Skip to content
/ AspNetCoreHeaders Public

ASP.NET Core middleware for fluently configuring response headers

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Vivelin/AspNetCoreHeaders

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits

Vivelin.AspNetCore.Headers.Tests

Vivelin.AspNetCore.Headers.Tests

 
 

Vivelin.AspNetCore.Headers

Vivelin.AspNetCore.Headers

 
 

.gitattributes

.gitattributes

 
 

.gitignore

.gitignore

 
 

README.md

README.md

 
 

Vivelin.AspNetCore.Headers.sln

Vivelin.AspNetCore.Headers.sln

 
 

Repository files navigation

Vivelin.AspNetCore.Headers

ASP.NET Core middleware for fluently configuring response headers.

Build status NuGet

Example usage

using Vivelin.AspNetCore.Headers;

// ...

public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
    // ...
    
    app.UseResponseHeaders(options =>
    {
        options
            .AddXssProtection(block: true)
            .AddReferrerPolicy(ReferrerPolicy.StrictOrigin)
            .AddContentSecurityPolicy(csp =>
            {
                csp.Default
                    .AllowFromSelf();
                csp.Styles
                    .AllowFromSelf()
                    .AllowFromOrigin("https://fonts.googleapis.com");
                csp.Fonts
                    .AllowFromSelf()
                    .AllowFromOrigin("https://fonts.gstatic.com");
                csp.Fetch
                    .AllowFromSelf()
                    .AllowFromOrigin("https://api.twitch.tv");
                csp.Images
                    .AllowFromSelf()
                    .AllowFromOrigin("https://static-cdn.jtvnw.net");
            });
    });
    
    // ...
}

The example above will result in the following headers being added to responses:

x-xss-protection: 1; mode=block
referrer-policy: strict-origin
content-security-policy: connect-src 'self' https://api.twitch.tv ; default-src 'self' ; font-src 'self' https://fonts.gstatic.com ; img-src 'self' https://static-cdn.jtvnw.net ; style-src 'self' https://fonts.googleapis.com

About

ASP.NET Core middleware for fluently configuring response headers

Topics

http asp-net-core net-standard-2 http-headers

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages