NWebsec.AspNetCore.Middleware¶
NWebsec.AspNetCore.Middleware provides ASP.NET Core middleware that lets you output HTTP security headers. It currently supports:
- Strict-Transport-Security
- X-Content-Type-Options
- X-Download-Options
- X-Frame-Options
- X-Xss-Protection
- Content-Security-Policy
- X-Robots-Tag
In addition, it provides middleware for redirect validation.
Documentation¶
The middleware is documented alongside the web.config and MVC attributes. Refer to the Configuration for samples.