juunas11 / aspnetcore-security-headers Public

Notifications You must be signed in to change notification settings
Fork 43
Star 267

Code
Issues 30
Pull requests 6
Actions
Security
Insights

Additional navigation options

Code
Issues
Pull requests
Actions
Security
Insights

Issues: juunas11/aspnetcore-security-headers

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

30 Open 22 Closed

Author

Filter by author

Label

Filter by label

Use alt + click/return to exclude labels

or ⇧ + click/return for logical OR

Projects

Filter by project

Milestones

Filter by milestone

Assignee

Filter by who’s assigned

Assigned to nobody

Sort

Sort by

Newest Oldest Most commented Least commented Recently updated Least recently updated Best match

Most reactions

Issues list

Why is child-src deprecated

#81 opened Dec 19, 2024 by niemyjski

Feature Request - Allow the CSP to be updated at run time

#80 opened Nov 14, 2024 by PJTewkesbury

nonce is generating with + symbol but .net core is encoding it

#79 opened May 23, 2024 by mohdyasar

CspFontsBuilder doesn't allow CspFontSrcOptions.AllowDataScheme to be set

#78 opened May 20, 2024 by paultew

Using Nonces with Blazor

#77 opened May 6, 2024 by Clive321A

Configure CSP in appsettings.json but want to set OnSendingHeader

#76 opened Mar 18, 2024 by litera

The GetNonce method returns an incorrect value during an ajax request

#75 opened Dec 1, 2023 by Lukas-26

Alternative syntax

#70 opened Apr 4, 2023 by gatecrasher63

Using SHA. How do I use it?

#69 opened Mar 9, 2023 by gatecrasher63

Rename header "Feature Policy" to "Permissions-Policy"

#65 opened Jan 6, 2023 by alexandrejulien

add nonce attribute for devextreme components

#64 opened Dec 27, 2022 by Thabot011

Add Antiforgery Token to report violations post.

#63 opened Sep 21, 2022 by malylemire1

Path in ReportViolationsTo causes 404 when using IIS

#62 opened Jul 18, 2022 by Rakshasas

Add support of 'require-trusted-types-for' csp directive

#57 opened Dec 2, 2021 by luber

Add CspReport Object

#54 opened Jul 28, 2021 by Matti-Koopa

Add support for report-sample

#53 opened Apr 14, 2021 by j-hudecek

Usage with a single page application

#51 opened May 20, 2020 by TheKnarf

Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive:

#49 opened Nov 28, 2019 by vankampenp

Add report options to UseXXssProtection

#48 opened Oct 28, 2019 by jamesharling

Add a tag helper to automatically put SHA hash into CSP - alternative to nonce

#47 opened Oct 11, 2019 by shand-obs

Nonce not working in asp.net core mvc

#45 opened Sep 1, 2019 by Ephaltes

Disable output of "upgrade-insecure-requests" in "report only" mode

#42 opened May 3, 2019 by mgroetan

Support new "report-to" directive and header.

#40 opened Apr 12, 2019 by jpknoll

Add Security Headers in Response.OnStarting

#39 opened Apr 11, 2019 by agilenut

'unsafe-inline' is ignored if either a hash or nonce value is present in the source list

#31 opened Oct 3, 2018 by ace37

Previous 1 2 Next

Previous Next

ProTip! Type g p on any issue or pull request to go back to the pull request listing page.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly