HardHat

Go to file

Tommy Parnell 32f41bd057 Update Readme.md

minor readme edit

2016-12-27 11:00:22 -05:00

src

init

2016-12-23 22:02:33 -05:00

.gitattributes

Add .gitignore and .gitattributes.

2016-12-23 11:14:10 -05:00

.gitignore

Add .gitignore and .gitattributes.

2016-12-23 11:14:10 -05:00

global.json

Add project files.

2016-12-23 11:14:12 -05:00

HardHat.sln

add sln

2016-12-23 22:03:16 -05:00

Readme.md

Update Readme.md

2016-12-27 11:00:22 -05:00

Readme.md

HardHat adds various headers to help protect your site from vulnerablities.

In short this allows:


 // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
        public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
        {
            ...
            app.DnsPrefetch(allow: false); //turn off dns prefetch to keep privacy of users on site
            app.AddFrameGuard(new FrameGuardOptions(FrameGuardOptions.FrameGuard.SAMEORIGIN)); //prevent content from being loaded in an iframe unless its within the same origin
            app.UseHsts(maxAge: 5000, includeSubDomains: true, preload: false); //enforce hsts
            ...
            app.UseMvc(routes =>
            {
                routes.MapRoute(
                    name: "default",
                    template: "{controller=Home}/{action=Index}/{id?}");
            });
        }
    }

todo:

CSP
ie NoOpen
don't sniff mime type
XSS protection
disable referer