Lib.AspNetCore.Security is a library which provides security features like Content Security Policy, Strict Transport Security or Expect-CT for ASP.NET Core
Full Changelog: https://github.com/tpeczek/Lib.AspNetCore.Security/compare/v3.2.0...v3.2.1
SecurityHeadersMiddleware
and XPermittedCrossDomainPoliciesHeaderValue
ContentSecurityPolicySourceListBuilder
which provides methods for building Content Security Policy source listSecurityHeadersMiddleware
and ReferrerPolicyHeaderValue
SecurityHeadersMiddleware
, XFrameOptionsAttribute
and XFrameOptionsHeaderValue
SecurityHeadersMiddleware
, XXssProtectionAttribute
and XXssProtectionHeaderValue
SecurityHeadersMiddleware
SecurityHeadersMiddleware
ISecurityHeadersReportingService
, ContentSecurityPolicyReportingMiddleware
and ContentSecurityPolicyViolationReport
HttpResponseHeadersExtensions
which provides methods for directly setting headers on responseSecurityHeadersMiddleware
to centralize security headers support. Initial support includes HSTS, CSP and Expect-CTRequireHstsAttribute
as HSTS support is now provided by SecurityHeadersMiddleware
ContentSecurityPolicyAttribute
as CSP support is now provided by SecurityHeadersMiddleware
(CSP tag helper and html helper now depend on SecurityHeadersMiddleware
)ExpectCtReportingMiddleware
, ExpectCtViolationReport
and ISecurityHeadersReportingService
for supporting Expect-CT violation reportsContentSecurityPolicyHeaderValue
, StrictTransportSecurityHeaderValue
and ExpectCtHeaderValue
for low level headers support