ASP.NET Core basic middleware for supporting HTTPS Redirection and HTTP Strict-Transport-Security.
This package was built from the source code at https://github.com/aspnet/BasicMiddleware/tree/2d3ad1cb0f9872da40c6d143ce4554563971ae04
Middleware for adding security headers to an ASP.NET Core application. Allows you to easily add Content Security Policy, Strict Transport Security, and Public Key Pins to an app.
Lib.AspNetCore.Security is a library which provides security features like Content Security Policy, Strict Transport Security or Expect-CT for ASP.NET Core
HTTP Strict Transport Security (HSTS) describes a method for a web site to tell client browsers that they should only interact with it over secure transport, i.e. TLS Whilst there have been browser plugins which support this draft specification, support for HSTS was announced for v4 of Google Chrome...
More information
Adds extra security measures for PEN tests:
- Set all timeouts to 20 minutes
- Forces SSL on all requests
- Enforces HTTPOnly and SSL cookies
- Clears unneeded HTTP header information
- Disables iFraming and adds Strict-Transport-Security to HTTP header
- Contains...
More information
ASP.NET Core middleware that enforce that https scheme is used and that adds the HTTP Strict Transport (HSTS) header for all HTTP responses to request made using https scheme.
Adds/removes conservative set of security minded HTTP headers and redirects HTTP requests to HTTPS while maintaining keep alive functionality. Now supports Application Insights. For full details see readme.md on project site.