Changed var to const string per request.

chekm8 · chekm8 · commit 30488538495d · 2017-09-21T15:02:40.000-04:00
diff --git a/src/System.Web.WebPages/Helpers/AntiXsrf/AntiForgeryWorker.cs b/src/System.Web.WebPages/Helpers/AntiXsrf/AntiForgeryWorker.cs
@@ -104,7 +104,7 @@ public TagBuilder GetFormInputElement(HttpContextBase httpContext)
                 // Adding X-Frame-Options header to prevent ClickJacking. See
                 // http://tools.ietf.org/html/draft-ietf-websec-x-frame-options-10
                 // for more information.
-                var xFrameHeaderName = "X-Frame-Options";
+                const string xFrameHeaderName = "X-Frame-Options";
                 if (httpContext.Response.Headers[xFrameHeaderName] == null)
                 {
                     httpContext.Response.AddHeader(xFrameHeaderName, "SAMEORIGIN");

Original file line number	Diff line number	Diff line change
`@@ -104,7 +104,7 @@ public TagBuilder GetFormInputElement(HttpContextBase httpContext)`
`104`	`104`	`// Adding X-Frame-Options header to prevent ClickJacking. See`
`105`	`105`	`// http://tools.ietf.org/html/draft-ietf-websec-x-frame-options-10`
`106`	`106`	`// for more information.`
`107`		`- var xFrameHeaderName = "X-Frame-Options";`
	`107`	`+ const string xFrameHeaderName = "X-Frame-Options";`
`108`	`108`	`if (httpContext.Response.Headers[xFrameHeaderName] == null)`
`109`	`109`	`{`
`110`	`110`	`httpContext.Response.AddHeader(xFrameHeaderName, "SAMEORIGIN");`