TerribleDev/HardHat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
5 Commits 2 Branches 8 Tags
8ad2fbc952ab156bc354b7f1c63d408088706f93
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Tommy Parnell 8ad2fbc952 Update Readme.md 
bullets yo
2016-12-27 10:34:40 -05:00
src
init
2016-12-23 22:02:33 -05:00
.gitattributes
Add .gitignore and .gitattributes.
2016-12-23 11:14:10 -05:00
.gitignore
Add .gitignore and .gitattributes.
2016-12-23 11:14:10 -05:00
global.json
Add project files.
2016-12-23 11:14:12 -05:00
HardHat.sln
add sln
2016-12-23 22:03:16 -05:00
Readme.md
Update Readme.md
2016-12-27 10:34:40 -05:00

Readme.md

HardHat adds various headers to help protect your site from vulnerablities.

In short this allows:


            app.DnsPrefetch(allow: false); //turn off dns prefetch to keep privacy of users on site
            app.AddFrameGuard(new FrameGuardOptions(FrameGuardOptions.FrameGuard.SAMEORIGIN)); //prevent content from being loaded in an iframe unless its within the same origin
            app.UseHsts(maxAge: 5000, includeSubDomains: true, preload: false); //enforce hsts

todo:

  • CSP
  • ie NoOpen
  • don't sniff mime type
  • XSS protection
  • disable referer
Reference in New Issue View Git Blame Copy Permalink
Description
Help secure .net core apps with various HTTP headers (such as CSP's)
asp-net-corecontent-security-policymiddlewarepublic-key-pinningsecurity
Readme 616 KiB
Languages
C# 86.5%
HTML 12.2%
CSS 0.8%
JavaScript 0.5%