Middleware for adding security headers to an ASP.NET Core application. Allows you to easily add Content Security Policy, Strict Transport Security, and Public Key Pins to an app.
Lib.Web.Mvc is a library which contains some helper classes for ASP.NET MVC such as strongly typed jqGrid helper, attribute and helper providing support for HTTP/2 Server Push with Cache Digest, attribute and helpers providing support for Content Security Policy Level 2, FileResult providing support...
More information
Lib.AspNetCore.Security is a library which provides security features like Content Security Policy, Strict Transport Security or Expect-CT for ASP.NET Core
sensenet is an Enterprise Content Services platform for .Net. This package contains installation items and should be installed only in a single web project. All other projects should reference the SenseNet.Services dll-only package.
Default MVC and Pages that can be used in combination with the firewall if you are OK with using the default implementation.
See https://www.asp-waf.com/documentation/setup for details
To enable the controllers in this NuGet package load the controller using the AddApplicationPart from...
More information
Support for Content Security Policy for ASP.NET applications.
New in version 1.0.10 - Full support for the 1.0 version of CSP. Includes some breaking config changes in preparation for the 1.0.
"options" is no longer available. The options have now been moved to allowedScriptSources...
More information
The Content Security Policy middleware for ASP.NET Core adds the Content-Security-Policy HTTP response header to reduce the risks of XSS attacks on modern browsers.
Build up Security Headers in a (semi) modular way.
To use in an ASP.Net Core web project.
In startup.cs - add the following private members to the startup class
private SecurityHeaders _securityHeaders { get; set; }
private List<CspFrame> _cspFrames { get; set; }
And the...
More information
