AspNetCore.Hosting.ContentSecurityPolicies
2.0.0
dotnet add package AspNetCore.Hosting.ContentSecurityPolicies --version 2.0.0
NuGet\Install-Package AspNetCore.Hosting.ContentSecurityPolicies -Version 2.0.0
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.
<PackageReference Include="AspNetCore.Hosting.ContentSecurityPolicies" Version="2.0.0" />
For projects that support PackageReference, copy this XML node into the project file to reference the package.
paket add AspNetCore.Hosting.ContentSecurityPolicies --version 2.0.0
The NuGet Team does not provide support for this client. Please contact its maintainers for support.
#r "nuget: AspNetCore.Hosting.ContentSecurityPolicies, 2.0.0"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.
// Install AspNetCore.Hosting.ContentSecurityPolicies as a Cake Addin
#addin nuget:?package=AspNetCore.Hosting.ContentSecurityPolicies&version=2.0.0
// Install AspNetCore.Hosting.ContentSecurityPolicies as a Cake Tool
#tool nuget:?package=AspNetCore.Hosting.ContentSecurityPolicies&version=2.0.0
The NuGet Team does not provide support for this client. Please contact its maintainers for support.
AspNetCore.Hosting.ContentSecurityPolicies
ASP.NET Content Security Middleware
An easy middlware for instituting a Content Security Policy header in the ASP.NET pipeline
Basic use case (includes 'self' for default-src):
app.UseContentSecurityPolicy(policy => policy);
Standard use case:
app.UseContentSecurityPolicy(policy => policy
.WithDefaultSource(ContentSecurityPolicyResources.Self)
.WithImageSource(ContentSecurityPolicyResources.Self,
SchemaResources.Data)
.WithFontSource(ContentSecurityPolicyResources.Self,
ContentSecuritySourceResources.GoogleFonts)
.WithStyleSource(ContentSecurityPolicyResources.Self,
ContentSecuritySourceResources.GoogleFontStyles,
ContentSecuritySourceResources.Cloudflare)
.WithScriptSource(ContentSecurityPolicyResources.Self)
.WithConnectSource(ContentSecurityPolicyResources.Self,
ContentSecuritySourceResources.MicrosoftLogin,
ContentSecuritySourceResources.MicrosoftGraph)
.WithFrameSource(ContentSecurityPolicyResources.None)
.WithFrameAncestors(ContentSecurityPolicyResources.None);
)
Disable default-src 'self':
app.UseContentSecurityPolicy(policy => policy.WithoutDefaultSelf());
Use sandbox:
app.UseContentSecurityPolicy(policy => policy.WithSandBox(SandboxOptions.AllowScripts))
Use route specific policies:
References
| Product | Versions Compatible and additional computed target framework versions. |
|---|---|
| .NET | net8.0 is compatible. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. |
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.
-
net8.0
- No dependencies.
NuGet packages
This package is not used by any NuGet packages.
GitHub repositories
This package is not used by any popular GitHub repositories.
Migrated to .net 8 as primary target