NWebsec.AspNetCore.Middleware

NWebsec.AspNetCore.Middleware provides ASP.NET Core middleware that lets you output HTTP security headers. It currently supports:

  • Strict-Transport-Security
  • X-Content-Type-Options
  • X-Download-Options
  • X-Frame-Options
  • X-Xss-Protection
  • Content-Security-Policy
  • X-Robots-Tag

In addition, it provides middleware for redirect validation.

Documentation

The middleware is documented alongside the web.config and MVC attributes. Refer to the Configuration for samples.