Skip to content
Snippets Groups Projects
Select Git revision
  • 712f391a81b3cb873c7ad57cf0aa72b0f5316925
  • master default protected
  • dev protected
  • Issue/3003-stsInstitute
  • gitkeep
  • Issue/2449-GuidPidSlugToProjectSettings
  • Issue/2309-docs
  • Fix/xxxx-updateDependencies
  • Issue/2364-testingKpiParser
  • Issue/2287-guestRole
  • Test/xxxx-pipelineTriggers
  • Issue/2102-gitLabResTypeRCV
  • Issue/2278-gitlabToS
  • Issue/2101-gitLabResTypeUi
  • Issue/1788-extractionCronjob
  • Issue/2183-kpiGeneratorResource
  • Issue/2222-resourceDateCreated
  • Issue/2221-projectDateCreated
  • Issue/1321-pidEnquiryOverhaul
  • Issue/1999-gitlabResourcesLib
  • Issue/1951-quotaImplementation
  • v2.22.0
  • v2.20.0
  • v2.19.1
  • v2.19.0
  • v2.18.0
  • v2.17.0
  • v2.16.2
  • v2.16.1
  • v2.16.0
  • v2.15.0
  • v2.14.0
  • v2.13.0
  • v2.12.1
  • v2.12.0
  • v2.11.1
  • v2.11.0
  • v2.10.1
  • v2.10.0
  • v2.9.1
  • v2.9.0
41 results

ResourceModel.cs

Blame
  • Code owners
    Assign users and groups as approvers for specific file changes. Learn more.
    SameSiteHelper.cs 2.38 KiB
    using System;
    using System.Collections.Generic;
    using System.Linq;
    using System.Text;
    using System.Text.RegularExpressions;
    using System.Threading.Tasks;
    
    namespace Sustainsys.Saml2
    {
        /// <summary>
        /// Simple default implementation of detection of browsers/devices not compatible with
        /// the SameSite=None cookie attribute.
        /// Based on https://docs.microsoft.com/en-us/aspnet/core/security/samesite?view=aspnetcore-3.1
        /// </summary>
        public static class SameSiteHelper
        {
            /// <summary>
            /// Should a SameSite=None cookie attribute be emitted?
            /// </summary>
            /// <param name="userAgent">User Agent string</param>
            /// <returns>True if SameSite=None should be emitted.</returns>
            public static bool EmitSameSiteNone(string userAgent)
            => !DisallowsSameSiteNone(userAgent);
    
            private static bool DisallowsSameSiteNone(string userAgent)
            {
                // Cover all iOS based browsers here. This includes:
                // - Safari on iOS 12 for iPhone, iPod Touch, iPad
                // - WkWebview on iOS 12 for iPhone, iPod Touch, iPad
                // - Chrome on iOS 12 for iPhone, iPod Touch, iPad
                // All of which are broken by SameSite=None, because they use the iOS networking
                // stack.
                if (userAgent.Contains("CPU iPhone OS 12") ||
                    userAgent.Contains("iPad; CPU OS 12"))
                {
                    return true;
                }
    
                // Cover Mac OS X based browsers that use the Mac OS networking stack. 
                // This includes:
                // - Safari on Mac OS X.
                // This does not include:
                // - Chrome on Mac OS X
                // Because they do not use the Mac OS networking stack.
                if (userAgent.Contains("Macintosh; Intel Mac OS X 10_14") &&
                    userAgent.Contains("Version/") && userAgent.Contains("Safari"))
                {
                    return true;
                }
    
                // Cover Chrome 50-69, because some versions are broken by SameSite=None, 
                // and none in this range require it.
                // Note: this covers some pre-Chromium Edge versions, 
                // but pre-Chromium Edge does not require SameSite=None.
                if (userAgent.Contains("Chrome/5") || userAgent.Contains("Chrome/6"))
                {
                    return true;
                }
    
                return false;
            }
        }
    }