Comments (4)
@Den-dp Thanks for the sample. I think it makes sense, let me think about it.
from lib.aspnetcore.security.
Looking great so far!
And it would be even better to have the ability to extend the behavior of IsCspReportRequest
method in order to cut some requests earlier (before they get deserialized by ContentSecurityPolicyViolationReportJsonDeserializer.DeserializeAsync
)
from lib.aspnetcore.security.
Hi @Den-dp,
Can you elaborate a little bit more on what would you had in mind?
from lib.aspnetcore.security.
@tpeczek sure! I'm thinking of something like that:
.MapContentSecurityPolicyReporting(ReportRoute, (context) => context.User.Identity.IsAuthenticated);
And thanks for the quick feedback!
from lib.aspnetcore.security.
Related Issues (20)
- Add support for Expect-CT header
- Add middleware for Expect-CT reporting
- Would you consider contributing to NWebSec? HOT 2
- Add support for X-Download-Options header
- Add support for X-Permitted-Cross-Domain-Policies header
- Add support for HTTP Public Key Pinning
- Add support for block-all-mixed-content directive in Content Security Policy
- Add support for frame-src directive in Content Security Policy
- Add support for plugin-types directive in Content Security Policy
- Add support for upgrade-insecure-requests in Content Security Policy
- Add support for worker-src directive in Content Security Policy
- Add ContentSecurityPolicySourceListBuilder
- Make nonce-source generation secure
- Add support for SHA384 and SHA512 hash algorithms in Content Security Policy
- Add hashes caching support in Content Security Policy tag helper
- Adding directly to the CSP sources from controller HOT 7
- Add Support for Permissions Policy and Mark Feature Policy Related APIs as Obsolete
- Add Ability for Providing Conditions for Handling Requests by Content-Security-Policy and Content-Security-Policy-Report-Only Violation Reports Endpoint
- Add middleware for Content Security Policy reporting
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from lib.aspnetcore.security.