OwaspHeaders.Core is a collection of ASP.NET Core middleware classes designed to increase web application security by adopting the recommended OWASP settings.
The SecureHeadersMiddleware is used to inject the HTTP headers recommended by the OWASP Secure Headers project into all responses generated by the ASP.NET Core pipeline.
It is a highly configurable .NET Core middleware class which applies the headers which the consuming application requests – via a configuration file.
The complete source code for this project can be found in the following GitHub repository: https://github.com/GaProgMan/OwaspHeaders.Core
OwaspHeaders.Core has been released with an MIT licence. For a full description of the MIT licence, please click the following MIT image:
However, the tl;dr (too long; didn’t read) summary of the licence is available at the following link: https://tldrlegal.com/license/mit-license
The project utilises Continuous Integration and Continuous Delivery. Each time that a change is committed to the source code repository, it is packaged and sent to NuGet.
To obtain a packaged version of this project, please see the NuGet page for it: https://www.nuget.org/packages/OwaspHeaders.Core/
This project forms the basis for a series of blog posts that I have written on the topic of ASP.NET Core middleware.
If you would like to read about how I have developed the code in this repository, please see the first in the blog post series entitled: “.NET Core Middleware – OWASP Headers Part 1“