You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
**ByteGuard.SecurityHeaders** is a lightweight security-focused middleware package for adding a baseline set of security response headers to **ASP.NET Core REST APIs**.
3
+
**ByteGuard.SecurityHeaders** is a lightweight security-focused middleware package for adding a baseline set of security response headers to **ASP.NET Core projects**.
4
4
5
5
It gives you:
6
6
7
-
- A single `app.UseDefaultSecurityHeaders()` call to apply sane defaults
7
+
- A single `app.UseDefaultApiSecurityHeaders()` call to apply sane defaults
8
8
- OWASP-inspired header values based on the REST Security Cheat Sheet
9
9
- An `Enforce` option to ensure the standard values are applied even if set elsewhere
10
10
@@ -17,7 +17,7 @@ It gives you:
17
17
- ✅ OWASP-inspired defaults for REST APIs
18
18
- ✅ Non-breaking by default (does not override existing headers)
19
19
- ✅ Optional **enforcement mode** to overwrite existing values
@@ -40,7 +40,7 @@ Add the middleware early in your pipeline:
40
40
```csharp
41
41
varapp=builder.Build();
42
42
43
-
app.UseDefaultSecurityHeaders();
43
+
app.UseDefaultApiSecurityHeaders();
44
44
45
45
app.MapControllers();
46
46
app.Run();
@@ -51,7 +51,7 @@ app.Run();
51
51
By default, the middleware will not override headers that are already present. If you want to ensure the standard values are always used (even if other middleware/controllers set them), enable enforcement:
/// Adds a small baseline set of <see href="https://cheatsheetseries.owasp.org/cheatsheets/REST_Security_Cheat_Sheet.html#security-headers">OWASP-inspired</see> security headers suitable for many REST APIs.
0 commit comments