Skip to content
master
Switch branches/tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
src
 
 
 
 
 
 
 
 

Security Headers Middleware

Build Status NuGet Status NuGet Status

Middlewares to set useful security-related HTTP headers in your OWIN application. (From OWASP list)

Already implemented

  • Strict-Transport-Security incl. options
  • X-Frame-Options incl. supporting multiple origins
  • X-XSS-Protection incl. disabling (but I don't know why).
  • X-Content-Type-Options
  • Content-Security-Policy 2 (except Hash and Nonce)
  • Content-Security-Policy-Report-Only

Workaround for using in .Net Core (Thanks to @imperugo)

https://github.com/aspnet-contrib/AspNet.Hosting.Extensions

Using

See the tests as examples of usage:

Developed with

MarkdownPad 2 JetBrains ReSharper

About

OWIN Middlewares to set useful security-related HTTP header (STS, Anti-Clickjacking, XSS, CSP).

Resources

License

Packages

No packages published

Languages