .BuildPolicy());

  // set Expect CT
  app.UseExpectCt(86400, "https://daifu.ku/report");

  // set Feature Policy
  app.UseFeaturePolicy(new FeaturePolicyBuilder()
    .WithAutoplay(CspConstants.Self)
    .WithAutoplay("http://*.daifu.ku")
    .WithGeolocation(CspConstants.None)
    .BuildPolicy());
            
  // set healhtz endpoint
  app.UseHealthz(); // default path is /healthz  

Tag helpers

AddCssClassTagHelper

Adds CSS classes in HTML element.

<!-- razor -->
<div class="foundation" add-css-class-foo="42 % 2 == 0" add-css-class-bar="42 % 2 != 0">content</div>

<!-- html -->
<div class="foundation foo">content</div>

DisplayNameForTagHelper

Adds display name attribute into content of HTML element.

class ComicGirl
{
    [Display(Name = "Abababa")]
    public string Moeta { get; set; }

    public int Something { get; set; }
}

<!-- razor -->
@model ComicGirl
<span asp-display-name-for="Moeta"></span>
<span asp-display-name-for="Something"></span>

<!-- html -->
<span>Abababa</span>
<span>Something</span>

MarkdownTagHelper

Display Markdown converted to html using Markdig.

<markdown>
Learn how to build ASP.NET apps that can run anywhere now @DateTime.Now
[Learn More](https://go.microsoft.com/fwlink/?LinkID=525028&clcid=0x409){class="btn btn-default"}
</markdown>

Or using model

@{
  var markdown = "And so on...";
}
<markdown markdown="@markdown"></markdown>

Services

UniversalTime

Simple service returning a current time for a given timezone or UTC if not set.

public void ConfigureServices(IServiceCollection services)
{  
  services.AddSingleton<IUniversalTimeConfiguration>(new UniversalTimeConfiguration("Central European Standard Time"));
  services.AddUniversalTime();

  // or

  services.AddUniversalTime("Central European Standard Time");

  // or

  services.AddUniversalTime(); // default is UTC time

  // or

  services.AddUniversalTime(TimeZoneInfo.Local); // provide directly TimeZoneInfo
}

Inject anywhere

public Ctor(IUniversalTime universalTime)
{
  var now = universalTime.Now;
}

IIS

As long as IIS injects some headers you can clean up headers configuring your web.config

<configuration>
  <system.webServer>
    <httpProtocol>
      <customHeaders>
        <clear />
      </customHeaders>
      <redirectHeaders>
        <clear />
      </redirectHeaders>
    </httpProtocol>
  </system.webServer>
</configuration>

External documents

HTTP headers @ MDN web docs moz://a

Acknowledgement

HardHat by TerribleDev

License

MIT © frohikey / Goto10 s.r.o.