FoxLearn.AspNet.SecurityHeaders 1.0.1

.NET Framework 4.5 This package targets .NET Framework 4.5. The package is compatible with this framework or higher. 
dotnet add package FoxLearn.AspNet.SecurityHeaders --version 1.0.1
                    


                    

                
NuGet\Install-Package FoxLearn.AspNet.SecurityHeaders -Version 1.0.1
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package. 
<PackageReference Include="FoxLearn.AspNet.SecurityHeaders" Version="1.0.1" />
For projects that support PackageReference, copy this XML node into the project file to reference the package. 
<PackageVersion Include="FoxLearn.AspNet.SecurityHeaders" Version="1.0.1" />
                    


                            Directory.Packages.props
                        

                    

                
<PackageReference Include="FoxLearn.AspNet.SecurityHeaders" />
                    


                            Project file
For projects that support Central Package Management (CPM), copy this XML node into the solution Directory.Packages.props file to version the package. 
paket add FoxLearn.AspNet.SecurityHeaders --version 1.0.1
                    


                    

                
#r "nuget: FoxLearn.AspNet.SecurityHeaders, 1.0.1"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package. 
#:package FoxLearn.AspNet.SecurityHeaders@1.0.1
#:package directive can be used in C# file-based apps starting in .NET 10 preview 4. Copy this into a .cs file before any lines of code to reference the package. 
#addin nuget:?package=FoxLearn.AspNet.SecurityHeaders&version=1.0.1
                    


                            Install as a Cake Addin
                        

                    

                
#tool nuget:?package=FoxLearn.AspNet.SecurityHeaders&version=1.0.1
                    


                            Install as a Cake Tool

๐Ÿ”ท FoxLearn.AspNet.SecurityHeaders

FoxLearn.AspNet.SecurityHeaders is a lightweight library for adding common security headers to ASP.NET applications. It simplifies the process of applying essential HTTP security headers like Content-Security-Policy, Strict-Transport-Security, X-Content-Type-Options, and others helping protect your applications from common web vulnerabilities.

โœ… Features

  • ๐Ÿ”’ Easy integration with ASP.NET MVC and WebForms
  • โš™๏ธ Predefined defaults for recommended security headers
  • ๐Ÿ› ๏ธ Fully customizable header values
  • ๐Ÿ’ก Supports .NET Framework 4.5 and later

๐Ÿ“ฅ Installation

Install via the .NET CLI:

dotnet add package FoxLearn.AspNet.SecurityHeaders

Or via the NuGet UI in Visual Studio by searching for FoxLearn.AspNet.SecurityHeaders, then click Install.

๐Ÿงช Usage

To enable and configure security headers in your MVC application: Update FilterConfig.cs:

using System.Web.Mvc;
using FoxLearn.AspNet.SecurityHeaders;

public class FilterConfig
{
    public static void RegisterGlobalFilters(GlobalFilterCollection filters)
    {
        filters.Add(new HandleErrorAttribute());

        // Apply default headers
        SecurityHeadersConfig.RegisterGlobalSecurityHeaders(filters);
    }
}

To fully control the headers returned, create a HeaderPolicyCollection and define your own set of headers including any custom headers you may need:

using System.Web.Mvc;
using FoxLearn.AspNet.SecurityHeaders;

public class FilterConfig
{
    public static void RegisterGlobalFilters(GlobalFilterCollection filters)
    {
        filters.Add(new HandleErrorAttribute());

        var policy = new HeaderPolicyCollection()
            .AddFrameOptionsDeny()
            .AddContentTypeOptionsNoSniff()
            .AddCustomHeader("X-Default-Header", "DefaultValue")
            .AddPolicy("CustomPolicy", p =>
            {
                p.AddCustomHeader("X-Custom", "MyValue"); // Apply custom headers
            });

        SecurityHeadersConfig.RegisterGlobalSecurityHeaders(filters, policy);
    }
}

๐Ÿ“˜ Apply a Policy to a Controller Action

public class HomeController : Controller
{
    private readonly ILogger<HomeController> _logger;

    public HomeController(ILogger<HomeController> logger)
    {
        _logger = logger;
    }

    [SecurityHeadersPolicy("CustomPolicy")]
    public IActionResult Index()
    {
        return View();
    }
}

To enable headers in a WebForms project, update your Global.asax.cs:

using System.Web;
using FoxLearn.AspNet.SecurityHeaders;

public class Global : HttpApplication
{
    public override void Init()
    {
        SecurityHeadersConfig.Register(this);
        base.Init();
    }
}

You can also create a HeaderPolicyCollection and define your own set of headers.

using System.Web;
using FoxLearn.AspNet.SecurityHeaders;

public class Global : HttpApplication
{
    public override void Init()
    {
        var policy = new HeaderPolicyCollection()
            .AddFrameOptionsDeny()
            .AddContentTypeOptionsNoSniff()

        SecurityHeadersConfig.Register(this, policy);

        base.Init();
    }
}

๐Ÿ”’ License

This project is licensed under the MIT License. Free for personal and commercial use.

Product Compatible and additional computed target framework versions.
.NET Framework net45 is compatible.  net451 was computed.  net452 was computed.  net46 was computed.  net461 was computed.  net462 was computed.  net463 was computed.  net47 was computed.  net471 was computed.  net472 was computed.  net48 was computed.  net481 was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last Updated
1.0.1 144 6/14/2025
1.0.0 85 6/7/2025