Merge pull request #1 from contentstack/fix/security-issues

Refactor HomeController and ProductController to add HttpGet attribut…

Author: nadeem-cs

.github/workflows/codeql-analysis.yml

@@ -28,7 +28,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        language: [ 'csharp', 'javascript' ]
+        language: [ 'csharp' ]
         # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
         # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
 

.github/workflows/sca-scan.yml

@@ -6,10 +6,18 @@ jobs:
   security-sca:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@master
+      - name: Checkout repository
+        uses: actions/checkout@master
+      - name: Setup .NET Core @ Latest
+        uses: actions/setup-dotnet@v1
+        with:
+          dotnet-version: "7.0.x"
+      - name: Run Dotnet Restore
+        run: |
+          dotnet restore
       - name: Run Snyk to check for vulnerabilities
-        uses: snyk/actions/node@master
+        uses: snyk/actions/dotnet@master
         env:
           SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
         with:
-          args: --all-projects --fail-on=all
+          args: --file=contentstack-liquid-template-example/obj/project.assets.json --fail-on=all

LICENSE

@@ -1,6 +1,6 @@
 MIT License
 
-Copyright (c) 2012-2022 Contentstack (http://app.contentstack.com)
+Copyright (c) 2012-2026 Contentstack (http://app.contentstack.com)
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

contentstack-liquid-template-example/Controllers/HomeController.cs

@@ -6,33 +6,36 @@
 using System.Threading.Tasks;
 using Microsoft.AspNetCore.Mvc;
 using contentstack_liquid_template_example.Models;
-using Contentstack.Core;
-using Contentstack.Core.Models;
-using System.IO;
-
+using Contentstack.Core;
+using Contentstack.Core.Models;
+using System.IO;
+
 namespace contentstack_liquid_template_example.Controllers
 {
     public class HomeController : Controller
-    {
-        private readonly ContentstackClient _stack;
-        public HomeController(ContentstackClient stack) => _stack = stack;
+    {
+        private readonly ContentstackClient _stack;
+        public HomeController(ContentstackClient stack) => _stack = stack;
 
+        [HttpGet]
         public async Task<IActionResult> Index()
-        {
-            string result = string.Empty;
-            var query = _stack.ContentType("product").Query();
-            ContentstackCollection<ProductModel> products = await query.Find<ProductModel>();
-            var fileString = System.IO.File.ReadAllText(Path.GetFullPath("Views/Home/home.liquid"));
-            var template = Template.Parse(fileString);
-            result = template.Render(new { Products = products.Items });
-            return View("Index", result);
+        {
+            string result = string.Empty;
+            var query = _stack.ContentType("product").Query();
+            ContentstackCollection<ProductModel> products = await query.Find<ProductModel>();
+            var fileString = System.IO.File.ReadAllText(Path.GetFullPath("Views/Home/home.liquid"));
+            var template = Template.Parse(fileString);
+            result = template.Render(new { Products = products.Items });
+            return View("Index", result);
         }
 
+        [HttpGet]
         public IActionResult Privacy()
         {
             return View();
         }
 
+        [HttpGet]
         [ResponseCache(Duration = 0, Location = ResponseCacheLocation.None, NoStore = true)]
         public IActionResult Error()
         {

contentstack-liquid-template-example/Controllers/ProductController.cs

@@ -19,6 +19,7 @@ public class ProductController : Controller
         public ProductController(ContentstackClient stack) => _stack = stack;
 
         // GET: /<controller>/
+        [HttpGet]
         public IActionResult Index()
         {
             return View();