nightingaleproject · RobertScalfani · Nov 7, 2023 · Oct 31, 2023 · Nov 1, 2023
diff --git a/messaging/Controllers/SteveCapStmtController.cs b/messaging/Controllers/SteveCapStmtController.cs
@@ -14,7 +14,6 @@ namespace messaging.Controllers
     [ApiController]
     public class SteveCapabilityStatement : CapabilityStatement
     {
-        private readonly ApplicationDbContext _context;
         protected readonly ILogger<CapabilityStatement> _logger;
 
         public SteveCapabilityStatement(ILogger<CapabilityStatement> logger, ApplicationDbContext context) : base(logger, context)

diff --git a/messaging/Services/ConvertToIJEBackgroundWork.cs b/messaging/Services/ConvertToIJEBackgroundWork.cs
@@ -132,10 +132,6 @@ private IncomingMessageLog LatestMessageByNCHSId(string NCHSIdentifier)
             return this._context.IncomingMessageLogs.Where(l => l.NCHSIdentifier == NCHSIdentifier).OrderBy(l => l.MessageTimestamp).LastOrDefault();
         }
 
-        private bool IncomingMessageItemExists(long id)
-        {
-            return this._context.IncomingMessageItems.Any(e => e.Id == id);
-        }
     }
   }
 }
diff --git a/messaging/Startup.cs b/messaging/Startup.cs
@@ -55,6 +55,15 @@ public void Configure(IApplicationBuilder app, IWebHostEnvironment env, ILoggerF
         {
             app.UseHttpLogging();
             app.UseHttpsRedirection();
+            app.Use(async (context, next) =>
+            {
+                context.Response.Headers.Add("Content-Type", "application/json");
+                context.Response.Headers.Add("X-Content-Type-Options", "nosniff");
+                context.Response.Headers.Add("X-XSS-Protection", "1;mode=block");
+                context.Response.Headers.Add("Cache-Control", "no-store");
+                context.Response.Headers.Add("Content-Security-Policy", "default-src");
+                await next.Invoke();
+            });
             if (env.IsDevelopment())
             {
                 app.UseDeveloperExceptionPage();