Skip to content
Snippets Groups Projects
Select Git revision
  • 712f391a81b3cb873c7ad57cf0aa72b0f5316925
  • master default protected
  • dev protected
  • Issue/3003-stsInstitute
  • gitkeep
  • Issue/2449-GuidPidSlugToProjectSettings
  • Issue/2309-docs
  • Fix/xxxx-updateDependencies
  • Issue/2364-testingKpiParser
  • Issue/2287-guestRole
  • Test/xxxx-pipelineTriggers
  • Issue/2102-gitLabResTypeRCV
  • Issue/2278-gitlabToS
  • Issue/2101-gitLabResTypeUi
  • Issue/1788-extractionCronjob
  • Issue/2183-kpiGeneratorResource
  • Issue/2222-resourceDateCreated
  • Issue/2221-projectDateCreated
  • Issue/1321-pidEnquiryOverhaul
  • Issue/1999-gitlabResourcesLib
  • Issue/1951-quotaImplementation
  • v2.22.0
  • v2.20.0
  • v2.19.1
  • v2.19.0
  • v2.18.0
  • v2.17.0
  • v2.16.2
  • v2.16.1
  • v2.16.0
  • v2.15.0
  • v2.14.0
  • v2.13.0
  • v2.12.1
  • v2.12.0
  • v2.11.1
  • v2.11.0
  • v2.10.1
  • v2.10.0
  • v2.9.1
  • v2.9.0
41 results

ResourceModel.cs

Blame
    • Code owners
    Assign users and groups as approvers for specific file changes. Learn more.
    SameSiteHelper.cs 2.38 KiB 
    using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Text.RegularExpressions;
using System.Threading.Tasks;

namespace Sustainsys.Saml2
{
    /// <summary>
    /// Simple default implementation of detection of browsers/devices not compatible with
    /// the SameSite=None cookie attribute.
    /// Based on https://docs.microsoft.com/en-us/aspnet/core/security/samesite?view=aspnetcore-3.1
    /// </summary>
    public static class SameSiteHelper
    {
        /// <summary>
        /// Should a SameSite=None cookie attribute be emitted?
        /// </summary>
        /// <param name="userAgent">User Agent string</param>
        /// <returns>True if SameSite=None should be emitted.</returns>
        public static bool EmitSameSiteNone(string userAgent)
        => !DisallowsSameSiteNone(userAgent);

        private static bool DisallowsSameSiteNone(string userAgent)
        {
            // Cover all iOS based browsers here. This includes:
            // - Safari on iOS 12 for iPhone, iPod Touch, iPad
            // - WkWebview on iOS 12 for iPhone, iPod Touch, iPad
            // - Chrome on iOS 12 for iPhone, iPod Touch, iPad
            // All of which are broken by SameSite=None, because they use the iOS networking
            // stack.
            if (userAgent.Contains("CPU iPhone OS 12") ||
                userAgent.Contains("iPad; CPU OS 12"))
            {
                return true;
            }

            // Cover Mac OS X based browsers that use the Mac OS networking stack. 
            // This includes:
            // - Safari on Mac OS X.
            // This does not include:
            // - Chrome on Mac OS X
            // Because they do not use the Mac OS networking stack.
            if (userAgent.Contains("Macintosh; Intel Mac OS X 10_14") &&
                userAgent.Contains("Version/") && userAgent.Contains("Safari"))
            {
                return true;
            }

            // Cover Chrome 50-69, because some versions are broken by SameSite=None, 
            // and none in this range require it.
            // Note: this covers some pre-Chromium Edge versions, 
            // but pre-Chromium Edge does not require SameSite=None.
            if (userAgent.Contains("Chrome/5") || userAgent.Contains("Chrome/6"))
            {
                return true;
            }

            return false;
        }
    }
}